feat(storage): MinIO object storage, Neon Auth, Supabase removal
Deploy to route.crispygoat.com / deploy (push) Failing after 7s
Deploy to route.crispygoat.com / deploy (push) Failing after 7s
- Add MinIO/S3-compatible storage client (src/lib/storage.ts) with uploadObject, deleteObject, presigned URL helpers, and BUCKETS constant - Wire product images, brand logos, and water log photos to MinIO via the new storage client - Migrate forgot-password to Neon Auth (remove Supabase /auth/v1/recover call) - Migrate send-scheduled cron to direct Postgres + Resend (remove Supabase Edge Function proxy) - Add logoUrl to email types (OrderReceipt, Welcome, PasswordReset) and pass brand_settings.logo_url from all call sites - Update email templates to use dynamic logoUrl instead of hardcoded Supabase bucket URLs - Remove hardcoded Supabase URLs from TuxedoVideoHero, TuxedoAboutPage, TimeTrackingFieldClient; use brand_settings props + local public/ fallback - Download brand logos (3) and tuxedo-hero.mp4 (36MB) from Supabase bucket to public/ for local development - Add MinIO env vars to .env.example (endpoint, access key, secret, buckets) - Fix TimeTrackingFieldClient to destructure logoUrl and brandAccent props - Fix admin/users.ts logoUrl type (null → undefined for optional string) - Remove stale sb- cookie from wholesale-auth - Migrate tuxedo/about page to remove supabase import and use pool query for wholesale_settings lookup
This commit is contained in:
+24
-43
@@ -9,51 +9,18 @@
|
||||
NEXT_PUBLIC_BASE_URL=http://localhost:4000
|
||||
NEXT_PUBLIC_SITE_URL=http://localhost:4000
|
||||
|
||||
# ── Database (Postgres, direct — Supabase is being removed) ────────────────
|
||||
# Single connection string used by `pg.Pool` in src/lib/auth.ts and the
|
||||
# ── Database (Neon Postgres, direct pg driver) ─────────────────────────────
|
||||
# Single connection string used by the pg Pool in src/lib/auth.ts and the
|
||||
# admin-permissions / data-service layer. Format:
|
||||
# postgresql://USER:PASS@HOST:PORT/DBNAME?sslmode=require
|
||||
DATABASE_URL=postgresql://postgres:postgres@localhost:5432/route_commerce
|
||||
|
||||
# ── Auth.js (NextAuth v5) ───────────────────────────────────────────────────
|
||||
# Generate with: npx auth secret
|
||||
# Or: openssl rand -base64 32
|
||||
AUTH_SECRET=replace-me-with-a-32-byte-base64-string
|
||||
|
||||
# Base URL used to build OAuth callback URLs. In dev:
|
||||
AUTH_URL=http://localhost:4000
|
||||
# In production, set to https://yourdomain.com
|
||||
|
||||
# Google OAuth provider.
|
||||
# 1. Go to https://console.cloud.google.com/apis/credentials
|
||||
# 2. Create an OAuth 2.0 Client ID (type: Web application)
|
||||
# 3. Add Authorized redirect URI: http://localhost:3000/api/auth/callback/google
|
||||
# 4. Copy client id + client secret below
|
||||
GOOGLE_CLIENT_ID=
|
||||
GOOGLE_CLIENT_SECRET=
|
||||
|
||||
# Auth.js also reads AUTH_GOOGLE_ID / AUTH_GOOGLE_SECRET if you prefer the
|
||||
# default NextAuth variable names. The code in src/auth.config.ts falls
|
||||
# back to those names if GOOGLE_CLIENT_ID is unset.
|
||||
|
||||
# Set to "false" to disable the in-app dev credentials provider even in
|
||||
# development. Default: enabled in dev only.
|
||||
ALLOW_DEV_LOGIN=true
|
||||
|
||||
# Comma-separated list of email addresses allowed to sign in via Google
|
||||
# OAuth. If unset (or empty), any Google account can sign in and gets a
|
||||
# `platform_admin` row auto-created — fine for demo/dev. Set this in
|
||||
# production to lock sign-in down to a known set of admins.
|
||||
# Example: ADMIN_ALLOWED_EMAILS=tyler@example.com,sarah@example.com
|
||||
ADMIN_ALLOWED_EMAILS=
|
||||
|
||||
# ── Supabase (legacy, being removed) ────────────────────────────────────────
|
||||
# Still used by the existing admin pages, server actions, and the
|
||||
# `getAdminUser` flow. Once the auth migration is complete and the
|
||||
# @supabase/* packages are removed, these can go away.
|
||||
NEXT_PUBLIC_SUPABASE_URL=
|
||||
NEXT_PUBLIC_SUPABASE_ANON_KEY=
|
||||
SUPABASE_SERVICE_ROLE_KEY=
|
||||
# ── Neon Auth (Better Auth) ───────────────────────────────────────────────
|
||||
# Get these from: neonctl neon-auth status
|
||||
# Base URL: "Auth Base URL" field
|
||||
# Cookie secret: openssl rand -base64 32 (min 32 chars)
|
||||
NEON_AUTH_BASE_URL=https://your-branch.neonauth.region.aws.neon.tech/neondb/auth
|
||||
NEON_AUTH_COOKIE_SECRET=replace-me-with-a-32-char-secret
|
||||
|
||||
# ── Stripe ─────────────────────────────────────────────────────────────────
|
||||
STRIPE_SECRET_KEY=
|
||||
@@ -73,7 +40,7 @@ STRIPE_PRICE_SMS_CAMPAIGNS=
|
||||
RESEND_API_KEY=
|
||||
RESEND_WEBHOOK_SECRET=
|
||||
|
||||
# ── AI providers ────────────────────────────────────────────────────────────
|
||||
# ── AI providers ──────────────────────────────────────────────────────────
|
||||
OPENAI_API_KEY=
|
||||
ANTHROPIC_API_KEY=
|
||||
GOOGLE_API_KEY=
|
||||
@@ -81,9 +48,23 @@ XAI_API_KEY=
|
||||
MINIMAX_API_KEY=
|
||||
MINIMAX_BASE_URL=https://api.minimax.io/v1
|
||||
|
||||
# ── Square (optional) ───────────────────────────────────────────────────────
|
||||
# ── Square (optional) ─────────────────────────────────────────────────────
|
||||
SQUARE_APP_SECRET=
|
||||
SQUARE_ENVIRONMENT=sandbox
|
||||
|
||||
# ── MinIO / S3-compatible object storage ─────────────────────────────────────
|
||||
# Endpoint: host:port only (no https://). Use MINIO_PUBLIC_URL for the public base.
|
||||
MINIO_ENDPOINT=s3.crispygoat.com
|
||||
MINIO_REGION=us-east-1
|
||||
MINIO_USE_SSL=true
|
||||
MINIO_ACCESS_KEY=routecommerce
|
||||
MINIO_SECRET_KEY=miniochangeme123
|
||||
# Override public URL if different from endpoint (e.g. Cloudflare CDN in front)
|
||||
MINIO_PUBLIC_URL=https://s3.crispygoat.com
|
||||
# Bucket names — create these in MinIO first (mc mb myminio/route-products, etc.)
|
||||
MINIO_BUCKET_PRODUCTS=route-products
|
||||
MINIO_BUCKET_BRAND_LOGOS=route-brand-logos
|
||||
MINIO_BUCKET_WATER_LOGS=route-water-logs
|
||||
|
||||
# ── Cron / automation ───────────────────────────────────────────────────────
|
||||
CRON_SECRET=replace-me-with-a-random-string
|
||||
|
||||
Reference in New Issue
Block a user