admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6ebacbc9bfafe66a5d7dd3e45f87eb4af421f7e9
goodgo-platform/.env.example
Ho Ngoc Hai 05abbc5250 feat(infra): add PgBouncer connection pooling for production PostgreSQL 
Introduces PgBouncer as a connection pooler between the API service and
PostgreSQL in docker-compose.prod.yml, reducing connection overhead and
improving concurrency under production load.

- Add PgBouncer service (edoburu/pgbouncer:1.23.1-p2) with transaction
  pool mode, max_client_conn=200, default_pool_size=20
- Route API DATABASE_URL through PgBouncer (port 6432), keep direct
  connection (DATABASE_URL_DIRECT) for Prisma migrations/introspection
- Create infra/pgbouncer/ config: pgbouncer.ini, userlist template,
  and entrypoint script with runtime env-var substitution
- Update prisma.config.ts to prefer DATABASE_URL_DIRECT for migrations
- Add K6 load test (e2e/load/pgbouncer-pool-test.js) with ramp-up to
  200 VUs, pool exhaustion detection, and p95 < 2s threshold
- Add PgBouncer env vars to .env.example

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-04-10 20:15:21 +07:00

167 lines
6.1 KiB
Plaintext
Raw Blame History

# =============================================================================
# GoodGo Platform — Environment Variables
# Copy this file to .env and update values for your local environment
# =============================================================================
# -----------------------------------------------------------------------------
# PostgreSQL + PostGIS
# -----------------------------------------------------------------------------
DB_HOST=localhost
DB_PORT=5432
DB_NAME=goodgo
DB_USER=goodgo
DB_PASSWORD=CHANGE_ME
DATABASE_URL=postgresql://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=public
# Direct connection (bypasses PgBouncer — used for migrations/introspection)
DATABASE_URL_DIRECT=postgresql://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?schema=public
# -----------------------------------------------------------------------------
# PgBouncer (Connection Pooling — production only)
# -----------------------------------------------------------------------------
PGBOUNCER_POOL_SIZE=20
PGBOUNCER_MAX_CLIENT_CONN=200
PGBOUNCER_ADMIN_PASSWORD=CHANGE_ME
PGBOUNCER_STATS_PASSWORD=CHANGE_ME
# -----------------------------------------------------------------------------
# Redis
# -----------------------------------------------------------------------------
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=
REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT}
# -----------------------------------------------------------------------------
# Typesense
# -----------------------------------------------------------------------------
TYPESENSE_HOST=localhost
TYPESENSE_PORT=8108
TYPESENSE_PROTOCOL=http
TYPESENSE_API_KEY=CHANGE_ME
# -----------------------------------------------------------------------------
# MinIO (S3-compatible Object Storage)
# -----------------------------------------------------------------------------
MINIO_ENDPOINT=localhost
MINIO_PORT=9000
MINIO_CONSOLE_PORT=9001
MINIO_ACCESS_KEY=CHANGE_ME
MINIO_SECRET_KEY=CHANGE_ME
MINIO_BUCKET=goodgo-media
MINIO_USE_SSL=false
# -----------------------------------------------------------------------------
# NestJS API
# -----------------------------------------------------------------------------
API_PORT=3000
PORT=3001
NODE_ENV=development
# -----------------------------------------------------------------------------
# CORS — comma-separated allowed origins (REQUIRED in production)
# -----------------------------------------------------------------------------
CORS_ORIGINS=http://localhost:3000,http://localhost:3001
# -----------------------------------------------------------------------------
# JWT / Auth (REQUIRED — app will not start without these)
#
# SECURITY: Generate strong, random secrets (min 32 characters).
# openssl rand -base64 48
#
# Do NOT use placeholder values like "CHANGE_ME" — the app will reject them.
# Each secret must be unique and kept out of version control.
# -----------------------------------------------------------------------------
JWT_SECRET=<generate with: openssl rand -base64 48>
JWT_EXPIRES_IN=15m
JWT_REFRESH_SECRET=<generate with: openssl rand -base64 48>
JWT_REFRESH_EXPIRES_IN=7d
# -----------------------------------------------------------------------------
# OAuth Providers
# -----------------------------------------------------------------------------
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
GOOGLE_CALLBACK_URL=http://localhost:3001/auth/google/callback
ZALO_APP_ID=
ZALO_APP_SECRET=
ZALO_CALLBACK_URL=http://localhost:3001/auth/zalo/callback
FRONTEND_URL=http://localhost:3000
# -----------------------------------------------------------------------------
# Next.js Web
# -----------------------------------------------------------------------------
NEXT_PUBLIC_API_URL=http://localhost:3000
WEB_PORT=3001
# -----------------------------------------------------------------------------
# AI Service (Python/FastAPI)
# -----------------------------------------------------------------------------
AI_SERVICE_PORT=8000
AI_SERVICE_URL=http://localhost:8000
CLAUDE_API_KEY=
# -----------------------------------------------------------------------------
# Mapbox
# -----------------------------------------------------------------------------
NEXT_PUBLIC_MAPBOX_TOKEN=
# -----------------------------------------------------------------------------
# Payment Gateways (VNPay, MoMo, ZaloPay)
# Leave empty if not using payment features
# -----------------------------------------------------------------------------
VNPAY_TMN_CODE=
VNPAY_HASH_SECRET=
VNPAY_BASE_URL=https://sandbox.vnpayment.vn/paymentv2/vpcpay.html
VNPAY_API_URL=https://sandbox.vnpayment.vn/merchant_webapi/api/transaction
MOMO_PARTNER_CODE=
MOMO_ACCESS_KEY=
MOMO_SECRET_KEY=
MOMO_ENDPOINT=https://test-payment.momo.vn/v2/gateway/api
ZALOPAY_APP_ID=
ZALOPAY_KEY1=
ZALOPAY_KEY2=
ZALOPAY_ENDPOINT=https://sb-openapi.zalopay.vn/v2
# -----------------------------------------------------------------------------
# Email / SMTP
# -----------------------------------------------------------------------------
SMTP_HOST=localhost
SMTP_PORT=1025
SMTP_USER=
SMTP_PASS=
SMTP_FROM=noreply@goodgo.vn
# -----------------------------------------------------------------------------
# Firebase Cloud Messaging (optional)
# -----------------------------------------------------------------------------
FIREBASE_SERVICE_ACCOUNT=
# -----------------------------------------------------------------------------
# Sentry Error Tracking
# -----------------------------------------------------------------------------
SENTRY_DSN=
NEXT_PUBLIC_SENTRY_DSN=
SENTRY_AUTH_TOKEN=
SENTRY_ORG=
SENTRY_PROJECT=
# -----------------------------------------------------------------------------
# KYC Field Encryption (REQUIRED in production)
#
# AES-256-GCM key for encrypting sensitive KYC data at rest.
# Must be exactly 64 hex characters (32 bytes).
# openssl rand -hex 32
# -----------------------------------------------------------------------------
KYC_ENCRYPTION_KEY=<generate with: openssl rand -hex 32>
KYC_ENCRYPTION_KEY_VERSION=1
# -----------------------------------------------------------------------------
# Logging
# -----------------------------------------------------------------------------
LOG_LEVEL=info
Reference in New Issue View Git Blame Copy Permalink