mirror of
https://github.com/blackboxprogramming/BlackRoad-Operating-System.git
synced 2026-03-17 06:57:17 -05:00
9a728f655a
CRITICAL CHANGES: - Add comprehensive deployment architecture documentation - Prevent misconfiguration where monorepo is deployed instead of satellites - Clarify monorepo-to-satellite sync model across all docs CHANGES: 1. railway.toml - Add critical warning banner at top of file - Mark config as local development/testing only - Explain correct deployment model (satellites, not monorepo) 2. DEPLOYMENT_ARCHITECTURE.md (NEW) - Complete 500+ line deployment guide - Monorepo vs satellite model explained in detail - Critical rules: NEVER add monorepo to Railway - Service-to-repository mapping - Environment configuration guide - Cloudflare DNS configuration - Common mistakes and troubleshooting 3. README.md - Add prominent deployment warning box - Clarify monorepo is source of truth, not deployable - List satellite repos that should be deployed - Reference DEPLOYMENT_ARCHITECTURE.md 4. CLAUDE.md - Add critical deployment model section - Clarify Railway deployment is satellite-only - Update deployment workflow explanation - Add key rules for deployment 5. backend/.env.example - Fix ALLOWED_ORIGINS to reference satellites - Remove monorepo Railway URL reference - Add correct satellite service URLs 6. ops/domains.yaml - Fix os.blackroad.systems DNS target - Point to blackroad-os-core-production (satellite) - Remove incorrect monorepo Railway URL 7. scripts/validate_deployment_config.py (NEW) - Automated validation script - Checks for monorepo references in configs - Validates railway.toml, env files, DNS configs - Ensures DEPLOYMENT_ARCHITECTURE.md exists - Exit code 0 = pass, 1 = fail WHY THIS MATTERS: - Adding monorepo to Railway creates circular deploy loops - Environment variables break (wrong service URLs) - Cloudflare routing fails - Service dependencies misconfigured - Prevents production outages from misconfiguration CORRECT MODEL: - Monorepo = source of truth (orchestration only) - Satellites = deployable services (Railway deployment) - Code flows: monorepo → sync → satellite → Railway See: DEPLOYMENT_ARCHITECTURE.md for complete details
91 lines
3.4 KiB
Plaintext
91 lines
3.4 KiB
Plaintext
# BlackRoad OS Backend - Railway Secrets Template
|
|
# Copy this file to .env for local development and keep the actual
|
|
# values in Railway's Variables dashboard. The GitHub workflow
|
|
# scripts/railway/validate_env_template.py ensures this template stays
|
|
# aligned with app/app.config.Settings.
|
|
|
|
# Application metadata
|
|
APP_NAME=BlackRoad Operating System
|
|
APP_VERSION=1.0.0
|
|
DEBUG=False
|
|
ENVIRONMENT=production
|
|
NODE_ENV=production
|
|
PYTHON_ENV=production
|
|
|
|
# Database connectivity
|
|
DATABASE_URL=postgresql://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
|
|
DATABASE_ASYNC_URL=postgresql+asyncpg://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
|
|
POSTGRES_URL=postgresql://YOUR_DB_USER:YOUR_DB_PASSWORD@YOUR_DB_HOST:5432/blackroad
|
|
REDIS_URL=redis://YOUR_REDIS_HOST:6379/0
|
|
|
|
# Security / auth
|
|
SECRET_KEY=changeme-super-secret-key
|
|
ALGORITHM=HS256
|
|
ACCESS_TOKEN_EXPIRE_MINUTES=30
|
|
REFRESH_TOKEN_EXPIRE_DAYS=7
|
|
WALLET_MASTER_KEY=changeme-wallet-master-key
|
|
ALLOWED_ORIGINS=https://blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://core.blackroad.systems,https://api.blackroad.systems,https://blackroad-os-core-production.up.railway.app,http://localhost:3000,http://localhost:8000
|
|
JWT_SECRET=changeme-jwt-secret
|
|
SESSION_SECRET=changeme-session-secret
|
|
NEXTAUTH_SECRET=changeme-nextauth-secret
|
|
|
|
# Object storage
|
|
AWS_ACCESS_KEY_ID=YOUR_AWS_ACCESS_KEY_ID
|
|
AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_ACCESS_KEY
|
|
AWS_REGION=us-east-1
|
|
S3_BUCKET_NAME=blackroad-files
|
|
|
|
# Email / SMTP
|
|
SMTP_HOST=smtp.gmail.com
|
|
SMTP_PORT=587
|
|
SMTP_USER=road@example.com
|
|
SMTP_PASSWORD=changeme-smtp-password
|
|
EMAIL_FROM=blackroad@example.com
|
|
|
|
# AI integrations
|
|
OPENAI_API_KEY=sk-your-openai-key
|
|
ANTHROPIC_API_KEY=anthropic-key-placeholder
|
|
|
|
# Blockchain tuning
|
|
BLOCKCHAIN_DIFFICULTY=4
|
|
MINING_REWARD=50.0
|
|
|
|
# Railway deployment + alerting
|
|
RAILWAY_TOKEN=railway-token-placeholder
|
|
RAILWAY_PROJECT_ID=00000000-0000-0000-0000-000000000000
|
|
RAILWAY_ENVIRONMENT_ID=00000000-0000-0000-0000-000000000000
|
|
RAILWAY_DOMAIN=your-service.up.railway.app
|
|
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/XXX/YYY/ZZZ
|
|
DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/XXX/YYY
|
|
|
|
# Cloudflare DNS and CDN
|
|
CLOUDFLARE_API_TOKEN=cloudflare-api-token-placeholder
|
|
CLOUDFLARE_ACCOUNT_ID=your-cloudflare-account-id
|
|
CLOUDFLARE_ZONE_ID=your-cloudflare-zone-id-for-blackroad-systems
|
|
CLOUDFLARE_EMAIL=your-cloudflare-email@example.com
|
|
|
|
# Optional cloud/API integrations
|
|
DIGITAL_OCEAN_API_KEY=your-digital-ocean-api-key
|
|
GITHUB_TOKEN=your-github-personal-access-token
|
|
GITHUB_WEBHOOK_SECRET=your-github-webhook-secret-for-pr-automation
|
|
HUGGINGFACE_TOKEN=your-huggingface-token
|
|
VERCEL_TOKEN=vercel-token-placeholder
|
|
VERCEL_TEAM_ID=your-vercel-team-id
|
|
STRIPE_SECRET_KEY=sk_test_your-stripe-secret-key
|
|
STRIPE_PUBLISHABLE_KEY=pk_test_your-stripe-publishable-key
|
|
TWILIO_ACCOUNT_SID=ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
|
|
TWILIO_AUTH_TOKEN=your-twilio-auth-token
|
|
TWILIO_PHONE_NUMBER=+10000000000
|
|
SLACK_BOT_TOKEN=xoxb-your-slack-bot-token
|
|
DISCORD_BOT_TOKEN=discord-bot-token-placeholder
|
|
SENTRY_DSN=https://example.ingest.sentry.io/project-id
|
|
SENTRY_AUTH_TOKEN=your-sentry-auth-token
|
|
SENTRY_ORG=your-sentry-org
|
|
ROADCHAIN_RPC_URL=https://chain.example-rpc.net
|
|
ROADCOIN_POOL_URL=pool.example.roadcoin:3333
|
|
ROADCOIN_WALLET_ADDRESS=your-roadcoin-wallet
|
|
MQTT_BROKER_URL=mqtt://broker.example.internal:1883
|
|
MQTT_USERNAME=blackroad
|
|
MQTT_PASSWORD=your-mqtt-password
|
|
DEVICE_HEARTBEAT_TIMEOUT_SECONDS=300
|