Files
Vasyka 439ef605a1 feat: production email (Resend) + offsite backup (B2)
Resend mail transport:
- composer require resend/resend-laravel (v1.4)
- Laravel 11 ships the 'resend' mailer config in config/mail.php + services
- To switch to production email: set MAIL_MAILER=resend + RESEND_API_KEY,
  register the domain at resend.com/domains, and add the TXT + DKIM CNAME
  records in Cloudflare. .env.example documents the required steps.

Backblaze B2 offsite backup:
- New filesystems 'b2' disk (S3-compatible, env: B2_KEY/SECRET/BUCKET/REGION/ENDPOINT)
- BackupAllTenantsCommand: after writing each tenant's zip to local disk, it
  uploads the same file to the b2 disk under {YYYY-MM-DD}/{slug}.zip — only
  when both B2_KEY and B2_BUCKET are set, so unconfigured installs are no-op
- Without offsite, backups live on the same VPS as production: a single
  hardware failure loses everything. B2 + Resend together make the install
  genuinely production-ready (people get email + offsite backup).

Tests (2 new):
- backup uploads to b2 (fake disk) when configured
- backup skips offsite when env vars not present

Full suite: 140 passed. Force-rebuild deploy required so composer install
picks up resend/resend-php.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-06-03 06:43:39 +00:00

99 lines
2.3 KiB
Bash

APP_NAME=AutoCRM
APP_ENV=production
APP_KEY=
APP_DEBUG=false
APP_TIMEZONE=Europe/Chisinau
APP_URL=https://service.mir.md
# Multi-tenant
CENTRAL_DOMAIN=service.mir.md
APP_LOCALE=ro
APP_FALLBACK_LOCALE=en
APP_FAKER_LOCALE=ro_RO
APP_MAINTENANCE_DRIVER=file
LOG_CHANNEL=stack
LOG_STACK=daily
LOG_LEVEL=info
LOG_DEPRECATIONS_CHANNEL=null
# DB — completate la deploy din Coolify
DB_CONNECTION=mariadb
DB_HOST=g5au90p05p2grua61up8cz8v
DB_PORT=3306
DB_DATABASE=default
DB_USERNAME=mariadb
DB_PASSWORD=
# Sesiuni / Cache / Queue → Redis
SESSION_DRIVER=redis
SESSION_LIFETIME=120
SESSION_DOMAIN=null
SESSION_SECURE_COOKIE=true
SESSION_SAME_SITE=lax
CACHE_STORE=redis
CACHE_PREFIX=autocrm
QUEUE_CONNECTION=redis
REDIS_CLIENT=phpredis
REDIS_HOST=z3jdc302kml28j8gjgq8sb74
REDIS_PORT=6379
REDIS_PASSWORD=
REDIS_DB=0
# Broadcasting (Reverb — adăugăm la nevoie)
BROADCAST_CONNECTION=log
# Mail — Mailpit intern (dev) sau Resend (prod)
# Dev: lasă smtp + Mailpit. Prod: setează MAIL_MAILER=resend + RESEND_API_KEY,
# înregistrează domeniul în https://resend.com/domains și adaugă DNS-urile
# (TXT + DKIM CNAME-uri) în Cloudflare. Verifică în dashboard înainte de trafic.
MAIL_MAILER=smtp
MAIL_HOST=autocrm-mailpit
MAIL_PORT=1025
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS="noreply@service.mir.md"
MAIL_FROM_NAME="${APP_NAME}"
# Resend API — necesar dacă MAIL_MAILER=resend
RESEND_API_KEY=
# Web Push (VAPID) — generate with: php artisan push:vapid
VAPID_SUBJECT=mailto:admin@service.mir.md
VAPID_PUBLIC_KEY=
VAPID_PRIVATE_KEY=
# Internal health monitor → Telegram alerts every 10 min on DB/cache/storage/backup failure.
# Create a separate bot at @BotFather and a private group; put the bot in it
# and use the group's chat_id (negative number).
HEALTH_ALERT_BOT_TOKEN=
HEALTH_ALERT_CHAT_ID=
# Backblaze B2 (S3-compatible) — offsite backup target for backup:tenants.
# Creează un bucket privat + Application Key cu acces la el. Fără aceste env
# vars, backup-urile rămân doar pe VPS (single point of failure).
B2_KEY=
B2_SECRET=
B2_BUCKET=
B2_REGION=us-west-002
B2_ENDPOINT=https://s3.us-west-002.backblazeb2.com
# Storage — local pentru MVP, S3-compatible mai târziu
FILESYSTEM_DISK=local
# Octane
OCTANE_SERVER=frankenphp
# Misc
BCRYPT_ROUNDS=12
VITE_APP_NAME="${APP_NAME}"
# Boot
RUN_MIGRATIONS=true