chore: add JWT secret env config, jjwt deps, and docker-compose prod fixes

2026-05-01 17:38:03 +02:00 · 2026-05-01 17:38:03 +02:00 · c6e2e509eb
commit c6e2e509eb
parent c03b5a1401
5 changed files with 30 additions and 8 deletions
--- a/.env.example
+++ b/.env.example
@ -1,16 +1,25 @@
 # BilHej Environment Variables
 # Copy this file to .env and fill in your keys.
+#
+#   cp .env.example .env
+#
+# Docker Compose reads .env from the project root automatically.

-# PostgreSQL
+# ---------- PostgreSQL ----------
 POSTGRES_DB=bilhej
 POSTGRES_USER=bilhej
 POSTGRES_PASSWORD=change_me

-# JWT
+# ---------- JWT ----------
+# Generate a secure random secret:
+#   openssl rand -hex 32
 JWT_SECRET=change_me_to_a_random_64_char_string

-# Stripe
+# ---------- Stripe (Phase 1) ----------
+# Test keys from Stripe Dashboard: https://dashboard.stripe.com/test/apikeys
 STRIPE_SECRET_KEY=sk_test_...
+# Webhook secret from stripe CLI: stripe listen --print-secret
 STRIPE_WEBHOOK_SECRET=whsec_...
+# Price ID from Stripe Dashboard: https://dashboard.stripe.com/test/products
 STRIPE_PRICE_ID=price_...

--- a/backend/build.gradle
+++ b/backend/build.gradle
@ -24,10 +24,13 @@ dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-validation'
 	implementation 'org.springframework.boot:spring-boot-starter-webmvc'
 	implementation 'org.flywaydb:flyway-database-postgresql'
+	implementation 'io.jsonwebtoken:jjwt-api:0.12.6'
 	developmentOnly 'org.springframework.boot:spring-boot-devtools'
 	compileOnly 'org.projectlombok:lombok'
 	runtimeOnly 'com.h2database:h2'
 	runtimeOnly 'org.postgresql:postgresql'
+	runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.12.6'
+	runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.6'
 	annotationProcessor 'org.projectlombok:lombok'
 	testImplementation 'org.springframework.boot:spring-boot-starter-data-jpa-test'
 	testImplementation 'org.springframework.boot:spring-boot-starter-flyway-test'
--- a/backend/src/main/resources/application-docker.yml
+++ b/backend/src/main/resources/application-docker.yml
@ -11,3 +11,7 @@ spring:

  jpa:
    database-platform: org.hibernate.dialect.PostgreSQLDialect
+
+app:
+  jwt:
+    secret: ${JWT_SECRET}
--- a/backend/src/main/resources/application.yml
+++ b/backend/src/main/resources/application.yml
@ -23,3 +23,7 @@ spring:
  flyway:
    enabled: true
    locations: classpath:db/migration
+
+app:
+  jwt:
+    secret: ${JWT_SECRET:dev-secret-change-in-production}
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@ -2,8 +2,6 @@ services:
  postgres:
    image: postgres:16
    container_name: bilhej-postgres-prod
-    ports:
-      - "5432:5432"
    environment:
      POSTGRES_DB: ${POSTGRES_DB}
      POSTGRES_USER: ${POSTGRES_USER}
@ -22,8 +20,6 @@ services:
      dockerfile: docker/backend.prod.Dockerfile
      context: .
    container_name: bilhej-backend-prod
-    ports:
-      - "8080:8080"
    environment:
      SPRING_PROFILES_ACTIVE: docker
      POSTGRES_DB: ${POSTGRES_DB}
@ -45,13 +41,19 @@ services:
    container_name: bilhej-frontend-prod
    ports:
      - "3000:80"
-      - "443:443"
    depends_on:
      - backend
    volumes:
      - certs:/etc/nginx/certs
+    networks:
+      - default
+      - web
    restart: unless-stopped

 volumes:
  pgdata-prod:
  certs:
+
+networks:
+  web:
+    external: true