fix(backend/config): Infisical env-var Namen alignen

Server's Infisical staging liefert die Secrets unter: - SUPABASE_KEY (nicht SUPABASE_ANON_KEY) - SUPABASE_SERVICE_KEY (nicht SUPABASE_SERVICE_ROLE_KEY) - NUXT_OPENROUTER_API_KEY (nur prefixed) - NUXT_GROQ_API_KEY (nur prefixed) - NUXT_DATABASE_URL (auch prefixed) Cutover-Fix: nitro.config.ts liest beide Varianten (mit Fallback-Chain). Auth-middleware crashed sonst mit 'supabaseKey is required'.
2026-05-07 03:28:14 +02:00 · 2026-05-07 03:28:14 +02:00 · d308ea2875
commit d308ea2875
parent d1b71e76b2
1 changed files with 12 additions and 9 deletions
--- a/backend/nitro.config.ts
+++ b/backend/nitro.config.ts
@ -17,7 +17,7 @@ export default defineNitroConfig({

  runtimeConfig: {
    // ─── Database / Core ─────────────────────────────────────────────────
-    databaseUrl: process.env.DATABASE_URL ?? "",
+    databaseUrl: process.env.DATABASE_URL ?? process.env.NUXT_DATABASE_URL ?? "",
    encryptionKey: process.env.ENCRYPTION_KEY ?? "",

    // ─── Admin / Cron ────────────────────────────────────────────────────
@ -25,14 +25,15 @@ export default defineNitroConfig({
    cronSecret: process.env.CRON_SECRET ?? "",

    // ─── LLM-Provider ────────────────────────────────────────────────────
-    openrouterApiKey: process.env.OPENROUTER_API_KEY ?? "",
-    openaiApiKey: process.env.OPENAI_API_KEY ?? "",
-    groqApiKey: process.env.GROQ_API_KEY ?? "",
+    // Infisical staging hat NUXT_*-prefix für openrouter+groq, andere ohne.
+    openrouterApiKey: process.env.OPENROUTER_API_KEY ?? process.env.NUXT_OPENROUTER_API_KEY ?? "",
+    openaiApiKey: process.env.OPENAI_API_KEY ?? process.env.NUXT_OPENAI_API_KEY ?? "",
+    groqApiKey: process.env.GROQ_API_KEY ?? process.env.NUXT_GROQ_API_KEY ?? "",
    googleAiApiKey: process.env.GOOGLE_AI_API_KEY ?? "",

    // ─── TTS-Provider ────────────────────────────────────────────────────
-    googleApiKey: process.env.GOOGLE_API_KEY ?? "",
-    deepgramApiKey: process.env.DEEPGRAM_API_KEY ?? "",
+    googleApiKey: process.env.GOOGLE_API_KEY ?? process.env.NUXT_GOOGLE_API_KEY ?? "",
+    deepgramApiKey: process.env.DEEPGRAM_API_KEY ?? process.env.NUXT_DEEPGRAM_API_KEY ?? "",
    azureTtsKey: process.env.AZURE_TTS_KEY ?? "",
    azureTtsRegion: process.env.AZURE_TTS_REGION ?? "",
    // NEU im backend/-Layout (existieren in nuxt.config.ts NICHT, aber backend code liest sie)
@ -46,9 +47,11 @@ export default defineNitroConfig({
    // explizit deklarieren, damit auth/middleware nicht 500't.
    // server/utils/auth.ts:32 liest `config.public.supabase ?? config.supabase`,
    // also beide Pfade müssen existieren.
+    // Infisical staging-Namen: SUPABASE_KEY (nicht ANON_KEY), SUPABASE_SERVICE_KEY
+    // (nicht SERVICE_ROLE_KEY). NIE umbenennen ohne Infisical-secret-rotation.
    supabaseUrl: process.env.SUPABASE_URL ?? "https://db-staging.rebreak.org",
-    supabaseAnonKey: process.env.SUPABASE_ANON_KEY ?? "",
-    supabaseServiceKey: process.env.SUPABASE_SERVICE_ROLE_KEY ?? "",
+    supabaseAnonKey: process.env.SUPABASE_KEY ?? process.env.SUPABASE_ANON_KEY ?? "",
+    supabaseServiceKey: process.env.SUPABASE_SERVICE_KEY ?? process.env.SUPABASE_SERVICE_ROLE_KEY ?? "",

    // ─── Stripe ──────────────────────────────────────────────────────────
    stripeSecretKey: process.env.STRIPE_SECRET_KEY ?? "",
@ -73,7 +76,7 @@ export default defineNitroConfig({
        url:
          process.env.SUPABASE_URL ??
          "https://db-staging.rebreak.org",
-        key: process.env.SUPABASE_ANON_KEY ?? "",
+        key: process.env.SUPABASE_KEY ?? process.env.SUPABASE_ANON_KEY ?? "",
      },
    },
  },