chahine/rebreak-monorepo
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
rebreak-monorepo/backend/start-staging.sh
chahinebrini cfb0888451 fix(backend/staging): add NITRO_-prefix aliases for Stripe secrets 
Bug: /api/stripe/checkout returned "STRIPE_SECRET_KEY fehlt" obwohl Var in
Infisical gesetzt war. Root: Nitro's useRuntimeConfig liest process.env zur
BUILD-Zeit — Stripe-Keys waren beim letzten Build nicht da. Runtime-Override
geht nur via NITRO_-Prefix env-var.

start-staging.sh re-exporten Stripe-Keys mit NITRO_-Prefix damit nitro's
useRuntimeConfig sie zur Laufzeit picked up:
  STRIPE_SECRET_KEY        → NITRO_STRIPE_SECRET_KEY
  STRIPE_WEBHOOK_SECRET    → NITRO_STRIPE_WEBHOOK_SECRET
  STRIPE_PUBLISHABLE_KEY   → NITRO_PUBLIC_STRIPE_PUBLISHABLE_KEY

(Pattern aus bestehender Liste — SUPABASE, DEEPGRAM, CARTESIA etc. nutzen
die gleiche Convention.)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-17 21:43:02 +02:00

76 lines
4.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# rebreak-backend Staging — startet Nitro mit Infisical-Secrets.
#
# Pattern: infisical login → infisical run --env=staging spritzt secrets als
# process.env.X. Innerhalb des wrappers mappen wir Infisical's Namen auf die
# Namen die unser Code erwartet (SUPABASE_KEY → SUPABASE_ANON_KEY, NUXT_X → X)
# UND auf NITRO_-Prefix-Names damit Nitro's runtimeConfig zur Laufzeit overrides.
set -euo pipefail
source /etc/environment
if [[ -z "${INFISICAL_CLIENT_ID:-}" || -z "${INFISICAL_CLIENT_SECRET:-}" ]]; then
echo "[start-staging] FEHLER: INFISICAL_CLIENT_ID / SECRET nicht gesetzt" >&2
exit 1
fi
INFISICAL_TOKEN=$(infisical login \
--method=universal-auth \
--client-id="${INFISICAL_CLIENT_ID}" \
--client-secret="${INFISICAL_CLIENT_SECRET}" \
--silent --plain 2>/dev/null)
[[ -z "$INFISICAL_TOKEN" ]] && { echo "[start-staging] Infisical login fehlgeschlagen" >&2; exit 1; }
export NODE_ENV=production
export NITRO_PORT=3016
export NITRO_HOST=127.0.0.1
export PORT=3016
NODE_BIN="/root/.nvm/versions/node/v24.11.1/bin/node"
INDEX_MJS="/srv/rebreak/backend/.output-staging/server/index.mjs"
[[ ! -f "$INDEX_MJS" ]] && { echo "[start-staging] FEHLER: $INDEX_MJS fehlt — deploy.sh laufen lassen" >&2; exit 1; }
exec infisical run \
--projectId="${INFISICAL_PROJECT_ID:-14b11b35-ef59-4b8a-a16b-398f0cc3ad93}" \
--env=staging \
--token="$INFISICAL_TOKEN" \
-- bash -c '
set -e
# ─── Infisical-Name-Aliasing → Standard-Namen ──────────────────────
export SUPABASE_ANON_KEY="${SUPABASE_KEY:-${SUPABASE_ANON_KEY:-}}"
export SUPABASE_SERVICE_ROLE_KEY="${SUPABASE_SERVICE_KEY:-${SUPABASE_SERVICE_ROLE_KEY:-}}"
export OPENROUTER_API_KEY="${OPENROUTER_API_KEY:-${NUXT_OPENROUTER_API_KEY:-}}"
export GROQ_API_KEY="${GROQ_API_KEY:-${NUXT_GROQ_API_KEY:-}}"
export GOOGLE_API_KEY="${GOOGLE_API_KEY:-${NUXT_GOOGLE_API_KEY:-}}"
export DEEPGRAM_API_KEY="${DEEPGRAM_API_KEY:-${NUXT_DEEPGRAM_API_KEY:-}}"
export DATABASE_URL="${DATABASE_URL:-${NUXT_DATABASE_URL:-}}"
export LYRA_BOT_USER_ID="${LYRA_BOT_USER_ID:-${NUXT_LYRA_BOT_USER_ID:-}}"
export REBREAK_BOT_USER_ID="${REBREAK_BOT_USER_ID:-${NUXT_REBREAK_BOT_USER_ID:-}}"
# ─── NITRO_-Prefix für Runtime-Override des runtimeConfig ──────────
[[ -n "${SUPABASE_URL:-}" ]] && export NITRO_SUPABASE_URL="$SUPABASE_URL" && export NITRO_PUBLIC_SUPABASE_URL="$SUPABASE_URL"
[[ -n "${SUPABASE_ANON_KEY:-}" ]] && export NITRO_SUPABASE_ANON_KEY="$SUPABASE_ANON_KEY" && export NITRO_PUBLIC_SUPABASE_KEY="$SUPABASE_ANON_KEY"
[[ -n "${SUPABASE_SERVICE_ROLE_KEY:-}" ]] && export NITRO_SUPABASE_SERVICE_KEY="$SUPABASE_SERVICE_ROLE_KEY"
[[ -n "${DATABASE_URL:-}" ]] && export NITRO_DATABASE_URL="$DATABASE_URL"
[[ -n "${OPENROUTER_API_KEY:-}" ]] && export NITRO_OPENROUTER_API_KEY="$OPENROUTER_API_KEY"
[[ -n "${OPENAI_API_KEY:-}" ]] && export NITRO_OPENAI_API_KEY="$OPENAI_API_KEY"
[[ -n "${GROQ_API_KEY:-}" ]] && export NITRO_GROQ_API_KEY="$GROQ_API_KEY"
[[ -n "${GOOGLE_AI_API_KEY:-}" ]] && export NITRO_GOOGLE_AI_API_KEY="$GOOGLE_AI_API_KEY"
[[ -n "${GOOGLE_API_KEY:-}" ]] && export NITRO_GOOGLE_API_KEY="$GOOGLE_API_KEY"
[[ -n "${DEEPGRAM_API_KEY:-}" ]] && export NITRO_DEEPGRAM_API_KEY="$DEEPGRAM_API_KEY"
[[ -n "${CARTESIA_API_KEY:-}" ]] && export NITRO_CARTESIA_API_KEY="$CARTESIA_API_KEY"
[[ -n "${ELEVENLABS_API_KEY:-}" ]] && export NITRO_ELEVENLABS_API_KEY="$ELEVENLABS_API_KEY"
[[ -n "${JWT_SECRET:-}" ]] && export NITRO_JWT_SECRET="$JWT_SECRET"
[[ -n "${ENCRYPTION_KEY:-}" ]] && export NITRO_ENCRYPTION_KEY="$ENCRYPTION_KEY"
[[ -n "${ADMIN_SECRET:-}" ]] && export NITRO_ADMIN_SECRET="$ADMIN_SECRET"
[[ -n "${LYRA_BOT_USER_ID:-}" ]] && export NITRO_LYRA_BOT_USER_ID="$LYRA_BOT_USER_ID"
[[ -n "${REBREAK_BOT_USER_ID:-}" ]] && export NITRO_REBREAK_BOT_USER_ID="$REBREAK_BOT_USER_ID"
[[ -n "${STRIPE_SECRET_KEY:-}" ]] && export NITRO_STRIPE_SECRET_KEY="$STRIPE_SECRET_KEY"
[[ -n "${STRIPE_WEBHOOK_SECRET:-}" ]] && export NITRO_STRIPE_WEBHOOK_SECRET="$STRIPE_WEBHOOK_SECRET"
[[ -n "${STRIPE_PUBLISHABLE_KEY:-}" ]] && export NITRO_PUBLIC_STRIPE_PUBLISHABLE_KEY="$STRIPE_PUBLISHABLE_KEY"
exec '"$NODE_BIN"' '"$INDEX_MJS"'
'
Reference in New Issue View Git Blame Copy Permalink