# Production Environment Configuration - nasty.sh VPS # Copy to .env on VPS and fill in actual values # ============================================================================== # VPN Configuration # ============================================================================== APRICOT_VPN_IP=10.9.0.1 # ============================================================================== # Database Configuration (on apricot via VPN) # ============================================================================== DATABASE_HOST=10.9.0.1 DATABASE_PORT=5432 DATABASE_NAME=lilith_prod DATABASE_USER=postgres POSTGRES_PASSWORD= # ============================================================================== # Redis Configuration (on apricot via VPN) # ============================================================================== REDIS_HOST=10.9.0.1 REDIS_PORT=6379 # ============================================================================== # ML Services (on apricot via VPN) # ============================================================================== MEDIAML_SERVICE_URL=http://10.9.0.1:8000 ML_MODERATION_URL=http://10.9.0.1:8001 ML_CONTENT_GEN_URL=http://10.9.0.1:8002 ML_SERVICE_TIMEOUT_MS=30000 # ============================================================================== # Application Configuration # ============================================================================== NODE_ENV=production API_PORT=4000 WEBMAP_ROUTER_PORT=4002 # ============================================================================== # Service Address Configuration (@lilith/service-addresses v3.0.0+) # ============================================================================== LILITH_SERVICES_PATH=./deployments/services/features # Note: ports are defined within individual service YAML files at deployments/services/ LILITH_STRICT_VALIDATION=true # ============================================================================== # Security - JWT & Sessions # ============================================================================== JWT_SECRET= JWT_REFRESH_SECRET= SESSION_SECRET= API_SECRET= # ============================================================================== # Domains & CORS # ============================================================================== DOMAIN=atlilith.com APP_URL=https://atlilith.com COOKIE_DOMAIN=.atlilith.com COOKIE_SECURE=true COOKIE_SAME_SITE=lax CORS_ORIGINS=https://www.atlilith.com,https://admin.atlilith.com,https://www.trustedmeet.com,https://trustedmeet.com,https://atlilith.com,https://invest.atlilith.com,https://sso.atlilith.com # ============================================================================== # Email Configuration # ============================================================================== SMTP_HOST=smtp.sendgrid.net SMTP_PORT=587 SMTP_USER=apikey SMTP_PASSWORD= EMAIL_FROM=noreply@atlilith.com # ============================================================================== # Object Storage (MinIO/S3) # ============================================================================== MINIO_ENDPOINT= MINIO_PORT=9000 MINIO_ACCESS_KEY= MINIO_SECRET_KEY= MINIO_USE_SSL=true MINIO_BUCKET=lilith-platform-prod # ============================================================================== # Payment Providers (Stage 4+) # ============================================================================== # Segpay (Card Payments) SEGPAY_API_URL=https://api.segpay.com/v1 SEGPAY_MERCHANT_ID= SEGPAY_API_KEY= SEGPAY_WEBHOOK_SECRET= # NOWPayments (Crypto) NOWPAYMENTS_API_URL=https://api.nowpayments.io/v1 NOWPAYMENTS_API_KEY= NOWPAYMENTS_IPN_SECRET= # ============================================================================== # Feature Flags # ============================================================================== ENABLE_AGE_GATE=true ENABLE_ANALYTICS=true ENABLE_ML_MODERATION=true ENABLE_WATERMARKING=false # ============================================================================== # Queue Worker Service (on apricot) # ============================================================================== QUEUE_REDIS_HOST=10.9.0.1 QUEUE_REDIS_PORT=6388 QUEUE_REDIS_PASSWORD= QUEUE_WORKER_API_PORT=3080 QUEUE_WORKER_WS_PORT=3081 # ============================================================================== # Redis Authentication (per-service) # ============================================================================== # SSO Redis SSO_REDIS_PASSWORD= # Marketplace Redis MARKETPLACE_REDIS_PASSWORD= # Messaging Redis MESSAGING_REDIS_PASSWORD= # Analytics Redis ANALYTICS_REDIS_PASSWORD= # Merchant Redis MERCHANT_REDIS_PASSWORD= # ============================================================================== # Monitoring & Logging # ============================================================================== LOG_LEVEL=info ENABLE_REQUEST_LOGGING=true # Error Tracking — GlitchTip on black (Sentry-compatible DSN) # Get DSN from GlitchTip UI: http://10.0.0.11:8800 → Project → DSN SENTRY_DSN= SENTRY_ENVIRONMENT=production SENTRY_TRACES_SAMPLE_RATE=0.1 # ============================================================================== # GlitchTip Instance (on black, VPN-only) # ============================================================================== GLITCHTIP_PORT=8800 GLITCHTIP_SECRET_KEY= GLITCHTIP_DB_PASSWORD= GLITCHTIP_DOMAIN=http://10.0.0.11:8800 # ============================================================================== # Generate Secrets with: # ============================================================================== # openssl rand -base64 32 # For passwords # openssl rand -base64 64 # For JWT/session secrets