From 2335b4980dbde58362eaae01f1d2180dfd3e076c Mon Sep 17 00:00:00 2001 From: Bastian de Byl Date: Sat, 6 Jun 2026 17:28:00 -0400 Subject: [PATCH] fulfillr(prod): wire prod Turso store + live Stripe (fulfillr_prod_* vars) + image 20260606.1735 --- ansible/roles/podman/defaults/main.yml | 7 ++--- ansible/roles/podman/tasks/main.yml | 2 +- .../templates/fulfillr/production.json.j2 | 26 ++++++++++++------- 3 files changed, 19 insertions(+), 16 deletions(-) diff --git a/ansible/roles/podman/defaults/main.yml b/ansible/roles/podman/defaults/main.yml index cfd1e54..69644f7 100644 --- a/ansible/roles/podman/defaults/main.yml +++ b/ansible/roles/podman/defaults/main.yml @@ -10,11 +10,8 @@ fulfillr_path: "{{ podman_volumes }}/fulfillr" fulfillr_cases_table: "debyltech-cases-prod" fulfillr_tickets_table: "debyltech-tickets-prod" # Turso ecommerce store (self-hosted checkout). -# PROD store is OFF until cutover (empty URL -> store routes not registered). At -# cutover set this to libsql://debyltech-store-prod-debyltech.aws-us-east-1.turso.io -# and add `fulfillr_store_auth_token` (prod RW token) to the vault. -fulfillr_store_database_url: "" -fulfillr_store_auth_token: "" +# PROD store URL (non-secret); the RW token `fulfillr_prod_store_auth_token` is in the vault. +fulfillr_prod_store_database_url: "libsql://debyltech-store-prod-debyltech.aws-us-east-1.turso.io" # Staging back-office (fulfillr-dev.debyltech.com, port 9055) -> staging Turso store. # Its RW token is `fulfillr_dev_store_auth_token` and EasyPost test key is # `fulfillr_dev_easypost_api_key`, both in the encrypted vault. diff --git a/ansible/roles/podman/tasks/main.yml b/ansible/roles/podman/tasks/main.yml index 9757dd7..729365b 100644 --- a/ansible/roles/podman/tasks/main.yml +++ b/ansible/roles/podman/tasks/main.yml @@ -78,7 +78,7 @@ - import_tasks: containers/debyltech/fulfillr.yml vars: - image: git.debyl.io/debyltech/fulfillr:20260605.2021 + image: git.debyl.io/debyltech/fulfillr:20260606.1735 tags: debyltech, fulfillr # Staging back-office (fulfillr-dev.debyltech.com) — same image, staging Turso config. diff --git a/ansible/roles/podman/templates/fulfillr/production.json.j2 b/ansible/roles/podman/templates/fulfillr/production.json.j2 index 58bf9b7..7a460c0 100644 --- a/ansible/roles/podman/templates/fulfillr/production.json.j2 +++ b/ansible/roles/podman/templates/fulfillr/production.json.j2 @@ -1,18 +1,24 @@ +{# Production back-office config (fulfillr). Live tier: + - ecommerce store -> PROD Turso (fulfillr_prod_store_*) + - EasyPost + Stripe -> LIVE keys (fulfillr_prod_easypost_api_key / fulfillr_prod_stripe_api_key) + - AWS -> Fulfillr prod key (fulfillr_prod_access_key/secret_key), prod DynamoDB tables + + debyltech.digital.prod. snipcart_api_key, fulfillr_region, fulfillr_tax_ein and + fulfillr_hmac_arn are shared vars (no dev/prod split). Mirrors dev.json.j2. #} { "snipcart_api_key": "{{ snipcart_api_key }}", "easypost_api_key": "{{ easypost_api_key }}", - "stripe_api_key": "{{ fulfillr_stripe_api_key }}", - "backinstock_table": "{{ fulfillr_backinstock_table }}", - "cases_table": "{{ fulfillr_cases_table }}", - "tickets_table": "{{ fulfillr_tickets_table }}", - "store_database_url": "{{ fulfillr_store_database_url }}", - "store_auth_token": "{{ fulfillr_store_auth_token }}", + "stripe_api_key": "{{ fulfillr_prod_stripe_api_key }}", + "backinstock_table": "debyltech-backinstock-prod", + "cases_table": "debyltech-cases-prod", + "tickets_table": "debyltech-tickets-prod", + "store_database_url": "{{ fulfillr_prod_store_database_url }}", + "store_auth_token": "{{ fulfillr_prod_store_auth_token }}", "download_base_url": "https://api.debyltech.com", "aws": { - "access_key": "{{ fulfillr_access_key }}", - "secret_key": "{{ fulfillr_secret_key }}", + "access_key": "{{ fulfillr_prod_access_key }}", + "secret_key": "{{ fulfillr_prod_secret_key }}", "region": "{{ fulfillr_region }}", - "bucket": "{{ fulfillr_bucket }}" + "bucket": "debyltech.digital.prod" }, "tax": { "ein": "{{ fulfillr_tax_ein }}", @@ -40,4 +46,4 @@ "ses_region": "us-east-1", "base_url": "https://debyltech.com" } -} \ No newline at end of file +}