From c1d49689da87e14b304481692d786c6906a523fd Mon Sep 17 00:00:00 2001
From: RKWojs <rkwojs@gmail.com>
Date: Fri, 12 Sep 2025 09:21:53 +0200
Subject: [PATCH] feat: Enhance deployment scripts with environment variable
 validation and loading

---
 deploy.bat              | 28 ++++++++++++++++++++++++++++
 deploy.sh               | 20 ++++++++++++++++++++
 docker-compose.prod.yml |  2 ++
 3 files changed, 50 insertions(+)

diff --git a/deploy.bat b/deploy.bat
index 406e261..bf6761b 100644
--- a/deploy.bat
+++ b/deploy.bat
@@ -7,6 +7,34 @@ set GIT_BRANCH=%2
 if "%GIT_BRANCH%"=="" set GIT_BRANCH=ui-fix
 set GIT_COMMIT=%3
 
+REM Check if .env.production exists
+if exist .env.production (
+    echo Loading production environment variables...
+    for /f "delims=" %%x in (.env.production) do (
+        set "%%x"
+    )
+) else (
+    echo Warning: .env.production not found. Make sure environment variables are set!
+)
+
+REM Validate critical environment variables
+if "%NEXTAUTH_SECRET%"=="" (
+    echo ERROR: NEXTAUTH_SECRET must be set to a secure random string!
+    echo Generate one with: openssl rand -base64 32
+    exit /b 1
+)
+
+@REM if "%NEXTAUTH_SECRET%"=="YOUR_SUPER_SECURE_SECRET_KEY_HERE_AT_LEAST_32_CHARACTERS_LONG" (
+@REM     echo ERROR: NEXTAUTH_SECRET must be changed from the default value!
+@REM     echo Generate one with: openssl rand -base64 32
+@REM     exit /b 1
+@REM )
+
+if "%NEXTAUTH_URL%"=="" (
+    echo ERROR: NEXTAUTH_URL must be set to your production URL!
+    exit /b 1
+)
+
 if "%GIT_REPO_URL%"=="" (
     echo Building from local files...
     docker-compose -f docker-compose.prod.yml build
diff --git a/deploy.sh b/deploy.sh
index 7517246..f910274 100644
--- a/deploy.sh
+++ b/deploy.sh
@@ -10,6 +10,26 @@ GIT_REPO_URL=${1:-""}
 GIT_BRANCH=${2:-"ui-fix"}
 GIT_COMMIT=${3:-""}
 
+# Check if .env.production exists and source it
+if [ -f .env.production ]; then
+    echo "Loading production environment variables..."
+    export $(grep -v '^#' .env.production | xargs)
+else
+    echo "Warning: .env.production not found. Make sure environment variables are set!"
+fi
+
+# Validate critical environment variables
+# if [ -z "$NEXTAUTH_SECRET" ] || [ "$NEXTAUTH_SECRET" = "YOUR_SUPER_SECURE_SECRET_KEY_HERE_AT_LEAST_32_CHARACTERS_LONG" ]; then
+#     echo "ERROR: NEXTAUTH_SECRET must be set to a secure random string!"
+#     echo "Generate one with: openssl rand -base64 32"
+#     exit 1
+# fi
+
+if [ -z "$NEXTAUTH_URL" ]; then
+    echo "ERROR: NEXTAUTH_URL must be set to your production URL!"
+    exit 1
+fi
+
 if [ -z "$GIT_REPO_URL" ]; then
     echo "Building from local files..."
     docker-compose -f docker-compose.prod.yml build
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index d8f5316..be35a7e 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -15,4 +15,6 @@ services:
       - ./data:/app/data
     environment:
       - NODE_ENV=production
+      - NEXTAUTH_SECRET=${NEXTAUTH_SECRET:-your-secret-key-generate-a-strong-random-string-at-least-32-characters}
+      - NEXTAUTH_URL=${NEXTAUTH_URL:-https://panel2.wastpol.pl}
     restart: unless-stopped