safe-global · 0xcuonghx · Nov 12, 2024 · Nov 12, 2024 · Nov 13, 2024 · Nov 13, 2024
@@ -2,3 +2,5 @@
 .DS_Store
 .idea/
 data/
+container_env_files/
+!container_env_files_templates/.env
@@ -0,0 +1,9 @@
+REVERSE_PROXY_PORT=8000
+
+CFG_VERSION=staging
+CGW_VERSION=staging
+TXS_VERSION=staging
+UI_VERSION=dev
+EVENTS_VERSION=staging
+
+RPC_NODE_URL={RPC_NODE_URL}
@@ -0,0 +1,84 @@
+# Default values are optimized for production to avoid having to configure
+# much in production.
+#
+# However it should be easy to get going in development too. If you see an
+# uncommented option that means it's either mandatory to set it or it's being
+# overwritten in development to make your life easier.
+
+# In development avoid writing out bytecode to __pycache__ directories.
+PYTHONDONTWRITEBYTECODE=true
+
+# You should generate a random string of 50+ characters for this value in prod.
+SECRET_KEY=insecure_key_for_dev
+
+# This should never be set to true in production but it should be enabled in dev.
+DEBUG=true
+
+# Root log level (default is INFO)
+# Possible values are DEBUG | INFO | WARNING | ERROR | CRITICAL
+ROOT_LOG_LEVEL=DEBUG
+
+# A comma separated list of allowed hosts. In production this should be your
+# domain name, such as "example.com,www.example.com" or ".example.com" to
+# support both example.com and all sub-domains for your domain.
+#
+# This is being overwritten in development to support multiple Docker dev
+# environments where you might be connecting over a local network IP address
+# instead of localhost. You should not use "*" in production.
+DJANGO_ALLOWED_HOSTS="*"
+
+# The bind port for gunicorn.
+#
+# Be warned that if you change this value you'll need to change 8000 in both
+# your Dockerfile and in a few spots in docker-compose.yml due to the nature of
+# how this value can be set (Docker Compose doesn't support nested ENV vars).
+GUNICORN_BIND_PORT=8001
+
+# Docker Nginx Volume Root
+DOCKER_NGINX_VOLUME_ROOT=/nginx
+
+# The bind socket for gunicorn
+GUNICORN_BIND_SOCKET=unix:${DOCKER_NGINX_VOLUME_ROOT}/gunicorn.socket
+
+# The port exposed to the host by the nginx image.
+# NGINX_HOST_PORT=8080
+
+# A directory where the result of executing envsubst is output (default: /etc/nginx/conf.d)
+# Used by the nginx docker image in the templating system in order to use the environment variables set
+NGINX_ENVSUBST_OUTPUT_DIR=/etc/nginx/
+
+# You'll always want to set the POSTGRES_USER and POSTGRES_PASSWORD since the
+# postgres Docker image uses them for its default database user and password.
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+POSTGRES_NAME=postgres
+POSTGRES_HOST=cfg-db
+POSTGRES_PORT=5432
+
+# What volume path should be used? In development we want to volume mount
+# everything so we can develop our code without rebuilding our Docker images.
+DOCKER_WEB_VOLUME=.:/app
+
+# Restart workers when code changes.
+# This setting is intended for development. It will cause workers to be restarted whenever application code changes.
+GUNICORN_WEB_RELOAD=false
+
+
+# Default file storage class to be used for any file-related operations that don’t specify a particular storage system.
+# storages.backends.s3boto3.S3Boto3Storage – Used for S3 configuration (AWS needs to be configured)
+# django.core.files.storage.FileSystemStorage – Django default
+DEFAULT_FILE_STORAGE=django.core.files.storage.FileSystemStorage
+
+FORCE_SCRIPT_NAME=/cfg/
+
+# The Client Gateway URL. This is for triggering webhooks to invalidate its cache for example
+CGW_URL=http://nginx:8000/cgw
+
+# The Client Gateway /v1/hooks/events token.
+CGW_AUTH_TOKEN=your_privileged_endpoints_token
+
+# CSRF protection 
+# See https://docs.djangoproject.com/en/dev/ref/settings/#csrf-trusted-origins
+CSRF_TRUSTED_ORIGINS={CONFIG_DOMAIN}
+
+MEDIA_URL = "http://localhost:8000/cfg/media/"
@@ -26,14 +26,27 @@ REDIS_HOST=cgw-redis
 # The AUTH_TOKEN should always be set
 AUTH_TOKEN=your_privileged_endpoints_token
 
+# The issuer and secret used to sign and verify JWTs.
+# The JWT_ISSUER and JWT_SECRET should always be set
+JWT_ISSUER=''
+JWT_SECRET=''
+
 # Log level
 LOG_LEVEL=info
 # LOG_SILENT=true
 
-# Alerts provider
+# Alerts provider API
+# The alerts provider API to be used.
+# NOTE: For production usage, a paid subscription is recommended.
+# (default is 'https://api.tenderly.co' if none is set)
+# ALERTS_PROVIDER_API_BASE_URI=
+# The webhook signing key to be used.
 ALERTS_PROVIDER_SIGNING_KEY=''
+# The API Key to be used.
 ALERTS_PROVIDER_API_KEY=''
+# The account to be used.
 ALERTS_PROVIDER_ACCOUNT=''
+# The project to be used.
 ALERTS_PROVIDER_PROJECT=''
 
 # Email handling
@@ -54,7 +67,7 @@ EMAIL_TEMPLATE_VERIFICATION_CODE=''
 # Firebase project
 PUSH_NOTIFICATIONS_API_PROJECT=''
 # Firebase service account details for authenticating with Google
-PUSH_NOTIFICATIONS_API_SERVICE_ACCOUNT_CLIENT_EMAIL=''
+PUSH_NOTIFICATIONS_API_SERVICE_ACCOUNT_CLIENT_EMAIL='[email protected]'
 PUSH_NOTIFICATIONS_API_SERVICE_ACCOUNT_PRIVATE_KEY=''
 
 # Relay Provider

@@ -8,7 +8,7 @@ REDIS_URL=redis://txs-redis:6379/0
 CELERY_BROKER_URL=amqp://guest:guest@txs-rabbitmq/
 DJANGO_ALLOWED_HOSTS="*"
 FORCE_SCRIPT_NAME=/txs/
-CSRF_TRUSTED_ORIGINS="http://localhost:8000"
+CSRF_TRUSTED_ORIGINS={CONFIG_DOMAIN}
 EVENTS_QUEUE_URL=amqp://general-rabbitmq:5672
 EVENTS_QUEUE_ASYNC_CONNECTION=True
 EVENTS_QUEUE_EXCHANGE_NAME="safe-transaction-service-events"
@@ -1,6 +1,6 @@
 ### Required variables ###
 NEXT_PUBLIC_INFURA_TOKEN=
-NEXT_PUBLIC_GATEWAY_URL_PRODUCTION=http://localhost:8000/cgw
+NEXT_PUBLIC_GATEWAY_URL_PRODUCTION=http://{CONFIG_DOMAIN}/cgw
 
 # infura token used by Safe Apps
 NEXT_PUBLIC_SAFE_APPS_INFURA_TOKEN=

@@ -1,6 +1,6 @@
 services:
   txs-flower:
-    image: safeglobal/safe-transaction-service:${TXS_VERSION}
+    image: gulabs/safe-transaction-service:${TXS_VERSION}
     env_file:
       - container_env_files/txs.env
     depends_on:

@@ -73,7 +73,7 @@ services:
     image: rabbitmq:alpine
 
   txs-worker-indexer: &txs-worker
-    image: safeglobal/safe-transaction-service:${TXS_VERSION}
+    image: gulabs/safe-transaction-service:${TXS_VERSION}
     env_file:
       - container_env_files/txs.env
     environment:
@@ -107,7 +107,7 @@ services:
         condition: service_healthy
 
   txs-web:
-    image: safeglobal/safe-transaction-service:${TXS_VERSION}
+    image: gulabs/safe-transaction-service:${TXS_VERSION}
     env_file:
       - container_env_files/txs.env
     environment:
@@ -131,7 +131,7 @@ services:
 
   # Safe Config Service
   cfg-web:
-    image: safeglobal/safe-config-service:${CFG_VERSION}
+    image: gulabs/safe-config-service:${CFG_VERSION}
     tty: true
     volumes:
       - nginx-shared-cfg:/nginx
@@ -147,15 +147,15 @@ services:
     <<: *redishealthcheck
 
   cgw-web:
-    image: safeglobal/safe-client-gateway-nest:${CGW_VERSION}
+    image: gulabs/safe-client-gateway-nest:${CGW_VERSION}
     env_file:
       - container_env_files/cgw.env
     depends_on:
       cgw-redis:
         condition: service_healthy
 
   ui:
-    image: safeglobal/safe-wallet-web:${UI_VERSION}
+    image: gulabs/safe-wallet-web:${UI_VERSION}
     env_file:
       - container_env_files/ui.env
     depends_on:
@@ -173,7 +173,7 @@ services:
       start_period: 15s
 
   events-web:
-    image: safeglobal/safe-events-service:${EVENTS_VERSION}
+    image: gulabs/safe-events-service:${EVENTS_VERSION}
     env_file:
       - container_env_files/events.env
     depends_on:

@@ -0,0 +1,33 @@
+#!/bin/bash
+
+# Create the directory if it does not exist
+mkdir -p container_env_files
+
+# Check for required environment variables
+if [ -z "${CONFIG_DOMAIN}" ]
+then
+  echo CONFIG_DOMAIN env is missing
+  exit 1
+fi
+
+if [ -z "${RPC_NODE_URL}" ]
+then
+  echo RPC_NODE_URL env is missing
+  exit 1
+fi
+
+# Generate the environment files using `sed`
+sed "s|{RPC_NODE_URL}|$RPC_NODE_URL|g;" $1 ./container_env_files_templates/.env > .env
+
+sed "s|{CONFIG_DOMAIN}|$CONFIG_DOMAIN|g;" $1 ./container_env_files_templates/cfg.env > ./container_env_files/cfg.env
+
+cp ./container_env_files_templates/cgw.env ./container_env_files/cgw.env
+
+cp ./container_env_files_templates/events.env ./container_env_files/events.env
+
+sed "s|{CONFIG_DOMAIN}|$CONFIG_DOMAIN|g;" $1 ./container_env_files_templates/txs.env > ./container_env_files/txs.env
+
+sed "s|{CONFIG_DOMAIN}|$CONFIG_DOMAIN|g;" $1 ./container_env_files_templates/ui.env > ./container_env_files/ui.env
+
+
+