fix: env config for psql setup with supertokens

[zhravan]

Issue

Link to related issue(s):

---

Description

Short summary of what this PR changes or introduces.

---

Scope of Change

Select all applicable areas impacted by this PR:

• View (UI/UX)
• API
• CLI
• Infra / Deployment
• Docs
• Other (specify): ________

---

Screenshot / Video / GIF (if applicable)

Attach or embed screenshots, screen recordings, or GIFs demonstrating the feature or fix.

---

Related PRs (if any)

Link any related or dependent PRs across repos.

---

Additional Notes for Reviewers (optional)

Anything reviewers should know before testing or merging (e.g., environment variables, setup steps).

---

Developer Checklist

To be completed by the developer who raised the PR.

• Add valid/relevant title for the PR
• Self-review done
• Manual dev testing done
• No secrets exposed
• No merge conflicts
• Docs added/updated (if applicable)
• Removed debug prints / secrets / sensitive data
• Unit / Integration tests passing
• Follows all standards defined in Nixopus Docs

---

Reviewer Checklist

To be completed by the reviewer before merge.

• Peer review done
• No console.logs / fmt.prints left
• No secrets exposed
• If any DB migrations, migration changes are verified
• Verified release changes are production-ready

Summary by CodeRabbit

• New Features

  • Generates a combined .env file alongside per-service env files for simpler configuration.
  • Adds build-time/public env configuration for API URL and website domain in the web app.
  • Enables external DB access via a new port mapping.
  • Improves API service persistence with added volume mounting.

• Improvements

  • More robust env file creation with permission handling and logging.
  • Consistent environment propagation across services.

• Bug Fixes

  • Corrected SuperTokens connection URI format.

• Chores

  • Version bumped to 0.1.8.

[coderabbitai]

Walkthrough

Adds combined .env generation in the CLI installer, adjusts SUPERTOKENS_CONNECTION_URI formatting, introduces build args/envs for the view image, updates docker-compose for volumes, ports, build args, and caddy command, and bumps the CLI package version.

Changes

Cohort / File(s)	Summary of changes
CLI installer env handling cli/app/.../install/run.py	Generates a combined .env at full_source_path, merges api/view envs, applies same update logic, adds write/permission error handling, and normalizes SUPERTOKENS_CONNECTION_URI to omit “/api”.
CLI metadata cli/pyproject.toml	Version bump from 0.1.7 to 0.1.8; no dependency or script changes.
Compose services docker-compose.yml	Adds api volume mount; exposes additional db port; passes NEXT_PUBLIC_API_URL and NEXT_PUBLIC_WEBSITE_DOMAIN as build args to view; tweaks caddy command array; minor formatting.
View image build config view/Dockerfile	Adds ARGs and ENVs: NEXT_PUBLIC_API_URL, NEXT_PUBLIC_WEBSITE_DOMAIN; propagates to runtime environment.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  participant User as User
  participant CLI as CLI Installer
  participant FS as File System
  Note over CLI: Install flow with combined .env
  User->>CLI: run install
  CLI->>FS: Write api .env
  CLI->>FS: Write view .env
  CLI->>CLI: Merge envs (update vars incl. SUPERTOKENS_CONNECTION_URI)
  CLI->>FS: Write combined .env (project root)
  alt write ok
    CLI->>FS: Set permissions on combined .env
  else write fail
    CLI-->>User: Log error for combined .env
  end

Loading

sequenceDiagram
  autonumber
  participant Dev as Developer
  participant Compose as docker-compose
  participant Builder as Docker Build
  participant ViewImg as View Image
  Note over Compose: Build-time args to runtime env
  Dev->>Compose: docker compose build view
  Compose->>Builder: Build with ARGs: NEXT_PUBLIC_API_URL, NEXT_PUBLIC_WEBSITE_DOMAIN
  Builder->>ViewImg: Set ENV NEXT_PUBLIC_API_URL / NEXT_PUBLIC_WEBSITE_DOMAIN

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• hotfix(view): AppInfo Env naming for client side config #478 — Updates CLI/env handling including NEXT_PUBLIC_* vars and SUPERTOKENS_CONNECTION_URI path removal; overlaps with this PR’s env changes.

Suggested labels

nixopus-api

Suggested reviewers

• raghavyuva

Poem

I stitched two envs into one neat sheet,
A hop, a bop—connection URIs now sleek.
Docker hums with ports and args in tune,
The view knows where to find the moon.
Thump-thump! said the rabbit—merge complete. 🐇✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title “fix: env config for psql setup with supertokens” clearly indicates an environment configuration fix related to psql and the SUPERTOKENS connection, which aligns with the changes updating environment variable handling and SuperTokens URI; although it does not mention the combined .env file creation, it still accurately reflects a key aspect of the changeset.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

docker-compose.yml (1)

11-19: Consider: Redundant .env file mapping.

The API service references the .env file in two ways:

• Line 11: Via env_file directive (parsed by Docker Compose)
• Line 19: Via volume mount (file system access)

While this dual approach may be intentional (allowing the application to read its own .env file), it creates redundancy. If the application doesn't need direct file system access to the .env file, the volume mount can be removed.

If the volume mount is unnecessary, apply this diff:

     env_file:
       - ${NIXOPUS_HOME:-/etc/nixopus}/source/api/.env
     environment:
       - HOST_NAME=nixopus-db

     volumes:
       - ./logs:/app/logs
       - ${NIXOPUS_HOME:-/etc/nixopus}:/etc/nixopus
       - /var/run/docker.sock:/var/run/docker.sock
-      - ${NIXOPUS_HOME:-/etc/nixopus}/source/api/.env:/app/.env

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 54dbdb2 and 99dbb2c.

📒 Files selected for processing (4)

• cli/app/commands/install/run.py (3 hunks)
• cli/pyproject.toml (1 hunks)
• docker-compose.yml (4 hunks)
• view/Dockerfile (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

cli/app/commands/install/run.py (3)

cli/app/utils/lib.py (4)

• os (41-42)
• FileManager (152-227)
• create_directory (171-184)
• set_permissions (154-168)

cli/app/commands/conf/base.py (2)

• BaseEnvironmentManager (44-168)
• write_env_file (121-154)

cli/app/utils/config.py (1)

• get_service_env_values (48-50)

🔇 Additional comments (6)

cli/pyproject.toml (1)

3-3: LGTM!

The version bump from 0.1.7 to 0.1.8 appropriately reflects the new functionality added in this PR (combined .env generation and build-time configuration enhancements).

cli/app/commands/install/run.py (2)

296-301: Combined .env file location is appropriate.

Creating the combined environment file at the root of the source path ({full_source_path}/.env) follows convention and makes it easily accessible for services that need access to both API and view variables.

---

322-335: No overlapping keys between API and view env configurations

Verification against both helpers/config.dev.yaml and helpers/config.prod.yaml shows zero overlapping keys in services.api.env vs. services.view.env; the current merge logic poses no collision risk.

view/Dockerfile (1)

14-20: LGTM!

The addition of build-time arguments for NEXT_PUBLIC_API_URL and NEXT_PUBLIC_WEBSITE_DOMAIN with their propagation as environment variables follows Docker best practices. The default values enable local development while allowing runtime/build-time configuration in orchestrated environments.

docker-compose.yml (2)

54-55: LGTM!

The new build arguments for NEXT_PUBLIC_API_URL and NEXT_PUBLIC_WEBSITE_DOMAIN align with the corresponding Dockerfile changes and enable runtime configuration of the view service's API endpoint and domain.

---

36-37: Security: External PostgreSQL port is exposed. The ports mapping binds container port 5432 to the host, allowing outside access.
If external access isn’t needed, remove it:

-    ports:
-      - "${DB_PORT:-5432}:5432"

Otherwise bind only to localhost (127.0.0.1:${DB_PORT:-5432}:5432), enforce firewall/auth rules, and document this requirement in the PR. Confirm intent.

[zhravan]

@coderabbitai: review thoroughly

[coderabbitai]

@zhravan: I'll conduct a thorough review of the PR changes now.

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.