// Phase 6.4 + 6.10: proposed /var/www/ecosystem.config.cjs // // Diffs from the live file (CONSOLIDATION_PLAN.md §6.4 / §6.10): // 1. Drop the `JWT_SECRET: process.env.JWT_SECRET` override in new-auth-server's // env block. That override shadowed the .env value with whatever shell var was // exported when pm2 was last started — causing the silent-divergence footgun // called out in CLAUDE.md memory. With it removed, .env is the single source. // 2. Move ADD_WORD_TOKEN out of the inline env into /opt/lt-wordlist-api/.env. // The PM2 entry below no longer references it. // 3. Rename the placeholder script paths if you have any half-finished ones; this // version only lists the apps that actually run today (post-Phase-1 cleanup). // // To apply: // sudo cp /var/www/ecosystem.config.cjs /var/www/ecosystem.config.cjs.bak.$(date +%F) // sudo cp /home/matt/ecosystem.config.cjs.new /var/www/ecosystem.config.cjs // pm2 reload ecosystem.config.cjs --update-env // // Verify after reload: // pm2 env new-auth-server | grep -i jwt # should show JWT_SECRET from .env only // pm2 env new-auth-server | grep ADD_WORD # should be empty const inventoryEnv = require('dotenv').config({ path: '/var/www/inventory/.env' }).parsed; module.exports = { apps: [ { name: 'new-auth-server', // Phase 8 may rename to 'auth-server' — cosmetic script: './inventory/auth/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production', AUTH_PORT: 3011, // PHASE 6.4 FIX: no JWT_SECRET override here. .env wins. }, max_memory_restart: '500M', error_file: '/var/log/pm2/new-auth-server-error.log', out_file: '/var/log/pm2/new-auth-server-out.log', }, { name: 'inventory-server', script: './inventory/src/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production', PORT: 3010, UPLOADS_DIR: '/var/www/inventory/uploads', }, max_memory_restart: '1G', error_file: '/var/log/pm2/inventory-server-error.log', out_file: '/var/log/pm2/inventory-server-out.log', }, { name: 'chat-server', script: './inventory/chat/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production', PORT: 3014 }, max_memory_restart: '500M', }, { name: 'acot-server', script: './inventory/dashboard/acot-server/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production', ACOT_PORT: 3012 }, max_memory_restart: '1G', }, // Per-vendor dashboard apps stay until Phase 4 merge ships. { name: 'klaviyo-server', script: './inventory/dashboard/klaviyo-server/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production' }, max_memory_restart: '500M', }, { name: 'meta-server', script: './inventory/dashboard/meta-server/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production' }, max_memory_restart: '300M', }, { name: 'google-server', script: './inventory/dashboard/google-server/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production' }, max_memory_restart: '300M', }, { name: 'typeform-server', script: './inventory/dashboard/typeform-server/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production' }, max_memory_restart: '300M', }, // PHASE 6.10: lt-wordlist-api now loads ADD_WORD_TOKEN from /opt/lt-wordlist-api/.env // (no longer hardcoded here). Rotate that token's value when applying this change. { name: 'lt-wordlist-api', script: '/opt/lt-wordlist-api/server.js', cwd: '/opt/lt-wordlist-api', env: { NODE_ENV: 'production' }, max_memory_restart: '200M', }, { name: 'acot-phone-server', script: './inventory/acot-phone/server.js', cwd: '/var/www', env: { ...inventoryEnv, NODE_ENV: 'production' }, max_memory_restart: '300M', }, ], };