liderra/portal
1
0
Fork 0
Code Issues Pull Requests Actions 89 Packages Projects Releases Wiki Activity
Files
218a6738fa749aa18cbf97bcbfcfeccff0d1cc89
portal/app/config/database.php
T

226 lines
9.7 KiB
PHP
Raw Normal View History

phase1(scaffold): Laravel 11 + predis + .env под PG 16 + Memurai
2026-05-08 09:37:16 +03:00
<?php
use Illuminate\Support\Str;
use Pdo\Mysql;
fix(supplier): Plan 3 Task 3 code-review fixes (4 Important + 3 Minor)
2026-05-11 01:26:24 +03:00
// pgsql base config — single source of truth для pgsql + pgsql_supplier (Plan 3 Task 3).
// config('database.connections.pgsql') внутри этого файла не работает: config Repository
// ещё не bootstrap'нут на момент return этого массива (chicken-and-egg). Используем
// локальную переменную: pgsql_supplier = $pgsqlConnection + override (username/password).
$pgsqlConnection = [
'driver' => 'pgsql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '5432'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
'search_path' => 'public',
'sslmode' => env('DB_SSLMODE', 'prefer'),
// PG session timezone = UTC. Без этого TIMESTAMPTZ возвращается с локальным offset
// (+03), а Carbon::parse теряет offset → password reset token expiry-check
// и аналогичные TZ-чувствительные сравнения ломаются.
'timezone' => env('DB_TIMEZONE', 'UTC'),
];
phase1(scaffold): Laravel 11 + predis + .env под PG 16 + Memurai
2026-05-08 09:37:16 +03:00
return [
/*
|--------------------------------------------------------------------------
| Default Database Connection Name
|--------------------------------------------------------------------------
|
| Here you may specify which of the database connections below you wish
| to use as your default connection for database operations. This is
| the connection which will be utilized unless another connection
| is explicitly specified when you execute a query / statement.
|
*/
'default' => env('DB_CONNECTION', 'sqlite'),
/*
|--------------------------------------------------------------------------
| Database Connections
|--------------------------------------------------------------------------
|
| Below are all of the database connections defined for your application.
| An example configuration is provided for each database system which
| is supported by Laravel. You're free to add / remove connections.
|
*/
'connections' => [
'sqlite' => [
'driver' => 'sqlite',
'url' => env('DB_URL'),
'database' => env('DB_DATABASE', database_path('database.sqlite')),
'prefix' => '',
'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true),
'busy_timeout' => null,
'journal_mode' => null,
'synchronous' => null,
'transaction_mode' => 'DEFERRED',
],
'mysql' => [
'driver' => 'mysql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
(PHP_VERSION_ID >= 80500 ? Mysql::ATTR_SSL_CA : PDO::MYSQL_ATTR_SSL_CA) => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'mariadb' => [
'driver' => 'mariadb',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
(PHP_VERSION_ID >= 80500 ? Mysql::ATTR_SSL_CA : PDO::MYSQL_ATTR_SSL_CA) => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
fix(supplier): Plan 3 Task 3 code-review fixes (4 Important + 3 Minor)
2026-05-11 01:26:24 +03:00
'pgsql' => $pgsqlConnection,
phase1(scaffold): Laravel 11 + predis + .env под PG 16 + Memurai
2026-05-08 09:37:16 +03:00
feat(supplier): Plan 3 Task 3 — switch supplier-flow на pgsql_supplier (BYPASSRLS)
2026-05-11 01:00:47 +03:00
// Plan 3 Task 3: dedicated PG connection для supplier-flow под BYPASSRLS-ролью
// crm_supplier_worker (создана Plan 2.6 #iv 7899071 в db/00_create_roles.sql v1.1).
// Закрывает 3 backlog-айтема одной правкой:
// - BLOCKER #6: INSERT в failed_webhook_jobs с tenant_id=NULL под BYPASSRLS
// проходит (политика tenant_isolation отвергает NULL под обычной ролью).
// - WARN #2: LeadRouter::matchEligibleProjects видит проекты ВСЕХ tenant'ов
// без SET LOCAL app.current_tenant_id (sharing-model §6 spec'а).
// - WARN #3: ResetDeliveredTodayCommand сбрасывает delivered_today по всем
// tenant'ам в одном UPDATE.
//
// На production env-keys DB_SUPPLIER_USERNAME=crm_supplier_worker + DB_SUPPLIER_PASSWORD
// указывают на BYPASSRLS-роль. На dev fallback на DB_USERNAME/DB_PASSWORD (postgres
// superuser — BYPASSRLS implicit), тесты работают без отдельной роли.
//
// WHERE(tenant_id=) фильтры в коде сохраняются как defense-in-depth — если в будущем
// роль сменится на не-BYPASSRLS, бизнес-логика останется корректной.
//
// Brainstorm decision: вариант C (BYPASSRLS-role) из 3 опций. См.
// docs/superpowers/specs/2026-05-11-plan3-supplier-sync-design.md §1.
'pgsql_supplier' => array_merge(
fix(supplier): Plan 3 Task 3 code-review fixes (4 Important + 3 Minor)
2026-05-11 01:26:24 +03:00
$pgsqlConnection,
feat(supplier): Plan 3 Task 3 — switch supplier-flow на pgsql_supplier (BYPASSRLS)
2026-05-11 01:00:47 +03:00
[
fix(supplier): Plan 3 Task 3 code-review fixes (4 Important + 3 Minor)
2026-05-11 01:26:24 +03:00
// crm_supplier_worker (BYPASSRLS) for supplier-flow jobs.
// Plan 3 Task 3 — закрывает BLOCKER #6 + WARN #2/#3.
// На dev fallback на default DB_USERNAME/DB_PASSWORD; на prod
// ОБЯЗАТЕЛЬНО задать DB_SUPPLIER_USERNAME=crm_supplier_worker.
feat(supplier): Plan 3 Task 3 — switch supplier-flow на pgsql_supplier (BYPASSRLS)
2026-05-11 01:00:47 +03:00
'username' => env('DB_SUPPLIER_USERNAME', env('DB_USERNAME', 'root')),
'password' => env('DB_SUPPLIER_PASSWORD', env('DB_PASSWORD', '')),
]
),
phase1(scaffold): Laravel 11 + predis + .env под PG 16 + Memurai
2026-05-08 09:37:16 +03:00
'sqlsrv' => [
'driver' => 'sqlsrv',
'url' => env('DB_URL'),
'host' => env('DB_HOST', 'localhost'),
'port' => env('DB_PORT', '1433'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
// 'encrypt' => env('DB_ENCRYPT', 'yes'),
// 'trust_server_certificate' => env('DB_TRUST_SERVER_CERTIFICATE', 'false'),
],
],
/*
|--------------------------------------------------------------------------
| Migration Repository Table
|--------------------------------------------------------------------------
|
| This table keeps track of all the migrations that have already run for
| your application. Using this information, we can determine which of
| the migrations on disk haven't actually been run on the database.
|
*/
'migrations' => [
'table' => 'migrations',
'update_date_on_publish' => true,
],
/*
|--------------------------------------------------------------------------
| Redis Databases
|--------------------------------------------------------------------------
|
| Redis is an open source, fast, and advanced key-value store that also
| provides a richer body of commands than a typical key-value system
| such as Memcached. You may define your connection settings here.
|
*/
'redis' => [
'client' => env('REDIS_CLIENT', 'phpredis'),
'options' => [
'cluster' => env('REDIS_CLUSTER', 'redis'),
'prefix' => env('REDIS_PREFIX', Str::slug((string) env('APP_NAME', 'laravel')).'-database-'),
'persistent' => env('REDIS_PERSISTENT', false),
],
'default' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_DB', '0'),
'max_retries' => env('REDIS_MAX_RETRIES', 3),
'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
],
'cache' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_CACHE_DB', '1'),
'max_retries' => env('REDIS_MAX_RETRIES', 3),
'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
],
],
];
Reference in New Issue Copy Permalink