Configuration Guide

Complete guide for configuring the SBM CRM Platform.

Configuration Files

Main Configuration

Location: config/config.production.json

{
  "server": {
    "port": 3000,
    "host": "0.0.0.0",
    "env": "production"
  },
  "database": {
    "host": "localhost",
    "port": 5432,
    "name": "sbmcrm_production",
    "user": "sbmcrm",
    "password": "your_password",
    "ssl": true,
    "pool": {
      "min": 2,
      "max": 10
    }
  },
  "redis": {
    "host": "localhost",
    "port": 6379,
    "password": "your_redis_password",
    "db": 0
  },
  "jwt": {
    "secret": "your_jwt_secret_key",
    "expiresIn": "1h",
    "refreshExpiresIn": "7d"
  },
  "wechat": {
    "appId": "your_wechat_app_id",
    "appSecret": "your_wechat_app_secret",
    "miniProgramAppId": "your_mini_program_app_id",
    "miniProgramAppSecret": "your_mini_program_secret"
  },
  "email": {
    "provider": "smtp",
    "host": "smtp.example.com",
    "port": 587,
    "secure": false,
    "user": "noreply@example.com",
    "password": "your_email_password"
  },
  "storage": {
    "type": "s3",
    "bucket": "sbmcrm-uploads",
    "region": "ap-southeast-1",
    "accessKeyId": "your_access_key",
    "secretAccessKey": "your_secret_key"
  },
  "analytics": {
    "enabled": true,
    "retentionDays": 365
  }
}

Environment Variables

Required Variables

# Server
NODE_ENV=production
PORT=3000

# Database
DB_HOST=localhost
DB_PORT=5432
DB_NAME=sbmcrm_production
DB_USER=sbmcrm
DB_PASSWORD=your_secure_password

# Redis
REDIS_HOST=localhost
REDIS_PORT=6379
REDIS_PASSWORD=your_redis_password

# JWT
JWT_SECRET=your_jwt_secret_key_min_32_chars

# WeChat
WECHAT_APP_ID=your_app_id
WECHAT_APP_SECRET=your_app_secret
WECHAT_MINI_PROGRAM_APP_ID=your_mini_program_id
WECHAT_MINI_PROGRAM_SECRET=your_mini_program_secret

# Email
EMAIL_HOST=smtp.example.com
EMAIL_PORT=587
EMAIL_USER=noreply@example.com
EMAIL_PASSWORD=your_email_password

Optional Variables

# Logging
LOG_LEVEL=info
LOG_FILE=/var/log/sbmcrm/app.log

# Rate Limiting
RATE_LIMIT_WINDOW_MS=3600000
RATE_LIMIT_MAX_REQUESTS=1000

# File Upload
MAX_FILE_SIZE=10485760
ALLOWED_FILE_TYPES=jpg,jpeg,png,pdf

# CORS
CORS_ORIGIN=https://yourdomain.com

# Monitoring
SENTRY_DSN=your_sentry_dsn

WeChat Configuration

WeChat Official Account

1. Log in to WeChat Official Account Platform
2. Navigate to Settings → Developer Settings
3. Copy AppID and AppSecret
4. Configure IP whitelist
5. Set up message server URL

WeChat Mini Program

1. Log in to WeChat Mini Program Platform
2. Navigate to Settings → Developer Settings
3. Copy AppID and AppSecret
4. Configure server domain
5. Set up request domain and upload domain

Database Configuration

Connection Pool Settings

{
  "pool": {
    "min": 2,
    "max": 10,
    "idleTimeoutMillis": 30000,
    "connectionTimeoutMillis": 2000
  }
}

SSL Configuration

For production, enable SSL:

{
  "ssl": {
    "require": true,
    "rejectUnauthorized": true,
    "ca": "/path/to/ca-certificate.crt"
  }
}

Redis Configuration

Cache Settings

{
  "cache": {
    "defaultTTL": 3600,
    "prefix": "sbmcrm:",
    "keyExpiration": 86400
  }
}

Security Configuration

Rate Limiting

{
  "rateLimit": {
    "windowMs": 3600000,
    "max": 1000,
    "standard": {
      "max": 1000
    },
    "premium": {
      "max": 10000
    },
    "enterprise": {
      "max": 100000
    }
  }
}

CORS Configuration

{
  "cors": {
    "origin": [
      "https://yourdomain.com",
      "https://admin.yourdomain.com"
    ],
    "credentials": true,
    "methods": ["GET", "POST", "PUT", "PATCH", "DELETE"],
    "allowedHeaders": ["Content-Type", "Authorization"]
  }
}

Logging Configuration

{
  "logging": {
    "level": "info",
    "format": "json",
    "file": {
      "enabled": true,
      "path": "/var/log/sbmcrm/app.log",
      "maxSize": "10m",
      "maxFiles": "14d"
    },
    "console": {
      "enabled": true
    }
  }
}

AI Services Configuration

{
  "ai": {
    "enabled": true,
    "host": "localhost",
    "port": 8000,
    "timeout": 30000,
    "models": {
      "segmentation": "clustering-v2",
      "recommendation": "collaborative-filtering-v1",
      "chatbot": "gpt-4"
    }
  }
}

Monitoring Configuration

Sentry (Error Tracking)

{
  "sentry": {
    "enabled": true,
    "dsn": "https://your-sentry-dsn@sentry.io/project-id",
    "environment": "production",
    "tracesSampleRate": 0.1
  }
}

Prometheus Metrics

{
  "metrics": {
    "enabled": true,
    "path": "/metrics",
    "port": 9090
  }
}

Production Checklist

• All sensitive values use environment variables
• Database SSL enabled
• Redis password set
• JWT secret is strong (32+ characters)
• CORS configured correctly
• Rate limiting enabled
• Logging configured
• Monitoring enabled
• Backup configured
• SSL/TLS certificates installed

Configuration Validation

Test your configuration:

# Validate configuration file
npm run config:validate

# Test database connection
npm run db:test

# Test Redis connection
npm run redis:test

Updating Configuration

Hot Reload

Some configuration changes require a restart:

# Restart services
sudo systemctl restart sbmcrm-api
sudo systemctl restart sbmcrm-ai

Zero-Downtime Updates

For production, use rolling updates:

# Update configuration
# Then restart services one at a time
sudo systemctl restart sbmcrm-api@1
# Wait for health check
sudo systemctl restart sbmcrm-api@2