From d4248b62e10873ca656adfba4d39d89ff7c01b78 Mon Sep 17 00:00:00 2001 From: meninjar Date: Mon, 3 Nov 2025 06:54:23 +0000 Subject: [PATCH] README --- README.md | 98 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 80 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index d0d877d..daf50c2 100644 --- a/README.md +++ b/README.md @@ -334,21 +334,21 @@ MYSQL_MEDICAL_DATABASE=healtcare_database JWT_SECRET=your-super-secret-key-change-in-production # Keycloak Configuration -KEYCLOAK_ISSUER=https://auth.rssa.top/realms/sandbox -KEYCLOAK_AUDIENCE=nuxtsim-pendaftaran -KEYCLOAK_JWKS_URL=https://auth.rssa.top/realms/sandbox/protocol/openid-connect/certs +KEYCLOAK_ISSUER=${KEYCLOAK_ISSUER_URL} +KEYCLOAK_AUDIENCE=${KEYCLOAK_AUDIENCE_VALUE} +KEYCLOAK_JWKS_URL=${KEYCLOAK_JWKS_URL_VALUE} KEYCLOAK_ENABLED=true # BPJS Configuration -BPJS_BASEURL=https://apijkn.bpjs-kesehatan.go.id/vclaim-dev -BPJS_CONSID=52667757 -BPJS_USERKEY=4cf1cbef811314fvdgrc008440bbe9ef9ba789e482 -BPJS_SECRETKEY=1bV36ASDQQ3512D +BPJS_BASEURL=${BPJS_API_URL} +BPJS_CONSID=${BPJS_CONSID_VALUE} +BPJS_USERKEY=${BPJS_USERKEY_VALUE} +BPJS_SECRETKEY=${BPJS_SECRETKEY_VALUE} # SATUSEHAT Configuration -SATUSEHAT_BASEURL=https://api-satusehat.kemkes.go.id/fhir-r4/v1 -SATUSEHAT_CLIENT_ID=your-client-id -SATUSEHAT_CLIENT_SECRET=your-client-secret +SATUSEHAT_BASEURL=${SATUSEHAT_API_URL} +SATUSEHAT_CLIENT_ID=${SATUSEHAT_CLIENT_ID_VALUE} +SATUSEHAT_CLIENT_SECRET=${SATUSEHAT_CLIENT_SECRET_VALUE} ``` ### Code Generation @@ -410,19 +410,19 @@ GIN_MODE=release # Database Configuration DB_CONNECTION=postgres -DB_HOST=10.10.123.165 +DB_HOST=${DB_HOST_VALUE} DB_PORT=5432 -DB_USERNAME=stim -DB_PASSWORD=stim*RS54 -DB_DATABASE=satu_db +DB_USERNAME=${DB_USERNAME_VALUE} +DB_PASSWORD=${DB_PASSWORD_VALUE} +DB_DATABASE=${DB_DATABASE_VALUE} # Security -JWT_SECRET=your-production-secret-key +JWT_SECRET=${JWT_SECRET_VALUE} KEYCLOAK_ENABLED=true # External Services -BPJS_BASEURL=https://apijkn.bpjs-kesehatan.go.id/vclaim-rest -SATUSEHAT_BASEURL=https://api-satusehat.kemkes.go.id/fhir-r4/v1 +BPJS_BASEURL=${BPJS_PRODUCTION_URL} +SATUSEHAT_BASEURL=${SATUSEHAT_PRODUCTION_URL} ``` *** @@ -586,4 +586,66 @@ make watch - [x] Setup environment selesai - [x] Implementasi patient management - [x] Setup authentication dengan Keycloak -- [ ] Integrasi BPJS dan SATUSEHAT \ No newline at end of file +- [ ] Integrasi BPJS dan SATUSEHAT +- [ ] Testing dan validation +- [ ] Setup monitoring dan logging +- [ ] Deploy ke production + +### ๐Ÿš€ Advanced Features + +- **๐Ÿ“Š Real-time Dashboard** +- **๐Ÿ”’ Enhanced Security (Rate limiting, CORS)** +- **๐Ÿ“ˆ Performance Monitoring** +- **๐ŸŒ API Versioning** +- **๐Ÿ“ฑ Mobile SDK Integration** + +*** + +**โšก Total setup time: 5 menit | ๐Ÿ”ง Generate Handler: 30 detik | ๐Ÿงช Testing: Langsung via Swagger** + +> **๐Ÿ’ก Pro Tip:** Gunakan `make help` untuk melihat semua command yang tersedia + +*** + +## ๐Ÿ” Keamanan & Konfigurasi + +### Environment Variables untuk Production + +Untuk keamanan, semua konfigurasi sensitif harus menggunakan environment variables: + +```bash +# Keycloak Configuration +KEYCLOAK_ISSUER=${KEYCLOAK_ISSUER_URL} +KEYCLOAK_AUDIENCE=${KEYCLOAK_AUDIENCE_VALUE} +KEYCLOAK_JWKS_URL=${KEYCLOAK_JWKS_URL_VALUE} + +# BPJS Configuration +BPJS_BASEURL=${BPJS_API_URL} +BPJS_CONSID=${BPJS_CONSID_VALUE} +BPJS_USERKEY=${BPJS_USERKEY_VALUE} +BPJS_SECRETKEY=${BPJS_SECRETKEY_VALUE} + +# SATUSEHAT Configuration +SATUSEHAT_BASEURL=${SATUSEHAT_API_URL} +SATUSEHAT_CLIENT_ID=${SATUSEHAT_CLIENT_ID_VALUE} +SATUSEHAT_CLIENT_SECRET=${SATUSEHAT_CLIENT_SECRET_VALUE} + +# Database Configuration +DB_HOST=${DB_HOST_VALUE} +DB_USERNAME=${DB_USERNAME_VALUE} +DB_PASSWORD=${DB_PASSWORD_VALUE} +DB_DATABASE=${DB_DATABASE_VALUE} + +# Security +JWT_SECRET=${JWT_SECRET_VALUE} +``` + +### Best Practices + +1. **Jangan pernah commit file .env ke repository** +2. **Gunakan environment variables untuk semua data sensitif** +3. **Gunakan secret management tools untuk production** +4. **Rotasi kunci API secara berkala** +5. **Implementasi rate limiting untuk API endpoints** + +*** \ No newline at end of file