Prepare BizOne portal production wallet and UI

deploy/debian12/README.md

@@ -16,6 +16,7 @@ Panduan ini menyiapkan `bizone-web` di server Debian 12 kosong dengan topologi b
 - Webhook verify URL Meta: `https://portal.bizone.id/api/webhooks/whatsapp`
 - Webhook event URL Meta: `https://portal.bizone.id/api/webhooks/whatsapp`
 - Alternate provider-specific webhook URL: `https://portal.bizone.id/api/webhooks/whatsapp/meta`
+- Midtrans notification URL: `https://portal.bizone.id/api/wallet/midtrans/notification`
 - Webhook logs UI: `https://portal.bizone.id/dashboard/webhooks/logs`
 
 Untuk integrasi Meta, gunakan URL default berikut:
@@ -28,6 +29,7 @@ Catatan penting:
 - Route backend memakai global prefix `/api`, jadi endpoint controller `GET /webhooks/whatsapp` menjadi `GET /api/webhooks/whatsapp`.
 - Di production, `nginx` mengekspos backend internal aplikasi lewat prefix `https://portal.bizone.id/backend-api`.
 - Prefix `/api/*` di browser dipakai oleh route handler Next.js untuk operasi dashboard seperti save contact, save user, export, dan aksi client-side lain.
+- Karena prefix `/api/*` sebagian dipakai Next.js, nginx hanya meneruskan endpoint backend publik yang perlu dipanggil pihak luar: `/api/health`, `/api/webhooks/*`, dan `/api/wallet/midtrans/*`.
 - Jika Anda ingin verifikasi tanda tangan resmi dari Meta, isi `META_WEBHOOK_APP_SECRET`.
 - Bila `META_WEBHOOK_APP_SECRET` terisi, request ke `POST /api/webhooks/whatsapp/meta` menuntut header `x-hub-signature-256`.
 - Endpoint `POST /api/webhooks/whatsapp` tetap bisa dipakai untuk Meta bila Anda memilih verify token + shared secret non-Meta untuk test lain, tetapi untuk produksi Meta lebih aman menargetkan URL default callback dan menyimpan `META_WEBHOOK_APP_SECRET`.
@@ -137,9 +139,10 @@ NODE_ENV=production
 FRONTEND_ORIGIN=https://portal.bizone.id
 PUBLIC_API_URL=https://portal.bizone.id
 INTERNAL_API_URL=http://127.0.0.1:3001/api
-NEXT_PUBLIC_API_URL=https://portal.bizone.id/api
+NEXT_PUBLIC_API_URL=https://portal.bizone.id/backend-api
 PORT=3001
 WEBHOOK_ALLOW_UNSIGNED=false
+MIDTRANS_ALLOWED_PAYMENT_TYPES=gopay,shopeepay,bank_transfer,credit_card
 ```
 
 Generate secret aman:
@@ -158,6 +161,12 @@ Gunakan hasil berbeda untuk:
 - `WEBHOOK_VERIFY_TOKEN`
 - `WEBHOOK_SHARED_SECRET`
 
+Tambahkan credential provider sesuai dashboard masing-masing:
+
+- `META_WEBHOOK_APP_SECRET` dari Meta App Dashboard.
+- `MIDTRANS_SERVER_KEY`, `MIDTRANS_CLIENT_KEY`, dan `MIDTRANS_MERCHANT_ID` dari Midtrans Dashboard.
+- `MIDTRANS_ENV=sandbox` untuk sandbox key, atau `MIDTRANS_ENV=production` untuk production key.
+
 Sebelum menjalankan command Prisma atau backend secara manual, export env ke shell aktif:
 
 ```bash
@@ -292,7 +301,31 @@ Mapping internal saat ini:
 - `template_category_update` -> `template.updated`
 - `account_update` -> `account.updated`
 
-## 12. Urutan test live yang saya sarankan
+## 12. Data Midtrans yang harus Anda masukkan
+
+Di Midtrans Dashboard, set notification URL:
+
+```text
+https://portal.bizone.id/api/wallet/midtrans/notification
+```
+
+Payment channel yang disarankan untuk wallet top up:
+
+- GoPay/QRIS
+- ShopeePay
+- Bank Transfer / Virtual Account
+- Credit Card
+
+Env aplikasi:
+
+```dotenv
+MIDTRANS_ENV=sandbox
+MIDTRANS_ALLOWED_PAYMENT_TYPES=gopay,shopeepay,bank_transfer,credit_card
+```
+
+Gunakan `MIDTRANS_ENV=production` hanya jika key yang dipasang adalah production key.
+
+## 13. Urutan test live yang saya sarankan
 
 1. Pastikan `https://portal.bizone.id/api/health` mengembalikan `200`.
 2. Coba buka `https://portal.bizone.id`.
@@ -303,8 +336,11 @@ Mapping internal saat ini:
 7. Pastikan inbound message masuk ke inbox conversation.
 8. Balas dari dashboard bila access token dan `phoneNumberId` sudah terisi.
 9. Cek status `sent`, `delivered`, `read`, atau `failed` kembali masuk lewat webhook.
+10. Buat top up wallet dari `Dashboard > Wallet`.
+11. Selesaikan pembayaran sandbox Midtrans.
+12. Pastikan notification Midtrans mengubah payment order menjadi `paid` dan saldo wallet bertambah.
 
-## 13. Command update deploy berikutnya
+## 14. Command update deploy berikutnya
 
 Setelah ada perubahan code:
 
@@ -327,7 +363,7 @@ git config user.name "Wira Irawan"
 git config user.email "wira.irawan@gmail.com"
 ```
 
-## 14. Smoke check minimal
+## 15. Smoke check minimal
 
 ```bash
 curl https://portal.bizone.id/api/health
@@ -336,19 +372,3 @@ sudo systemctl is-active bizone-backend
 sudo systemctl is-active bizone-frontend
 docker compose -f /srv/bizone-web/deploy/debian12/docker-compose.infra.yml ps
 ```
-##+Q&xN$86LbSA<av<
-Ganti `NEXT_PUBLIC_API_URL` production menjadi:
-
-```dotenv
-NEXT_PUBLIC_API_URL=https://portal.bizone.id/backend-api
-```
-
-Ini penting agar frontend server-side berbicara ke backend asli, sementara browser tetap bisa memakai route handler Next.js di `/api/*`.
-
-Tambahkan juga:
-
-```dotenv
-INTERNAL_API_URL=http://127.0.0.1:3001/api
-```
-
-`INTERNAL_API_URL` dipakai oleh server-side frontend, middleware, dan server actions untuk langsung memanggil backend internal tanpa lewat reverse proxy publik.

deploy/debian12/app.env.example

@@ -1,6 +1,6 @@
 NODE_ENV=production
 
-DATABASE_URL=postgresql://bizone:%2BQ%26xN%2486LbSA%3Cav%3C@127.0.0.1:5432/wa_dashboard
+DATABASE_URL=postgresql://bizone:replace-with-url-encoded-db-password@127.0.0.1:5432/wa_dashboard
 REDIS_URL=redis://127.0.0.1:6379
 
 PORT=3001
@@ -9,22 +9,22 @@ PUBLIC_API_URL=https://portal.bizone.id
 INTERNAL_API_URL=http://127.0.0.1:3001/api
 NEXT_PUBLIC_API_URL=https://portal.bizone.id/backend-api
 
-JWT_SECRET=UsmlPBa61fKDgTjUR+9sS9f5SKw3OF7X0CjGWoHibg2eF7gQO6sS57pc2Hj8XIv4
+JWT_SECRET=replace-with-32-plus-char-random-secret
 JWT_EXPIRES_IN=1d
-JWT_REFRESH_SECRET=mH50eOHDoJu3Ay6KQPt1IRdI9yED5P1sajq7LamFhiCRs51kcJvsg4azdjf8eq2W
+JWT_REFRESH_SECRET=replace-with-32-plus-char-random-refresh-secret
 JWT_REFRESH_EXPIRES_IN=30d
 
-WEBHOOK_VERIFY_TOKEN=iUFaqbqv98giFiYHGl1vcVQZRWGFKBHuewMZiHXufYU30uWE+TlC27pn/Ln2vtis
-WEBHOOK_SHARED_SECRET=CPK2/u9Gb/1pcsJL/jGbZA1N+ohEuL3l3T8mxZuyI4cIZtqnKW8QIfyguGD+nMMa
-META_WEBHOOK_APP_SECRET=4de4f2a4b0c1b46cc45364fdc6c4a773
+WEBHOOK_VERIFY_TOKEN=replace-with-32-plus-char-random-token
+WEBHOOK_SHARED_SECRET=replace-with-32-plus-char-random-secret
+META_WEBHOOK_APP_SECRET=replace-with-real-meta-app-secret
 WEBHOOK_ALLOW_UNSIGNED=false
 
 MAIL_HOST=mail.bizone.id
 MAIL_PORT=465
 MAIL_SECURE=true
 MAIL_USER=no-reply@bizone.id
-MAIL_PASSWORD=62FwN86$3Y~#utQ@
-MAIL_FROM=Bizone Portal <no-reply@bizone.id>
+MAIL_PASSWORD=replace-with-real-smtp-password
+MAIL_FROM=BizOne Portal <no-reply@bizone.id>
 
 AUTH_LOGIN_MAX_ATTEMPTS=5
 AUTH_LOGIN_WINDOW_MINUTES=15
@@ -32,3 +32,9 @@ AUTH_2FA_MAX_ATTEMPTS=5
 AUTH_2FA_WINDOW_MINUTES=10
 AUTH_PASSWORD_RESET_MAX_ATTEMPTS=3
 AUTH_PASSWORD_RESET_WINDOW_MINUTES=30
+
+MIDTRANS_ENV=sandbox
+MIDTRANS_SERVER_KEY=replace-with-real-midtrans-server-key
+MIDTRANS_CLIENT_KEY=replace-with-real-midtrans-client-key
+MIDTRANS_MERCHANT_ID=replace-with-real-midtrans-merchant-id
+MIDTRANS_ALLOWED_PAYMENT_TYPES=gopay,shopeepay,bank_transfer,credit_card

deploy/debian12/nginx.portal.bizone.id.conf

@@ -5,6 +5,11 @@ server {
 
     client_max_body_size 20m;
 
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
+    add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
+
     location = /api/health {
         proxy_pass http://127.0.0.1:3001/api/health;
         proxy_http_version 1.1;
@@ -23,6 +28,15 @@ server {
         proxy_set_header X-Forwarded-Proto $scheme;
     }
 
+    location /api/wallet/midtrans/ {
+        proxy_pass http://127.0.0.1:3001/api/wallet/midtrans/;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
     location /backend-api/ {
         proxy_pass http://127.0.0.1:3001/api/;
         proxy_http_version 1.1;