use correct config

config/prod.exs

@@ -1,15 +1,5 @@
 import Config
 
-# Force using SSL in production. This also sets the "strict-security-transport" header,
-# known as HSTS. If you have a health check endpoint, you may want to exclude it below.
-# Note `:force_ssl` is required to be set at compile-time.
-config :policy_service, PolicyServiceWeb.Endpoint,
-  force_ssl: [rewrite_on: [:x_forwarded_proto]],
-  exclude: [
-    # paths: ["/health"],
-    hosts: ["localhost", "127.0.0.1"]
-  ]
-
 # Do not print debug messages in production
 config :logger, level: :info
 

config/runtime.exs

@@ -34,18 +34,25 @@ if config_env() == :prod do
   maybe_ipv6 = if System.get_env("ECTO_IPV6") in ~w(true 1), do: [:inet6], else: []
 
   config :policy_service, PolicyService.Repo,
-    # ssl: true,
     url: database_url,
     pool_size: String.to_integer(System.get_env("POOL_SIZE") || "10"),
-    # For machines with several cores, consider starting multiple pools of `pool_size`
-    # pool_count: 4,
     socket_options: maybe_ipv6
 
-  # The secret key base is used to sign/encrypt cookies and other secrets.
-  # A default value is used in config/dev.exs and config/test.exs but you
-  # want to use a different value for prod and you most likely don't want
-  # to check this value into version control, so we use an environment
-  # variable instead.
+  pg_host = System.get_env("PG_HOST") || System.get_env("PG_host")
+  pg_port = System.get_env("PG_PORT") || System.get_env("PG_port", "5432")
+  pg_user = System.get_env("PG_USER") || System.get_env("PG_username")
+  pg_password = System.get_env("PG_PASSWORD") || System.get_env("PG_password")
+  pg_database = System.get_env("PG_DATABASE") || System.get_env("PG_dbname")
+
+  config :policy_service, PolicyService.EventStore,
+    serializer: Commanded.Serialization.JsonSerializer,
+    username: pg_user || raise("PG_USER or PG_username is required"),
+    password: pg_password || raise("PG_PASSWORD or PG_password is required"),
+    database: pg_database || raise("PG_DATABASE or PG_dbname is required"),
+    hostname: pg_host || raise("PG_HOST or PG_host is required"),
+    port: String.to_integer(pg_port || "5432"),
+    pool_size: 5
+
   secret_key_base =
     System.get_env("SECRET_KEY_BASE") ||
       raise """
@@ -58,45 +65,9 @@ if config_env() == :prod do
   config :policy_service, :dns_cluster_query, System.get_env("DNS_CLUSTER_QUERY")
 
   config :policy_service, PolicyServiceWeb.Endpoint,
-    url: [host: host, port: 443, scheme: "https"],
+    url: [host: host, port: 80, scheme: "http"],
     http: [
-      # Enable IPv6 and bind on all interfaces.
-      # Set it to  {0, 0, 0, 0, 0, 0, 0, 1} for local network only access.
-      # See the documentation on https://hexdocs.pm/bandit/Bandit.html#t:options/0
-      # for details about using IPv6 vs IPv4 and loopback vs public addresses.
       ip: {0, 0, 0, 0, 0, 0, 0, 0}
     ],
     secret_key_base: secret_key_base
-
-  # ## SSL Support
-  #
-  # To get SSL working, you will need to add the `https` key
-  # to your endpoint configuration:
-  #
-  #     config :policy_service, PolicyServiceWeb.Endpoint,
-  #       https: [
-  #         ...,
-  #         port: 443,
-  #         cipher_suite: :strong,
-  #         keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"),
-  #         certfile: System.get_env("SOME_APP_SSL_CERT_PATH")
-  #       ]
-  #
-  # The `cipher_suite` is set to `:strong` to support only the
-  # latest and more secure SSL ciphers. This means old browsers
-  # and clients may not be supported. You can set it to
-  # `:compatible` for wider support.
-  #
-  # `:keyfile` and `:certfile` expect an absolute path to the key
-  # and cert in disk or a relative path inside priv, for example
-  # "priv/ssl/server.key". For all supported SSL configuration
-  # options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1
-  #
-  # We also recommend setting `force_ssl` in your config/prod.exs,
-  # ensuring no data is ever sent via http, always redirecting to https:
-  #
-  #     config :policy_service, PolicyServiceWeb.Endpoint,
-  #       force_ssl: [hsts: true]
-  #
-  # Check `Plug.SSL` for all available options in `force_ssl`.
 end