dbis_core/.env.example

# DBIS Core - Environment Variables
# Copy to .env and set values. Do not commit .env.
# See: reports/API_KEYS_REQUIRED.md for sign-up URLs

# ----------------------------------------------------------------------------
# API / Server
# ----------------------------------------------------------------------------
# PORT=3000
# NODE_ENV=development

# ----------------------------------------------------------------------------
# Alerts & Monitoring (alert.service)
# ----------------------------------------------------------------------------
SLACK_WEBHOOK_URL=
PAGERDUTY_INTEGRATION_KEY=
EMAIL_ALERT_API_URL=
EMAIL_ALERT_RECIPIENTS=

# ----------------------------------------------------------------------------
# OTC (Crypto.com)
# ----------------------------------------------------------------------------
CRYPTO_COM_API_KEY=
CRYPTO_COM_API_SECRET=

# ----------------------------------------------------------------------------
# API behind reverse proxy (rate limits, logging)
# TRUST_PROXY=1
# TRUST_PROXY_HOPS=1
# When TRUST_PROXY=1, Express uses this hop count (default 1, max 10). Usually **1**: Node sees
# one reverse proxy peer (NPM or the Phoenix API hub). Raise only if another proxy terminates
# TCP in series before dbis_core (rare); validate client IP / rate limits after changing.

# ----------------------------------------------------------------------------
# IRU marketplace — rate limits (optional; sensible defaults in code)
# With TRUST_PROXY=1, limits key on real client IP from X-Forwarded-For.
# IRU_MARKETPLACE_INQUIRY_WINDOW_MS=900000
# IRU_MARKETPLACE_INQUIRY_MAX=10
# IRU_MARKETPLACE_PUBLIC_WINDOW_MS=60000
# IRU_MARKETPLACE_PUBLIC_MAX=200
# Jest disables limits when IRU_MARKETPLACE_RATE_LIMIT_IN_TEST=1 (set in tests only)

# ----------------------------------------------------------------------------
# IRU / marketplace email (notification.service)
# Default provider is SMTP (EMAIL_PROVIDER=smtp). On Proxmox LAN use the Mail Proxy VM:
#   VMID 100 — 192.168.11.32 (hostname proxmox-mail-gateway) — ports 25, 587, 465
#   See: proxmox repo docs/04-configuration/ALL_VMIDS_ENDPOINTS.md (Mail Proxy note)
# EMAIL_PROVIDER=smtp
# SMTP_HOST=192.168.11.32
# SMTP_PORT=587
# SMTP_SECURE=false
# Lab relay with private CA: SMTP_TLS_REJECT_UNAUTHORIZED=false
# SMTP_USER=
# SMTP_PASSWORD=
# EMAIL_FROM=noreply@yourdomain.tld
# EMAIL_FROM_NAME=SolaceNet
# DBIS_SALES_EMAIL=sales@yourdomain.tld
# Or: EMAIL_PROVIDER=sendgrid | ses (set EMAIL_API_KEY / AWS creds per integration)

# ----------------------------------------------------------------------------
# SolaceNet — gateway rails (optional enforcement)
# ----------------------------------------------------------------------------
# When 1|true, POST/GET rail adapter endpoints require capability gateway-microservices.
# SOLACENET_GATEWAY_RAILS_ENFORCE=0
# Tenant for policy checks if not in x-tenant-id / body.tenantId:
# SOLACENET_DEFAULT_TENANT_ID=system
# Optional NDJSON audit file for allow/deny (create directory; rotate externally):
# SOLACENET_GATEWAY_AUDIT_LOG_PATH=/var/log/dbis/gateway-rails-audit.ndjson
# POST .../rails/:id/validate|receive — extra per-IP limit (default 120/min):
# GATEWAY_RAIL_MUTATE_WINDOW_MS=60000
# GATEWAY_RAIL_MUTATE_MAX=120
# Jest / integration: disable rail mutate limiter
# GATEWAY_RAIL_RATE_LIMIT_IN_TEST=1
# MQ consumers: queue prefix for SolaceNet gateway guard (see gateway-mq-wrap.ts)
# SOLACENET_GATEWAY_MQ_QUEUE_PREFIX=dbis.gateway.
# Gateway outbox worker (npm run worker:gateway-outbox)
# GATEWAY_OUTBOX_BATCH_SIZE=25
# GATEWAY_OUTBOX_MAX_ATTEMPTS=10

# ----------------------------------------------------------------------------
# Other (add as needed from dbis_core code)
# ----------------------------------------------------------------------------
CHAIN138_RPC_URL=https://rpc-core.d-bis.org
# ADMIN_CENTRAL_API_KEY=
# VAULT_ROOT_TOKEN=
# etc.