sample-full.env

######## ---------------------- DOCKER COMPOSE PROFILES ---------------------- ########

# Compose Profiles - see [README](README.md#docker-profiles) and sections below for more information
# There are a number of profiles available to start up groups of services. 
# Additionally, each individual service in this project can be started by specifying its service name as a profile.
# The currently available profile groups are listed below. 
# basic, webapp, mongo_full, kafka_full, intersection, intersection_no_api, conflictmonitor, addons, obu_ota, kafka_connect_standalone
COMPOSE_PROFILES=basic,webapp,mongo_full,kafka_full,intersection,kafka_connect_standalone


######## -------- Required Variables
# run 'ifconfig' in wsl
DOCKER_HOST_IP=

# Mapbox token for map rendering in the webapp
MAPBOX_TOKEN=

# GitHub Token (Required for Intersection API) - See services/intersection-api/README.md#github-token for steps to generate
MAVEN_GITHUB_TOKEN=


######## -------- General Variables - Apply to All Profiles
KEYCLOAK_DOMAIN=${DOCKER_HOST_IP}
KEYCLOAK_ENDPOINT=http://${KEYCLOAK_DOMAIN}:8084

WEBAPP_DOMAIN=localhost
WEBAPP_PORT=3000
WEBAPP_ENDPOINT=http://${WEBAPP_DOMAIN}:${WEBAPP_PORT}

API_DOMAIN=${DOCKER_HOST_IP}
API_ENDPOINT=http://${API_DOMAIN}:8081

# Remote dockerhub variables for ODE and ConflictMonitor images
DOCKERHUB_HOST=usdotjpoode
DOCKERHUB_RELEASE=2025-q2

# Logging Levels - "DEBUG", "INFO", "WARNING", "ERROR"
API_LOGGING_LEVEL="INFO"
FIRMWARE_MANAGER_LOGGING_LEVEL="INFO"
GEO_LOGGING_LEVEL="INFO"
ISS_LOGGING_LEVEL="INFO"
RSU_STATUS_LOGGING_LEVEL="INFO"
COUNTS_LOGGING_LEVEL="INFO"
OBU_OTA_LOGGING_LEVEL="INFO"

# Also includes "ALL", "FATAL", "OFF", "TRACE" and "WARN"
KC_LOG_LEVEL="INFO"

# Feature Flags
ENABLE_RSU_FEATURES='true' # 'false' to disable
ENABLE_INTERSECTION_FEATURES='true' # 'false' to disable
ENABLE_WZDX_FEATURES='true' # 'false' to disable
ENABLE_HAAS_FEATURES='true' # 'false' to disable


######## -------- "basic" Docker Profile Services
# Run critical cvmanager services
# Requires: None
# Compose file: docker-compose.yml
# Services:
# - cvmanager_api
#   - Python backend api for webapp
# - cvmanager_postgres
#   - Postgres database for cvmanager data and backing database for keycloak instance
# - cvmanager_keycloak
#   - Keycloak instance for user authentication and authorization of webapp and api requests

#### ---- cvmanager_keycloak
# Keycloak authentication credentials
KEYCLOAK_ADMIN=admin
KEYCLOAK_ADMIN_PASSWORD=admin

# Keycloak Parameters - to generate secret key use a password generator such as: https://www.avast.com/en-us/random-password-generator#pc and set the length to 32
KEYCLOAK_REALM=cvmanager
KEYCLOAK_GUI_CLIENT_ID=cvmanager-gui
KEYCLOAK_API_CLIENT_ID=cvmanager-api
KEYCLOAK_API_CLIENT_SECRET_KEY=w8zpoArUwIVN6TSDY5WQgX9TlVAgH9OF
KEYCLOAK_LOGIN_THEME_NAME=sample_theme

# GCP OAuth2.0 client ID for SSO authentication in keycloak - if not specified the google SSO will not be functional
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=

#### ---- cvmanager_postgres

# PostgreSQL Database connection information
# this value may need to follow with the webapp host if debugging the applications 
PG_DB_HOST=${DOCKER_HOST_IP}:5432
PG_DB_NAME=postgres
PG_DB_USER=postgres
# If the PG_DB_PASS variable has special characters, make sure to wrap it in single quotes
PG_DB_PASS=postgres

#### ---- cvmanager_api

# Allowed CORS domain for accessing the CV Manager API from (set to the web application hostname)
# Make sure to include http:// or https://
# If using docker then this value should be set to: http://${WEBAPP_HOST_IP}:3000
# If running the webapp using npm then set it to: http://localhost:3000
# Leave as * to allow all domains access
CORS_DOMAIN=*

# Set these variables if using either "MONGODB" or "BIGQUERY" for COUNT_DESTINATION_DB of jpo_count_metric
MONGO_PROCESSED_BSM_COLLECTION_NAME='ProcessedBsm'
MONGO_PROCESSED_PSM_COLLECTION_NAME='ProcessedPsm'
MONGO_SSM_COLLECTION_NAME=
MONGO_SRM_COLLECTION_NAME=

# Specifies the maximum number of V2X messages returned from the geo_query_geo_data_mongo method before filtering occurs
MAX_GEO_QUERY_RECORDS=

# If running firmware manager addon
FIRMWARE_MANAGER_ENDPOINT=http://${DOCKER_HOST_IP}:8089

# If connecting to PGDB over websocket:
INSTANCE_CONNECTION_NAME=

# Python timezone for the CV Manager (You can list pytz timezones with the command 'pytz.all_timezones')
TIMEZONE="US/Mountain"

# WZDx API key and endpoint for pulling WZDx data into the CV Manager
WZDX_API_KEY=
WZDX_ENDPOINT=data.cotrip.org

# Error Email Configuration (proxied email sending through the intersection api)
IAPI_ENDPOINT=http://${DOCKER_HOST_IP}:8089
KEYCLOAK_SA_PYTHON_API_CLIENT_ID=sa_cvmanager_python_api
KEYCLOAK_SA_PYTHON_API_CLIENT_SECRET_KEY=sa-python-api-secret-key

# Error Email Contact Configuration
LOGS_LINK= #URL to logs for api, included in error email. Example: https://console.cloud.google.com/run/detail/us-central1/rsu-manager-cloud-run-api/logs?authuser=1&project=cdot-oim-cv-dev
ENVIRONMENT_NAME= #Environment name, just to display in email. Example: cdot-oim-cv-dev

######## -------- "webapp" Docker Profile Services
# Run webapp service for cvmanager
# Requires: basic
# Compose file: docker-compose.yml
# cvmanager_webapp
# - React frontend for cvmanager

# Mapbox token for map rendering in the webapp
MAPBOX_TOKEN=

# DOT_NAME must be set for the DOT name to correctly populate when building an image for deployment
DOT_NAME="CDOT"

# Initial map viewport
MAPBOX_INIT_LATITUDE="39.7392"
MAPBOX_INIT_LONGITUDE="-104.9903"
MAPBOX_INIT_ZOOM="10"

VIEWER_MSG_TYPES='BSM'

# Both MUST not have trailing slashes
CVIZ_API_SERVER_URL=http://${DOCKER_HOST_IP}:8089
CVIZ_API_WS_URL=ws://${DOCKER_HOST_IP}:8089

# Webapp themes: dark
# base theme is used by default, dark theme is used if browser is set to dark mode
WEBAPP_THEME_LIGHT="dark" # if not set, defaults to 'dark'
WEBAPP_THEME_DARK="dark" # if not set, defaults to 'dark'

# Webapp logo to use, imported into docker image as volume. Set the full path to the image, for light and dark mode
WEBAPP_LOGO_PNG_ROOT_FILE_PATH_LIGHT=./webapp/cdot_icon.png
WEBAPP_LOGO_PNG_ROOT_FILE_PATH_DARK=./webapp/cdot_icon.png


######## -------- "intersection" Docker Profile Services
# Run connected intersection services
# Requires: basic
# Compose file: docker-compose-intersection.yml
# Services:
# - kafka
#   - Message broker for communication between conflictmonitor intersection services
# - kafka_init
#   - Initialize kafka topics, then die
# - intersection_api
#   - Java backend api for intersection/conflictmonitor services
# - mongodb_container
#   - MongoDB database for intersection/conflictmonitor data

#### ---- intersection_api

# GitHub Token (Required for Intersection API) - See services/intersection-api/README.md#github-token for steps to generate
MAVEN_GITHUB_TOKEN=
MAVEN_GITHUB_ORG=usdot-jpo-ode

#Specify MongoDB connection parameters
DB_HOST_IP=${DOCKER_HOST_IP}
DB_HOST_PORT=27017

KAFKA_BOOTSTRAP_SERVERS=${DOCKER_HOST_IP}:9092
KAFKA_BROKER_PORT=9092

CM_MAXIMUM_RESPONSE_SIZE=10000

CM_SERVER_URL=http://${DOCKER_HOST_IP}:8082
KAFKA_BROKER_IP=${DOCKER_HOST_IP}

# Startup delay of intersection_api, to wait for kafka topics to be created by kafka_init
CM_STARTUP_DELAY_SECONDS=90

# Enable or Disable Features of the Intersection API, for rest endpoints, notification emailer task, and report generation task
INTERSECTION_API_ENABLE_API=true
INTERSECTION_API_ENABLE_EMAILER=true
INTERSECTION_API_ENABLE_REPORTS=true
INTERSECTION_API_ENABLE_HAAS=true

# Base Path Prefix - Insert the following path into the base route of all REST endpoints in the Intersection API, used for simplifying proxy routing
# Routes MUST start with a slash
INTERSECTION_API_ROUTE_PREFIX="/"

# Email Configuration
INTERSECTION_EMAIL_BROKER="" # sendgrid, postmark, anything else will use generic SMTP mail server
INTERSECTION_SENDER_EMAIL=

# if EMAIL_BROKER is SMTP:
INTERSECTION_SMTP_SERVER_HOST=smtp4dev
INTERSECTION_SMTP_SERVER_PORT=25
INTERSECTION_SMTP_USERNAME=admin
INTERSECTION_SMTP_PASSWORD=password
INTERSECTION_SMTP_AUTH_ENABLED=true
INTERSECTION_SMTP_STARTTLS_ENABLED=false

# if EMAIL_BROKER="sendgrid":
SENDGRID_USERNAME=
SENDGRID_PASSWORD=

# if EMAIL_BROKER="postmark":
POSTMARK_SERVER_TOKEN=

#### ---- mongodb_container

# The username and password to use for accessing mongoDB.
MONGO_READ_WRITE_USER=ode
MONGO_READ_WRITE_PASS=replace_me

# Generate a random string for the MongoDB keyfile using the following command:
# $ openssl rand -base64 32
MONGO_DB_KEYFILE_STRING=replacethisstring

CM_DATABASE_NAME=CV
MONGO_DATA_RETENTION_SECONDS=31536000 # 1 year
MONGO_DATABASE_MAX_TTL_RETENTION_SECONDS=31536000 # 1 year
# if set to nothing, the import will be skipped
MONGO_SAMPLE_DATA_RELATIVE_PATH=../resources/mongodumps/dump_2025_07_21

MONGO_DB_URI="mongodb://${MONGO_READ_WRITE_USER}:${MONGO_READ_WRITE_PASS}@${DB_HOST_IP}:${DB_HOST_PORT}/?directConnection=true&authSource=admin"
MONGO_DB_NAME=${CM_DATABASE_NAME}


######## -------- "ADM" Docker Profile Services
ADM_LOG_TO_FILE=false
ADM_LOG_TO_CONSOLE=true
ADM_LOG_LEVEL=INFO


######## -------- "AEM" Docker Profile Services
AEM_LOG_TO_FILE=false
AEM_LOG_TO_CONSOLE=true
AEM_LOG_LEVEL=INFO


######## -------- "intersection_no_api" Docker Profile Services
# Run connected intersection services without intersection_api
# Requires: basic
# Compose file: docker-compose-intersection.yml
# Services:
# - kafka
#   - Message broker for communication between conflictmonitor intersection services
# - kafka_init
#   - Initialize kafka topics, then die
# - mongodb_container
#   - MongoDB database for intersection/conflictmonitor data

# No additional variables - see intersection variables

######## -------- "conflictmonitor" Docker Profile Services
# Run connected conflictmonitor services
# Requires: basic, intersection | intersection_no_api
# Compose file: docker-compose-conflictmonitor.yml
# Services:
# - conflictmonitor
#   - Java-based kafka streaming service, generates events, assessments, and notifications from intersection data
# - ode
#   - Java-based kafka streaming service, processes raw J2735 messages
# - geojsonconverter
#   - Java-based kafka streaming service, generates enhanced geojson-based messages
# - connect
#   - Kafka connect service, backs up data on kafka topics to MongoDB

#### ---- conflictmonitor
RESTART_POLICY="on-failure:3"

# RocksDB Bounded Memory Config Properties
# 128 MB = 134217728
# 64 MB = 67108864
# 16 MB = 16777216
ROCKSDB_TOTAL_OFF_HEAP_MEMORY=134217728
ROCKSDB_INDEX_FILTER_BLOCK_RATIO=0.1
ROCKSDB_TOTAL_MEMTABLE_MEMORY=67108864
ROCKSDB_BLOCK_SIZE=4096
ROCKSDB_N_MEMTABLES=2
ROCKSDB_MEMTABLE_SIZE=16777216

######## -------- "deduplicator" Docker Profile services
KAFKA_TOPIC_CREATE_DEDUPLICATOR=true
CONNECT_CREATE_DEDUPLICATOR=true

#### ---- connect
CONNECT_URL=http://${DOCKER_HOST_IP}:8083

######## -------- "addons" Docker Profile Services
# Run all cvmanager helper microservices
# Requires: None
# Compose file: docker-compose-addons.yml
# Services: jpo_count_metric, rsu_status_check, jpo_iss_health_check, firmware_manager_upgrade_scheduler, firmware_manager_upgrade_runner
# - jpo_count_metric
#   - Generates counts emails for various data types ("BSM", "TIM", "Map", "SPaT", "SRM", "SSM"). Can store in MongoDB or BigQuery
# - rsu_status_check
#   - Checks status of RSUs and stores in Postgres
# - jpo_iss_health_check
#   - Retrieves ISS health into and stores in Postgres
# - firmware_manager_upgrade_scheduler
#   - Compares RSU firmware versions with Postgres and schedules firmware_manager_upgrade_runner
# - firmware_manager_upgrade_runner
#   - Completes RSU firmware upgrades

#### ---- jpo_count_metric

# Count Metric Addon:
ENABLE_EMAILER='True'

# If ENABLE_EMAILER is 'True', set the following environment variables
DEPLOYMENT_TITLE='JPO-ODE'

# IAPI_ENDPOINT not set here to avoid duplication
KEYCLOAK_SA_COUNT_METRIC_CLIENT_ID=sa_count_metric
KEYCLOAK_SA_COUNT_METRIC_CLIENT_SECRET_KEY=sa-count-metric-secret-key

# If ENABLE_EMAILER is 'False', set the following environment variables
ODE_KAFKA_BROKERS=${DOCKER_HOST_IP}:9092

# EITHER "MONGODB" or "BIGQUERY"
COUNT_DESTINATION_DB='MONGODB'

# MONGODB REQUIRED VARIABLES
INPUT_COUNTS_MONGO_COLLECTION_NAME=''
OUTPUT_COUNTS_MONGO_COLLECTION_NAME=''

KAFKA_BIGQUERY_TABLENAME=

#### ---- rsu_status_check

# Services that can be toggled on or off
# 'True' or 'False' are the only legal values

# Toggles monitoring of RSU online status
RSU_PING=True

# Fetches ping data from Zabbix - alternatively the service will ping the RSUs on its own
# Only used when RSU_PING is 'True'
ZABBIX=False

# Fetches SNMP configuration data for all RSUs
RSU_MSGFWD_FETCH=True
RSU_SECURITY_FETCH=True
RSU_HEALTH_FETCH=True

# Zabbix endpoint and API authentication
# Only used when ZABBIX is 'True'
ZABBIX_ENDPOINT=
ZABBIX_USER=
ZABBIX_PASSWORD=

# Customize the period at which the purger will determine a ping log is too old and will be deleted
# Number of hours
STALE_PERIOD=24

#### ---- jpo_iss_health_check

# Key Storage
## Type of key storage, options: gcp, postgres
STORAGE_TYPE=Postgres

# If STORAGE_TYPE=gcp
GOOGLE_ACCESS_KEY_NAME=sample_gcp_service_account.json
GCP_PROJECT_ID=

# ISS Account Authentication
ISS_API_KEY=
ISS_API_KEY_NAME=
ISS_PROJECT_ID=
ISS_SCMS_TOKEN_REST_ENDPOINT=
ISS_SCMS_VEHICLE_REST_ENDPOINT=

## Postgres Storage (Required if STORAGE_TYPE=postgres)
### Table name to store keys
ISS_KEY_TABLE_NAME=

#### ---- firmware_manager_upgrade_runner

BLOB_STORAGE_PROVIDER=DOCKER
BLOB_STORAGE_BUCKET=

## Docker volume mount point for BLOB storage (if using Docker)
HOST_BLOB_STORAGE_DIRECTORY=./local_blob_storage

## Maximum retry limit for performing firmware upgrades
FW_UPGRADE_MAX_RETRY_LIMIT=3

FIRMWARE_MANAGER_UPGRADE_SCHEDULER_ENDPOINT=http://${DOCKER_HOST_IP}:8089

#### ---- firmware_manager_upgrade_scheduler

FIRMWARE_MANAGER_UPGRADE_RUNNER_ENDPOINT=http://${DOCKER_HOST_IP}:8090

# IAPI_ENDPOINT not set here to avoid duplication
KEYCLOAK_SA_FIRMWARE_UPGRADE_RUNNER_CLIENT_ID=sa_firmware_upgrade_runner
KEYCLOAK_SA_FIRMWARE_UPGRADE_RUNNER_CLIENT_SECRET_KEY=sa-firmware-upgrade-runner-secret-key

######## -------- "obu_ota" Docker Profile Services
# Run OBU over-the-air update microservices
# Requires: None
# Compose file: docker-compose-obu-ota-server.yml
# Services: jpo_ota_backend, jpo_ota_nginx
# - jpo_ota_backend
#   - Over-the-air update microservice for OBUs
# - jpo_ota_nginx
#   - NGINX proxy for OBU OTA backend


#### ---- jpo_ota_backend

# Route-able hostname for the server
OBU_OTA_SERVER_HOST={DOCKER_HOST_IP}

# For users using GCP cloud storage
OBU_OTA_BLOB_STORAGE_BUCKET=
OBU_OTA_BLOB_STORAGE_PATH=

# Nginx basic auth username and password
OTA_USERNAME="admin"
OTA_PASSWORD="admin"

# Max number of successful firmware upgrades to keep in the database per device SN
MAX_COUNT=10

# Nginx encryption options: "plain", "ssl"
# Note that this just changes the config file attached as a volume to the Nginx container
NGINX_ENCRYPTION="plain"

#### ---- jpo_ota_nginx

# SSL file name in path /docker/nginx/ssl/
SERVER_CERT_FILE="ota_server.crt"
SERVER_KEY_FILE="ota_server.key"