forked from LFGBanditLabs/Quipay
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy path.env.example
More file actions
187 lines (127 loc) · 7.43 KB
/
.env.example
File metadata and controls
187 lines (127 loc) · 7.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# The environment to use `development`, `testing`, `staging`, `production`
STELLAR_SCAFFOLD_ENV=development
# Location of the config files for this project for the scaffold stellar CLI.
# Learn more at https://developers.stellar.org/docs/tools/cli/stellar-cli#stellar-config-dir
XDG_CONFIG_HOME=".config"
# Prefix with "PUBLIC_" to make available in frontend files
# Which Stellar network to use in the frontend: local, testnet, futurenet, or mainnet
# More on Stellar networks: https://developers.stellar.org/docs/networks
PUBLIC_STELLAR_NETWORK="LOCAL"
# The Stellar network passphrase, this is local
PUBLIC_STELLAR_NETWORK_PASSPHRASE="Standalone Network ; February 2017"
# The Stellar network RPC URL. this is local
PUBLIC_STELLAR_RPC_URL="http://localhost:8000/rpc"
# The Stellar Horizon URL. this is local
PUBLIC_STELLAR_HORIZON_URL="http://localhost:8000"
# Canonical site URL used for absolute canonical/OG URLs in metadata.
# This can be PUBLIC_SITE_URL too, but VITE_SITE_URL is kept for compatibility.
VITE_SITE_URL="https://quipay.app"
# Backend API base URL used by the frontend (e.g. analytics hooks)
VITE_API_BASE_URL="http://localhost:3001"
# PUBLIC_STELLAR_NETWORK="TESTNET"
# PUBLIC_STELLAR_NETWORK_PASSPHRASE="Test SDF Network ; September 2015"
# PUBLIC_STELLAR_RPC_URL="https://soroban-testnet.stellar.org"
# PUBLIC_STELLAR_HORIZON_URL="https://horizon-testnet.stellar.org"
# PUBLIC_STELLAR_NETWORK="MAINNET"
# PUBLIC_STELLAR_NETWORK_PASSPHRASE="Public Global Stellar Network ; September 2015"
# PUBLIC_STELLAR_RPC_URL=
# PUBLIC_STELLAR_HORIZON_URL=
# ─── Soroban Contract IDs ────────────────────────────────────────────────────
# WorkforceRegistry contract address (deployed on your chosen network)
VITE_WORKFORCE_REGISTRY_CONTRACT_ID=
# ─── Backend Configuration ───────────────────────────────────────────────────
# Backend server port
PORT=3001
# Database connection string (PostgreSQL)
DATABASE_URL=postgresql://user:password@localhost:5432/quipay
# Hot wallet account for transaction signing
HOT_WALLET_ACCOUNT=GAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
# ─── Treasury Monitoring ──────────────────────────────────────────────────────
# Minimum runway days before triggering alerts (default: 7)
TREASURY_RUNWAY_ALERT_DAYS=7
# How often to run the monitor cycle in milliseconds (default: 300000 = 5 minutes)
MONITOR_INTERVAL_MS=300000
# Optional bearer token for /monitor/status endpoint.
# If set, callers must send: Authorization: Bearer <MONITOR_STATUS_ADMIN_TOKEN>
MONITOR_STATUS_ADMIN_TOKEN=
# ─── Alert Configuration ──────────────────────────────────────────────────────
# Generic webhook URL for treasury alerts
ALERT_WEBHOOK_URL=https://your-webhook-url.com/alerts
# Enable email alerts (requires email service integration)
ALERT_EMAIL_ENABLED=false
# Enable Slack alerts
ALERT_SLACK_ENABLED=true
# Slack webhook URL for alerts
SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/WEBHOOK/URL
# ─── Audit Logging Configuration ──────────────────────────────────────────────
# Minimum log level: INFO, WARN, or ERROR (default: INFO)
LOG_LEVEL=INFO
# Enable async writes to database (default: true)
LOG_ASYNC_WRITES=true
# Maximum number of log entries to buffer in memory (default: 1000)
LOG_QUEUE_SIZE=1000
# How often to flush logs to database in milliseconds (default: 1000)
LOG_FLUSH_INTERVAL=1000
# Enable log rotation (default: true)
LOG_ROTATION_ENABLED=true
# Maximum log size before rotation in bytes (default: 1073741824 = 1GB)
LOG_MAX_SIZE=1073741824
# Number of days to retain archived logs (default: 90)
LOG_RETENTION_DAYS=90
# Enable compression of archived logs (default: true)
LOG_COMPRESSION=true
# Enable redaction of sensitive data (default: true)
LOG_REDACTION_ENABLED=true
# Comma-separated list of additional field names to redact
LOG_REDACT_FIELDS=
# Maximum time for a log write operation in milliseconds (default: 5)
LOG_MAX_WRITE_TIME=5
# Buffer size for batch writes (default: 100)
LOG_BUFFER_SIZE=100
# ─── IPFS / Pinata Configuration ─────────────────────────────────────────────
# JWT from https://app.pinata.cloud/keys — required for payroll proof pinning
PINATA_JWT=your_pinata_jwt_here
# Public IPFS gateway used to build download URLs (default: Pinata gateway)
PINATA_GATEWAY_URL=https://gateway.pinata.cloud
# ─── Hashicorp Vault Configuration ──────────────────────────────────────────────
# Vault server address (default: http://localhost:8200)
VAULT_ADDR=http://localhost:8200
# Vault authentication token (use AppRole in production)
VAULT_TOKEN=your_vault_token_here
# Path where keys are stored in Vault
VAULT_SECRET_PATH=quipay/keys
# Vault secret engine mount point (default: secret)
VAULT_MOUNT_POINT=secret
# ─── Key Rotation Configuration ───────────────────────────────────────────────
# How often to check for keys needing rotation in ms (default: 86400000 = 24 hours)
KEY_ROTATION_CHECK_INTERVAL_MS=86400000
# Number of days before keys should be rotated (default: 30)
KEY_ROTATION_PERIOD_DAYS=30
# Grace period in days after rotation deadline before alerting (default: 7)
KEY_ROTATION_GRACE_PERIOD_DAYS=7
# Enable key rotation scheduler (default: false)
KEY_ROTATION_ENABLED=false
# ─── Token Configuration ─────────────────────────────────────────────────────
# USDC token issuer address for the target Stellar network
PUBLIC_USDC_ISSUER=
# ─── Smoke Test / Admin Configuration ─────────────────────────────────────────
# Stellar secret key for smoke test scripts (admin account)
ADMIN_SECRET=
# Contract IDs for smoke test scripts
VAULT_CONTRACT_ID=
STREAM_CONTRACT_ID=
GATEWAY_CONTRACT_ID=
# ─── Email (SendGrid) Configuration ──────────────────────────────────────────
# SendGrid API key for payroll report emails
SENDGRID_API_KEY=
SENDGRID_FROM_EMAIL=noreply@quipay.com
# ─── Chat Integration Tokens ─────────────────────────────────────────────────
# Discord bot token and public key
DISCORD_BOT_TOKEN=
DISCORD_PUBLIC_KEY=
# Slack bot token and signing secret
SLACK_BOT_TOKEN=
SLACK_SIGNING_SECRET=
# ─── Redis Configuration ─────────────────────────────────────────────────────
# Redis URL for distributed rate limiting (optional — falls back to in-memory)
REDIS_URL=redis://localhost:6379