# CryptoWallet API deploy env.
# Copy to .env on server and fill real values before docker compose up.

# REQUIRED. API will not start without Vault AppRole.
VAULT_ADDR=https://corp.vault.elcsa.ru
VAULT_ROLE_ID=
VAULT_SECRET_ID=
VAULT_MOUNT_POINT=dev-secrets
VAULT_SECRET_PATH=database
VAULT_JWT_KID_PATH=jwt/kid
VAULT_JWT_KIDS_PREFIX=jwt/kids
VAULT_CSRF_PATH=csrf
VAULT_CRYPTO_KEY_PATH=crypto/master

JWT_ALGORITHM=RS256
JWT_ISSUER=bitok
JWT_AUDIENCE=elcsa

API_PORT=3001
LOG_LEVEL=INFO

# Production: replace * with exact frontend origins.
CORS_ORIGINS=*
CORS_ALLOW_CREDENTIALS=false

REDIS_HOST=keydb
REDIS_PORT=6379
REDIS_PASSWORD=
REDIS_DB=0

COINGECKO_API_KEY=
RELAY_API_KEY=
TRON_API_KEY=
JUPITER_API_KEY=
JUPITER_REFERRAL_ACCOUNT=
JUPITER_FEE_BPS=70

# Optional outbound proxy for RPC / swap / bridge calls.
OUTBOUND_PROXY_URL=