46 lines
1.9 KiB
Plaintext
46 lines
1.9 KiB
Plaintext
# ── Vault (AppRole) ────────────────────────────────────────────────
|
|
VAULT_ADDR=
|
|
VAULT_ROLE_ID=
|
|
VAULT_SECRET_ID=
|
|
VAULT_MOUNT_POINT=dev-secrets
|
|
VAULT_SECRET_PATH=database
|
|
VAULT_JWT_KID_PATH=jwt/kid
|
|
VAULT_JWT_KIDS_PREFIX=jwt/kids
|
|
|
|
# CSRF загружается если указан путь (оставь пустым чтобы отключить CSRF)
|
|
VAULT_CSRF_PATH=
|
|
|
|
# ── JWT ────────────────────────────────────────────────────────────
|
|
# Allowed: RS256 / RS384 / RS512 / ES256 / ES384 / ES512 / EdDSA / PS256 / PS384 / PS512
|
|
JWT_ALGORITHM=RS256
|
|
JWT_ISSUER=auth-service
|
|
JWT_AUDIENCE=elcsa
|
|
|
|
# ── Server ─────────────────────────────────────────────────────────
|
|
API_PORT=3001
|
|
LOG_LEVEL=INFO
|
|
|
|
# ── CORS ────────────────────────────────────────────────────────────
|
|
# Comma-separated list of allowed origins. ПУСТО = no cross-origin.
|
|
# Никогда не используй wildcard *
|
|
CORS_ORIGINS=
|
|
CORS_ALLOW_CREDENTIALS=true
|
|
|
|
# ── External API keys (optional, fallback if Vault doesn't provide) ─
|
|
RELAY_API_KEY=
|
|
TRON_API_KEY=
|
|
JUPITER_API_KEY=
|
|
JUPITER_REFERRAL_ACCOUNT=
|
|
JUPITER_FEE_BPS=70
|
|
|
|
# ── Block explorers (optional, для tx history) ─────────────────────
|
|
ETHERSCAN_API_KEY=
|
|
BSCSCAN_API_KEY=
|
|
|
|
# ── DB fallback (если Vault недоступен при старте) ─────────────────
|
|
DB_HOST=
|
|
DB_PORT=5432
|
|
DB_USER=
|
|
DB_PASSWORD=
|
|
DB_NAME=
|