From 25f020c245e798166d2d92fd7296adf9f82d10ec Mon Sep 17 00:00:00 2001 From: admin Date: Tue, 13 Jan 2026 13:45:45 +0000 Subject: [PATCH] Add sandbox/project.env --- sandbox/project.env | 866 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 866 insertions(+) create mode 100644 sandbox/project.env diff --git a/sandbox/project.env b/sandbox/project.env new file mode 100644 index 0000000..ff03959 --- /dev/null +++ b/sandbox/project.env @@ -0,0 +1,866 @@ +# disable mysql pre-check script +DISABLE_MYSQL_CHECK=1 + +# default nameless settings +NAMELESS_MODE=production +NAMELESS_CONFIG=/opt/project/configs/global.conf + +# perl proxy settings +PERL_LWP_SSL_VERIFY_HOSTNAME=0 +#PROXY RIGA +#HTTPS_PROXY=http://10.85.86.101:8888 +#PROXY AMS - 28342 +HTTPS_PROXY=http://10.95.84.106:8888 +NO_PROXY=ma-sbx.sandbox.walletto.eu,wlt-sbx-rtps-cb1-ams.wltsbxinner.walletto.eu,wlt-sbx-rtps-cb2-ams.wltsbxinner.walletto.eu,wlt-sbx-rtps-cb3-ams.wltsbxinner.walletto.eu,wlt-sbx-rtps-cb4-ams.wltsbxinner.walletto.eu,10.82.84.108,10.95.81.121,wlt-sbx-ssm-ams.wltsbxinner.walletto.eu,10.95.82.45,10.95.81.114,10.95.81.151,wlt-sbx-coinssm-ams.wltsbxinner.walletto.eu + +# backend session settings +ADMIN_SESSION_DOMAIN=site-api-admin.sandbox-bank.walletto.eu +ADMIN_SESSION_SECRET=kdj839kwjJwhd1KE + +INDIVIDUAL_CLIENT_SESSION_DOMAIN=site-api-i.sandbox-bank.walletto.eu +INDIVIDUAL_CLIENT_SESSION_SECRET=kzh3L7VuZLJ4X5Td + +# api settings +ADMIN_API_URL=https://site-api-admin.sandbox-bank.walletto.eu +ADMIN_API_PREFIX=/ +I_CLIENT_API_URL=https://site-api-i.sandbox-bank.walletto.eu +I_CLIENT_API_PREFIX=/ +I_CLIENT_API_SHOW_RESPONSE_OBJECT_MODE=true +I_CLIENT_API_TOTP_PROTECTION_ENABLED=true + + +#individual client settings +INDIVIDUAL_CLIENT_ALLOWED_USER_CLIENT_TYPES=person,company +INDIVIDUAL_CLIENT_CLIENT_TYPE_VERIFICATION_ENABLED=0 + +INDIVIDUAL_CLIENT_CERTIFICATE_CHECK=0 + +INDIVIDUAL_CLIENT_CLIENT_TOTP_ENABLED=1 +INDIVIDUAL_CLIENT_TOTP_TEST_MODE=0 +INDIVIDUAL_CLIENT_TOTP_LABEL=i-Bank +INDIVIDUAL_CLIENT_ENFORCE_TOTP_ACTIVATION=1 + +INDIVIDUAL_CLIENT_TOTP_SAME_PASSWORD_CHECK_ENABLED=1 +INDIVIDUAL_CLIENT_TOTP_SAME_PASSWORD_COOLDOWN_PERIOD=30s +INDIVIDUAL_CLIENT_TOTP_CHECK_DELAY_MS=1s +INDIVIDUAL_CLIENT_USER_REQUEST_SIGNATURE_LIFETIME=15m + +INDIVIDUAL_CLIENT_DEFAULT_CARD_DELIVERY_METHOD_CLIENT_DESCRIPTION=unknown + +# app settings +ENCRYPTOR_NAME=rest_gpg +ENCRYPTOR_KEY=gpg20241224-test@walletto.eu +ENCRYPTOR_PARTNER_NAME=rest_gpg + +ENCRYPTOR_REST_GPG_BASE_URL=https://wlt-sbx-coinssm-ams.wltsbxinner.walletto.eu:5543/ +ENCRYPTOR_REST_GPG_USERNAME= +ENCRYPTOR_REST_GPG_PASSWORD= +ENCRYPTOR_REST_GPG_CA_CERT=/run/secrets/rest_gpg_ca.crt + +ENCRYPTOR_CBC_IV=/run/secrets/card_iv.txt +ENCRYPTOR_CBC_QWE=/run/secrets/card_qwe.txt +ENCRYPTOR_CBC_ASD=/run/secrets/card_asd.txt + +APP_ENROLL_HINT_TEXT='EComm transaction' + +SESSION_SECURE=1 +APP_COOKIE_SECURE=1 + +# admin docs settings +APP_DOCUMENT_MAX_BACK_DAYS=30 +SUMMARY_MODE=selftest + +NGINX_APITEST_ENABLED=1 +MAIN_PARTNER_ID=401325658112331011 +ALLOW_CARD_ACCOUNT_TRANSFERS=1 + +# === CSRF settings === + +ADMIN_CSRF_ENABLED=1 +ADMIN_API_CSRF_PROTECTION_ENABLED=true +ADMIN_CSRF_TOKEN_LIFETIME=5m + +INDIVIDUAL_CLIENT_CSRF_ENABLED=1 +I_CLIENT_API_CSRF_PROTECTION_ENABLED=true +INDIVIDUAL_CLIENT_CSRF_TOKEN_LIFETIME=5m + +INDIVIDUAL_CLIENT_CSRF_ALWAYS_REGENERATE_TOKEN=0 + +# === EOF CSRF === + +#TOTP settings +# Set or reset TOTP (Google Authenticator) for very first time +TOTP_RESET_OTP_LIFETIME=72h +# Max attempts TOTP activation (Google Authenticator) for very first time +TOTP_RESET_OTP_ATTEMPTS=5 +TOTP_BRUTEFORCE_COOLDOWN=30m + +CLIENT_MAX_CARD_APPLICATION_COUNT=5 +CLIENT_MAX_CARD_COUNT=5 + +ADMIN_API_SHOW_RESPONSE_OBJECT_MODE=true + +STRICT_PARTNER_CARD_ACTIVATION=0 +STRICT_CLIENT_CARD_ACTIVATION=0 + +#ADMIN_CERTIFICATE_CHECK=1 + +APP_COOKIE_SAME_SITE_MODE=strict + +CARD_APPLICATION_DESIGN_FIELD=Reserved1 +CARD_APPLICATION_DELIVERY_METHOD_FIELD=Reserved3 +CARD_APPLICATION_COUNTRY_FIELD=Reserved4 +CARD_APPLICATION_PHONE_FIELD=Reserved2 +DEFAULT_CARD_DELIVERY_METHOD_ID=DEUTSCHE_POST_PACKET + +SCHEDULER_EXEC_MODE=1 + + +PARTNER_CARD_ENROLL_MODE=required_static_password +CLIENT_CARD_ENROLL_MODE=required_static_password + + +# list off accounts to skip from MB reconcillation (ReconciliateCoreBankingBalances) +SKIP_CORE_BANK_ACCOUNT_RECONCILIATION="" + + +# PASSWORD SETTINGS FOR ALL ENTRY POINTS FQDN. +# Admin web portal https://admin.sandbox-bank.walletto.eu/ +ADMIN_USER_TEMPORARY_PASSWORD_LIFETIME=72h +ADMIN_USER_PASSWORD_LIFETIME=90d +ADMIN_USER_PASSWORD_EXPIRATION_NOTIFY=14d +ADMIN_USER_FORBID_LAST_PASSWORDS=5 +ADMIN_USER_MAX_LOGIN_ATTEMPT=5 +ADMIN_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=30m +ADMIN_USER_TEMPORARY_BLOCK_PERIOD=30m +ADMIN_USER_PASSWORD_HISTORY_SIZE=5 + +# Client API https://api-client.sandbox-bank.walletto.eu/ +APICLIENT_USER_MAX_LOGIN_ATTEMPT=10000 +APICLIENT_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=1m +APICLIENT_USER_TEMPORARY_BLOCK_PERIOD=1m + +# Partner API https://api-partner.sandbox-bank.walletto.eu +PARTNER_USER_MAX_LOGIN_ATTEMPT=10000 +PARTNER_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=1m +PARTNER_USER_TEMPORARY_BLOCK_PERIOD=1m + +# SANDBOX ONLY. Test API https://api-test.sandbox-bank.walletto.eu +APITEST_USER_MAX_LOGIN_ATTEMPT=10000 +APITEST_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=1m +APITEST_USER_TEMPORARY_BLOCK_PERIOD=1m + +# Client (natural person) web portal https://i.sandbox-bank.walletto.eu +INDIVIDUAL_CLIENT_USER_TEMPORARY_PASSWORD_LIFETIME=72h +INDIVIDUAL_CLIENT_USER_PASSWORD_LIFETIME=340d +INDIVIDUAL_CLIENT_USER_PASSWORD_EXTENDED_LIFETIME=365d +INDIVIDUAL_CLIENT_USER_PASSWORD_EXPIRATION_NOTIFY=14d +INDIVIDUAL_CLIENT_USER_FORBID_LAST_PASSWORDS=5 +INDIVIDUAL_CLIENT_USER_MAX_LOGIN_ATTEMPT=5 +INDIVIDUAL_CLIENT_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=30m +INDIVIDUAL_CLIENT_USER_TEMPORARY_BLOCK_PERIOD=30m +INDIVIDUAL_CLIENT_USER_PASSWORD_HISTORY_SIZE=5 +# END OF - PASSWORD SETTINGS FOR ENTRY POINTS FQDN. + + +# OTP SMS settings for "individual_client webapi" +INDIVIDUAL_CLIENT_OTP_ENABLED=1 +INDIVIDUAL_CLIENT_OTP_TEST_MODE=0 +INDIVIDUAL_CLIENT_OTP_LIFETIME=5m +INDIVIDUAL_CLIENT_OTP_MAX_CHECK_ATTEMPTS=5 +# Depreciated in release 2012-12-05 +#INDIVIDUAL_CLIENT_OTP_MAX_GENERATE_ATTEMPTS=3 +INDIVIDUAL_CLIENT_OTP_USER_TEMPORARY_BLOCK_PERIOD=24h +INDIVIDUAL_CLIENT_OTP_CHECK_ATTEMPTS_RESET_PERIOD=900d +INDIVIDUAL_CLIENT_OTP_MIN_GENERATION_PERIOD=90s +#===== End of OTP SMS ===== + + +#===== Admin Site-API ===== +# About USER_PHONE_TRANSITIONAL_MODE +# when 1 then phone number is mandatory in user entity on create and edit +# when 0 then natural person card must be linked to user entity. +USER_PHONE_TRANSITIONAL_MODE=1 +# About ADMIN_API_USER_PHONE_TRANSITIONAL_MODE - for Admin Web UI only +# use with USER_PHONE_TRANSITIONAL_MODE option (either both equal to 1 or to 0). +# when 1 then Phone Number field in user entity has got mandatory mark (on create and edit) +# when 0 then natural person card field is mandatory. +ADMIN_API_USER_PHONE_TRANSITIONAL_MODE=1 +#===== End of Admin Site-API ===== + + +# === Client UI === + +# == CSV file size allowed to upload +# Note: MANDATORY to deploy due of the bag! +# = Company-Client UI = +# = Individual-Client UI = +NGINX_INDIVIDUAL_CLIENT_MAX_BODY_SIZE=150k + +# == Draft payment dialogue, links to PDF files. +# = Companies I-net bank. +CLIENT_API_DRAFT_TEMPLATE_URL=https://walletto.eu/documents/import_example.csv +CLIENT_API_DRAFT_REFERENCE_URL=https://walletto.eu/documents/import_file_instruction_en.pdf +# = Individuals I-net bank. +I_CLIENT_API_DRAFT_TEMPLATE_URL=https://walletto.eu/documents/import_example.csv +I_CLIENT_API_DRAFT_REFERENCE_URL=https://walletto.eu/documents/import_file_instruction_en.pdf + +# == Allowed amount of the records of CSV file to upload +# = Company-Client UI = +# = Individual-Client UI = +INDIVIDUAL_CLIENT_MAX_IMPORT_ROWS_LIMIT=500 + +# == Amount of records in the payments lists in UI and for Show More button. +# = Individual-Client UI = +# 20230307 changed from 50 to 200 - 19389 +I_CLIENT_API_OPERATION_LIST_LIMIT=200 +# = Company-Client UI = + +# == Max amount of records to proceed in lists confirmation in UI. +# = Individual-Client UI = +# 20230307 changed from 50 to 200 - 19389 +INDIVIDUAL_CLIENT_MAX_PROCESS_DRAFT_COUNT=200 +# = Company-Client UI = + +# === End of Client UI === + + +# === Multisubjects for clients === + +CLIENT_SUBJECT_TRANSITIONAL_MODE=1 + +# === End of Multisubjects for clients === + + +# === Account statement limits === +# == Admin UI== +# Max allowed time range for statement +ADMIN_ACCOUNT_STATEMENT_MAX_PERIOD=730d +# Max rec q-ty for export Admin UI +ADMIN_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=7500 + +# == Client API == +# Max allowed time range for statement +APICLIENT_ACCOUNT_STATEMENT_MAX_PERIOD=90d +# Max rec q-ty for export +APICLIENT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=7500 + +# == Company-Client UI == +# Max allowed time range for statement +# Max rec q-ty for export + +# == Individual-Client UI == +# Max allowed time range for statement +INDIVIDUAL_CLIENT_ACCOUNT_STATEMENT_MAX_PERIOD=90d +# Max rec q-ty for export +INDIVIDUAL_CLIENT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=7500 +# === End of Account statement limits === + + +##==== Starman workers amount +APICLIENT_WORKERS_COUNT=12 +PARTNER_WORKERS_COUNT=12 +INDIVIDUAL_WEBCLIENT_WORKERS_COUNT=12 +ADMIN_WORKERS_COUNT=12 +RTPS_WORKERS_COUNT=12 +APITEST_WORKERS_COUNT=12 +BONUS_CLIENT_WORKERS_COUNT=12 +##==== End of Starman workers amount + +# === AML settings === +# == Send internal payments of WLT clients for checking to MB == +EXTERNAL_AML_ENABLED=1 +# == Partner API - restrict edit client's data (allow=0, disallow=1) +PARTNER_RESTRICT_CLIENT_INFO_UPDATING=1 +# === End of AML settings === + +# === NGINX timeouts ==== +# Note: NGINX_BACKEND - admin UI +# Note: NGINX_BACKEND set to 120s, other stay as was previously until 2021-04-06-c7d02ab2 +NGINX_BACKEND_MAX_TIMEOUT=60s +NGINX_PARTNER_MAX_TIMEOUT=60s +# 20230307 changed from 60s to 5m - 19389 +NGINX_CLIENT_MAX_TIMEOUT=5m +NGINX_INDIVIDUAL_WEBCLIENT_MAX_TIMEOUT=5m +NGINX_APITEST_MAX_TIMEOUT=60s +NGINX_RTPS_MAX_TIMEOUT=60s +# === End of NGINX timeouts ==== + +# === Authorization advices === +# == Close authorization after (works with scheduler) +# Default value is 30d if omitted +PENDING_AUTHORIZATIONS_STORAGE_PERIOD=720h + + +## === Logging settings === +# Default is 0 or when omitted (no limits) +APP_MAX_LOG_MESSAGE_LENGTH=0 +## === End of Logging settings === + +# === MB API === +# == Response timeout for requests to MB API in seconds (default is 10s if ommited)== +MACROBANK_EXTERNAL_AML_RESPONSE_TIMEOUT=10 +# === End of MB API === + +# === Blocking hierarchy of client/account/card entity === +# == Global ON/OFF blocking hierarchy switch: 0=OFF (default), 1=ON == +APP_ALLOW_HIERARCHICAL_LOCKS=1 +# == ON/OFF switch in Admin UI. 0=OFF (default), 1=ON == +ADMIN_API_ALLOW_HIERARCHICAL_LOCKS=1 +# === End of: Blocking hierarchy of client/account/card entity === + + +# === Gift cards === +# == Virtual cards == +# = Max amount of one-time top-up (default is 15000 in EUR cents) = +VIRTUAL_INSTANT_CARD_TOP_UP_MAX_AMOUNT=15000 +# === End of: Gift cards === + + +# === Export tables as CSV in Admin UI === +# == Transaction list == +APP_TRANSACTION_EXPORT_MAX_RECORDS=30 +# == Account list == +APP_ACCOUNT_EXPORT_MAX_RECORDS=30 +# == Auth list == +APP_AUTHORIZATION_EXPORT_MAX_RECORDS=30 +# == Document list == +APP_DOCUMENT_EXPORT_MAX_RECORDS=30 +# == Client entries export limit in Admin UI - +APP_CLIENT_EXPORT_MAX_RECORDS=4000 +# === End of: Export tables as CSV in Admin UI === + + +# === AML limits === +# == Require personal code for these tax countries in API == +APP_TAX_COUNTRIES_WITH_REQUIRED_PERSON_CODE=LTU +# == Require personal code for these tax countries in Admin UI == +ADMIN_API_TAX_COUNTRIES_WITH_PERSON_CODE_CHECKING=LTU +# === End of: AML limits === + + +# === PIN code management for virtual card === +# == Switch ON/OFF PIN management (0=OFF, 1=ON) +APP_VIRTUAL_CARD_PIN_MANAGEMENT_ALLOWED=1 +# == Add this in Admin UI == +ADMIN_API_VIRTUAL_CARD_PIN_MANAGEMENT_ALLOWED=1 +# == Add this in Client UI == +# == Add this in Individual Client UI == +I_CLIENT_API_VIRTUAL_CARD_PIN_MANAGEMENT_ALLOWED=1 +# === End of: PIN code management for virtual card === + + +# === Security === +# == Advanced password policy (1 = ON, 0=OFF (default)) for all entry points +ADVANCED_PASSWORD_POLICY_ON_LOGIN_ENABLED=1 +# Reject unknown and not used fields in API requests +APP_EXCESS_FIELDS_CHECK_REQUIRED=1 +# === End of Security === + + +# === GooglePay === +# == Allow push-provisioning for partners (1 = ON, 0=OFF (default)) +PARTNER_GOOGLE_PAY_PUSH_PROVISIONING_ENABLED=0 +# == Allow push-provisioning for companies in Client UI (1 = ON, 0=OFF (default)) +# == Allow push-provisioning for individuals in Client UI (1 = ON, 0=OFF (default)) +INDIVIDUAL_CLIENT_GOOGLE_PAY_PUSH_PROVISIONING_ENABLED=0 +# === End of GooglePay === + + +# === Admin UI === +# == Max period of stats data scope in Admin UI +APP_REPORTS_MAX_PERIOD=365d +# === End of Admin UI === + + +# === ADMIN UI === + +# Makes end-user IP address fiels obligate (all requests) +# changed to 1 - 20221026 - Release 31 - 3270-2-1 +# changed back to 0 - 20221031 – due to 422 rejects +# release 2022-11-28-e1f2ce903 necessity only on POST requests +# changed to 1 - 20221201 - Release 33 - 3270-2 +PARTNER_END_USER_IP_ADDRESS_REQUIRED=1 + + +# WEBHOOK + +# [Webhook] api proxy read timeout +NGINX_WEBHOOK_MAX_TIMEOUT=120s +# [Webhook] Starman workers count for Webhook notifications +WEBHOOK_WORKERS_COUNT=5 +# [Webhook] Common name and certificate check for webhook service +WEBHOOK_CERTIFICATE_CHECK=1 +# [Webhook] Default account close reason, when ACC closed by webhook. +WEBHOOK_DEFAULT_ACCOUNT_CLOSE_REASON=Closed by external service + +# EOF WEBHOOK + +# 4 eye principale (document double cheking by bo_admin_senior) +ADMIN_ENABLE_FOUR_EYE_PRINCIPLE_USAGE=0 + + +# NGINX monitoring settings +STUB_PORT=5444 + + +# Countries where recipient_address field is required for SEPA payment +ADMIN_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE +PARTNER_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE +CLIENT_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE + + +# ID generator version. (Ver 1 is current, ver 2 uses smaller increment) +ID_GENERATOR_VERSION=1 + + +# Allow checking the client's country by delivery whitelist and default partner delivery method when creating card application. +APP_REJECT_CARD_APPLICATION_WITH_NON_DELIVERY_WHITELIST_COUNTRY=1 + +# Allow new clients to be checked through external application (MB) +APP_EXTERNAL_CLIENT_CHECK_ENABLED=1 + +# Enables comission calculation and accounting upon external payments +APP_ENABLE_WITHDRAW_COMISSION_CHECK=1 + +# AML fields necessity parametrs +PARTNER_API_ENABLE_ADDITIONAL_AML_INFO_REQUIREMENT=0 +ADMIN_API_ENABLE_ADDITIONAL_AML_INFO_REQUIREMENT=0 + + +#enable SSL to db +#APP_MYSQL_SSL_ENABLE=1 +APP_MYSQL_SSL_ENABLE=0 +#APP_MYSQL_SSL_CA_FILE=/run/secrets/db-ca.pem + + +# enabling the updated payment form in the web interface of clients +I_CLIENT_API_FORBID_CONFIRM_ON_INSUFFICIENT_FUNDS=1 + + +# the ability for users of the client web interface to reenroll into '3D-Secure` with a single request using the new 'ACS3` +APP_DISABLE_ADDITIONAL_UNENROLL=1 + + +# PDF rendering internal service credentials +REPORT_GENERATOR_BASE_URL=http://pdf-renderer:5000 +REPORT_GENERATOR_USERNAME=renderer +REPORT_GENERATOR_PASSWORD=renderer + + +# Send operation internal commission calc +APP_ENABLE_INTERNAL_COMISSION_CHECK=1 + + +# CMS GPS test settings +APP_ALLOWED_BINS=460985,460986,999999,516300,440525,426528,456755,539966,539967 +DEFAULT_CMS_DRIVER_NAME=worldline + + +# maximal count of requests per client (default=3) +APP_MAX_CLIENT_UPDATE_REQUEST=3 + + +# === PLAIS === +APP_PLAIS_CHECK_PAYER_NAME=1 +# Sender organization identifiers +APP_PLAIS_OUR_SYSTEM_IDENTIFIER=UAWALT21XXX +APP_PLAIS_REMOTE_SYSTEM_IDENTIFIER=SNCTLT21XXX + +# Comission amount in cents for PLAIS payment +APP_PLAIS_WRITEOFF_FEE_AMOUNT=100 +# Description for PLAIS payment doc_type=plais_writeoff_sepa +APP_PLAIS_WRITEOFF_CODESTRING="Fee for PLAIS payment" +# === EOF PLAIS === + +# Quantity and interval of repeated account access. +APP_ACCOUNT_ACCESS_RETRY_COUNT=6 +APP_ACCOUNT_ACCESS_RETRY_INTERVAL=3s + + +# GPS card obligate PIN requirement (default is off=0) +INDIVIDUAL_CLIENT_API_CARD_APPLICATION_CREATION_PIN_REQUIREMENT=1 +PARTNER_API_CARD_APPLICATION_CREATION_PIN_REQUIREMENT=1 + + +# CSV list of card export maximum rows (default is 2000) +APP_CARD_EXPORT_MAX_RECORDS=2000 + +# Indvidual AML field necessity +# List of partners: walletto,OWNR,Cardbit,Mezoman,Capitalist,btc2wire,Poklet,GTM,Buyer,UnifiedFinance,PayUnionLT,European Securepay Center,PRO INVEST GROUP,Multiodot, +PARTNERS_WITH_ENABLED_ADDITIONAL_AML_INFO_REQUIREMENT=401325658112331011,403605021955115163,404067170051409799,404514610178740608,404891196419010608,408252775432791212,409024068105488332,409533795594140345,409861352458151534,410930764810750361,415260845331969866,415374653972638869,415657107989059593,419618502144810746,419618502144810746 + +# Toggeles Turnovers section in AdminUI client view (0=off) +ADMIN_API_SHOW_CLIENT_TURNOVERS=1 + +# added 20220803 - Release 25 - determining the user's geolocation +INDIVIDUAL_CLIENT_USER_HISTORY_COUNTRY_RESOLVE_ENABLED=1 + +# added 20220803 - Release 25 - the number of simultaneously uploaded records to the exported csv file of the list of user action histories. +APP_ACTION_HISTORY_EXPORT_MAX_RECORDS=2000 + +# added 20220816 - Release 26 - processing notifications about OCT by Worldline cards +# changed to 1 20230126 - Release 1 - 1429-6 +ALLOW_OCT_AUTH_PROCESSING=1 + +# === ADMIN CONTROL API === +# added 20220817 - Release 26 - new entry point Admin Control API - Heimdall-Coin + +ADMIN_CONTROL_DOMAIN=api.admin-control + +# api starman workers +ADMIN_CONTROL_WORKERS_COUNT=1 + +#api proxy read timeout +#by default time is in seconds, can be used in any of nginx formats (30s, 10m, 12h) +NGINX_ADMIN_CONTROL_MAX_TIMEOUT=30m + +# authentication by API admin certificate +ADMIN_CONTROL_CERTIFICATE_CHECK=0 + +# Security settings +ADMIN_CONTROL_USER_PASSWORD_LIFETIME=90d +ADMIN_CONTROL_USER_MAX_LOGIN_ATTEMPT=3 +ADMIN_CONTROL_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=10m +ADMIN_CONTROL_USER_TEMPORARY_BLOCK_PERIOD=30m +ADMIN_CONTROL_USER_PASSWORD_HISTORY_SIZE=5 + +# Account/statement limits +ADMIN_CONTROL_ACCOUNT_STATEMENT_MAX_PERIOD=730d +ADMIN_CONTROL_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=0 + +# Countries where recipient_address field is required for SEPA payment +ADMIN_CONTROL_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE + +# Enabling mandatory additional fields when creating a person by an administrator and a partner +ADMIN_CONTROL_API_ENABLE_ADDITIONAL_AML_INFO_REQUIREMENT=0 + +# === EOF ADMIN CONTROL API === + +# added 20220919 - Release 28 - obligatory of CVV when activating GPS plastic cards by clients +I_CLIENT_API_CARD_ACTIVATION_CVV_REQUIREMENT=1 + +# added 20220919 - Release 28 - the maximum number of attempts to check CVV when activating GPS plastic cards by clients +I_CLIENT_API_CVV_MAX_CHECK_ATTEMPTS=3 + +# added 20220919 - Release 28 - use of data from the extended table of countries when performing various procedures related to checking countries +APP_USE_ADVANCED_COUNTRIES_CHECK_LIST=1 + +# added 20220920 - Release 28 - user geolocation definition by IP +APP_GEOIP_2_MMDB_FILE_PATH=/opt/project/core/app/geoip_data/GeoLite2-Country.mmdb + +# added 20221010 - Release 29 -GPS available card product ids +# added 20240229 products 13646, 16377, 16379, 14353 - task 26870 +#AVAILABLE_CARD_PRODUCT_IDS=13638,13643,14341,14060,14059,14351,14424,14026,14027,14066,14067,14407,14434,14377,13646,16377,16379,14353 +# removed 20240307 products 14434,14377,14424 +AVAILABLE_CARD_PRODUCT_IDS=13638,13643,14341,14060,14059,14351,14026,14027,14066,14067,14407,13646,16377,16379,14353 + +# added 20221012 - Release 30 - definition of partner API clients geolocation +PARTNER_USER_HISTORY_COUNTRY_RESOLVE_ENABLED=1 + +# added 20221012 - Release 30 - Partner entrypoint OTP settings +PARTNER_OTP_LIFETIME=5m +PARTNER_OTP_MAX_CHECK_ATTEMPTS=10 +PARTNER_OTP_USER_TEMPORARY_BLOCK_PERIOD=10m +PARTNER_OTP_CHECK_ATTEMPTS_RESET_PERIOD=30m +PARTNER_OTP_MIN_GENERATION_PERIOD=5m +PARTNER_OTP_ENABLED=1 +PARTNER_OTP_TEST_MODE=0 +PARTNER_CLIENT_REQUEST_SIGNATURE_LIFETIME=5m + +# added 20221026 - Release 31 - 327-9 +APP_PLAIS_CARD_ACCOUNT_PROCESSING_ENABLED=1 + +# added 20221026 - Release 31 - 593-1 +PARTNER_API_СVN_MAX_CHECK_ATTEMPTS=3 + + +# added 20221207 - Release 34 - 732 +APP_USER_EXPORT_MAX_RECORDS=2000 +APP_PARTNER_EXPORT_MAX_RECORDS=2000 +APP_PERSON_EXPORT_MAX_RECORDS=2000 +APP_COMPANY_EXPORT_MAX_RECORDS=2000 +APP_EXTRA_ATTENTION_PERSON_EXPORT_MAX_RECORDS=2000 +APP_CLIENT_PERSON_UPDATE_REQUEST_EXPORT_MAX_RECORDS=2000 + +# added 20221212 - Release 34.5.2 - 722 +I_CLIENT_API_USE_SESSION_TOKEN=1 + +# added 20230111 - Release 35 - url to parcel service - 757 +I_CLIENT_API_TRACKING_SERVICE_URL=https://parcelsapp.com/en + +# added 20230411 - Release 6 - 855 +APP_ALLOW_GPS_MONEYSEND_PAYMENT_AUTH_PROCESSING=1 + +# added 20230516 - Release 8 – 803 +ADMIN_API_SHOW_SYNC_TO_SECONDARY_BUTTON=1 + +# added 20230605 - Release 9 - 6734-11 +APP_ENABLE_RESOLVE_OPERATION_REGION_BY_SCHEMA=1 + +#added 20230626 - Release 11 - 19895 +APP_ENABLE_UAE_SWIFT_PURPOSE_CODE_REQUIREMENT=1 +APP_SWIFT_PURPOSE_CODE_PREFIX=#PC + +# Bonus Client domain settings +BONUS_CLIENT_DOMAIN=webapi-bonus-client + +# Bonus Client API settings +BONUS_CLIENT_SESSION_SECRET=8skj6342fj2hf234 +BONUS_CLIENT_SESSION_DOMAIN=webapi-bonus-client.coin.local.work +BONUS_CLIENT_CSRF_ENABLED=1 +BONUS_CLIENT_CSRF_TOKEN_LIFETIME=5m +BONUS_CLIENT_CSRF_ALWAYS_REGENERATE_TOKEN=0 +BONUS_CLIENT_ACCOUNT_STATEMENT_MAX_PERIOD=90d +BONUS_CLIENT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=1000 +NGINX_BONUS_CLIENT_MAX_BODY_SIZE=150k +NGINX_BONUS_CLIENT_MAX_TIMEOUT=5m +BONUS_CLIENT_GOOGLE_PAY_PUSH_PROVISIONING_ENABLED=1 +BONUS_CLIENT_USER_HISTORY_COUNTRY_RESOLVE_ENABLED=1 +BONUS_CLIENT_USE_SESSION_TOKEN=1 + +#added 20230727 - Release 12 - 882 - максимальное количество виртуальных бонусных карт на одного клиента +CLIENT_MAX_BONUS_CARD_COUNT=3 + +#added 20230727 - Release 12 - 933 - разрешение на перевыпуск карт +I_CLIENT_API_GPS_CARD_REPLACE_ALLOWED=1 +I_CLIENT_API_GPS_CARD_REPLACE_ALLOWED_FOR=1 + +#added 20230821 - Release 14 +APP_DISABLE_FINANCIAL_REQUEST_ON_CLOSED_GPS_CARD=1 +ADMIN_CHECKS_DURING_CLIENT_REGISTRATION=ExternalCheck,ExternalKycCheck,ExtraAttentionPerson,WhitelistedCountries,PersonField,CountryRestrictions +ADMIN_API_DISABLE_ACCIDENTAL_CLIENT_CLOSING_PROTECTION=1 +WEBHOOK_ALLOW_CLIENT_SEARCH_BY_EXTRA_REMOTE_ID=1 +ADMIN_API_DISABLE_LIST_RECORD_COUNT_ON_FIRST_LOAD_FOR=clients,accounts + +#added 20230908 - Release 15 - 878-2 - пользователям IB разрешено закрытие карты +I_CLIENT_API_CARD_CLOSE_ALLOWED=1 +###список клиентских id, если параметр выше =1, параметр перестает применяться +###I_CLIENT_API_CARD_CLOSE_ALLOWED_FOR= + +#added 20230908 - Release 15 - 937 - проверка стран происходит через список стран +APP_USE_ADVANCED_COUNTRIES_CHECK_LIST=1 + +#added 20230922 - Release 16 - 812 - Возможность администратору переоткрыть счет синхронно с Heimdall +ADMIN_API_SHOW_REOPEN_ACCOUNT_BUTTON=1 + +#added 20230928 - Release 16.7 - 999 - отображение иконок статусов карт на главной странице веб интерфейса клиента +I_CLIENT_API_SHOW_CARD_STATUS_ICONS=1 + +ALLOW_CHECKING_CARD_TO_CARD_TRANSFER=1 + +#added 20231101 - Release 19 - 983-1-1 - список доступных карточных продуктов для клиентов-юрлиц +AVAILABLE_CLIENT_COMPANY_CARD_PRODUCT_IDS=15424,15453,15868,15869 + +#added 20231101 - Release 19 - 1013 - дополнительная защита от создания дубликатов онлайн-сообщений от GPS +RTPS_ENABLE_ADDITIONAL_DUPLICATE_CHECK=1 + +#added 20231101 - Release 19 - 982 - возможность выпускать вспомогательные карты GPS до активации главной пластиковой карты +APP_CREATE_CARD_AT_GPS_CARD_APPLICATION_CREATION=1 + +#added 20231122 - Release 20.5 - session time +INDIVIDUAL_CLIENT_SESSION_EXPIRES=+15m +ADMIN_SESSION_EXPIRES=+240m + +#added 20231122 - Release 20.5 - webhooks statuses +APP_PAYMENT_DOCUMENT_PROCESSING_CUSTOM_STATUSES={"withdraw_sepa":{"PSI_RETURNED":"pending","PSI_SENT":"pending","SR_CONFIRM_POSTED:"pending",”PSI_COMPLETED”:”approved”,”RECONCILIATION_WAITING”:”approved”,”PSI_REJECTED”:”declined”},"withdraw_swift":{"PSI_SENT":"pending"},"send":{"PSI_SENT":"pending"}} + +#added 20231122 - Release 20.5 - internal payments with HMD +# transfer,card2card online +###APP_ONLINE_PAYMENT_DOCUMENT_TYPES_LIST=transfer,card2card +# transfer,card2card to files +APP_ONLINE_PAYMENT_DOCUMENT_TYPES_LIST= + +#added 20231123 - Release 21.2 - 1073 - Изменить используемую функцию хеширования паролей +APP_USER_PASSWORD_HASH_TYPE=SHA256 + +#added 20231207 - Release 21.3 - 1017 - Для внешниx платежей +#максимальное количество записей внешних платежей в импортируемом файле +ADMIN_MAX_EXTERNAL_DOCUMENT_IMPORT_ROWS_LIMIT=100 +#максимальное количество записей внешних платежей для обработки +ADMIN_MAX_EXTERNAL_DOCUMENT_PROCESSING_ROWS_LIMIT=100 +#максимальный размер импортируемого файла с внешними платежами +NGINX_ADMIN_MAX_BODY_SIZE=150k + +#added 20231207 - Release 21.3 - 1097 - список удаляемых типов документов +APP_DELETABLE_DOCUMENT_TYPES=withdraw_sepa,withdraw_swift + +#added 20231211 - Release 22.1 - 1058 - включение возможности создания платежных документов reversal_sepa +APP_WITHDRAW_SEPA_REVERSAL_AUTO_APPROVE=1 + +#настройка параметров для веб-интерфейса +ADMIN_API_LAYOUT_INDEX=9HLLMx9b86NBfHv +I_CLIENT_API_LAYOUT_INDEX=9HLLMx9b86NBfHv + +#added 20240105 - Release 22.2 - w24334 - список идентификаторов клиентов, которые не должны попасть в отчет о денежном обороте +SKIP_CLIENT_FOR_TURNOVER_REPORT= + +#added 20240126 - Release 24.1 - список доступных языков локализации для веб интерфейса администратора и клиента +ADMIN_API_AVAILABLE_LANGUAGES=en,ru +# русский язык убран в интернетбанке по задаче 28001 +#I_CLIENT_API_AVAILABLE_LANGUAGES=en,ru +I_CLIENT_API_AVAILABLE_LANGUAGES=en + +#added 20240126 - Release 24.1 - 25441 - список доступных типов комиссий за исходящие SWIFT платежи +APP_SWIFT_COMMISSION_TYPES=SHA + +#added 20240126 - Release 24.1 - 1101 - диапазон дат и количество операций, выгружаемых в выписке по счетам +CUSTOM_REPORT_ACCOUNT_STATEMENT_MAX_PERIOD=1095d +CUSTOM_REPORT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=100000 + +#added 20240213 - patch for Release 24.1 - для выключения-включения возможности передачи информации о холдах PLAIS +APP_PLAIS_SYNC_HOLD_TO_CORE_BANKING=0 + +#added 20240308 - Release 24.3 - период задержки псевдоклиринга транзакций-пополнений - 1150 +APP_PSEUDO_CLEARING_POSTPONE_PERIOD=5d + +#added 20240318 - Release 24.5 - тестовый/продовый (0/1) режим отправки мейлов - 23623-2 +APP_MSMTP_TEST_MODE=0 + +#added 20240318 - Release 24.6 - отображение элементов веб-интерфейса клиента +I_CLIENT_API_SHOW_BONUS_CARD_SPECIFIC_INFO_FOR=430119059880765423 +I_CLIENT_API_BONUS_CARD_SPECIFIC_INFO=fee_statistic + +#added 20240416 - Release 24.8 - для настройки корректной работы сервиса рендеринга отчетов +REPORT_GENERATOR_LAYOUT_INDEX=9HLLMx9b86NBfHv + +#added 20240416 - Release 24.8 - кастомная базовая валюта системы +APP_BASE_CURRENCY=EUR + +#added 20250515 - Release 24.9 - подмена символов при заказе новых пластиковых карт +APP_ENCODE_CARD_APPLICATION_FIELDS=first_name,last_name,address,city + +#added 20250515 - Release 24.9 - cписок категории продуктов карт, при выпуске которых разрешено фактическое указание флага отказа от печати имени на карте +APP_NON_PERSONALIZED_CARD_PRODUCT_CATEGORIES=prepaid + +#added 20240605 - Release 24.10 - Автоматическое списание платежей plais_writeoff_sepa - 1139 +APP_PLAIS_WRITEOFF_SEPA_AUTO_APPROVE=1 + +#added 20240605 - Release 24.10 - Возможность обрабатывать переданные браузерные данные в формате base64 - 1242 +I_CLIENT_API_BROWSER_DETAILS_FORMAT=base64_json + +#added 20240605 - Release 24.10 - Возможность получения выписки о балансе по всем клиентским счетам - 1198-1 +###commented 20240726 in Release 24.12 - 1287 +###ADMIN_ACCOUNTS_BALANCE_STATEMENT_MAX_PERIOD=730d + +#added 20240605 - Release 24.10 - Возможность кешировать результаты успешной валидации IBAN - 1160 +APP_ENABLE_IBAN_INFO_CACHING=1 +APP_IBAN_INFO_CACHE_LIFETIME=365d +APP_BYPASS_IBAN_VALIDATION=0 + +#added 20240607 - Release 24.11 - Не отправлять запросы изменения баланса по заблокированным картам GPS - 1264 +APP_DISABLE_FINANCIAL_REQUEST_ON_BLOCKED_GPS_CARD=1 + +#added 20240607 - Release 24.11 - Возможность автоматического создания пользователя веб интерфейса клиента +APP_USER_CREATION_MODE=off + +#added 20240607 - Release 24.11 - Возможность списания суммы закрывающей комисии в зависимости от причины закрытия клиента - 1257 +APP_ENABLE_CONTRACT_TAX_CLOSE_REASON_USAGE=1 +APP_CLIENT_CLOSURE_RECENCY_PERIOD=184d + +#added 20240607 - Release 24.11 - Актуализировать интеграцию с сервисами для генерации QR-кодов - 1271 +I_CLIENT_API_USE_INTERNAL_QR_CODE_RENDERER=1 +TOTP_CHART_GOOGLEAPIS= + +# added 20240711 - Release 2023-12-21 - настройки полей в емайле с логином паролем +APP_MSMTP_CONFIG=run/secrets/msmtp.conf +APP_ENABLE_USER_ACCESS_EMAIL_SENDING_FOR=client,client_accountant +APP_USER_ACCESS_EMAIL_LOGIN_URL=https://i.bank.walletto.eu +APP_USER_ACCESS_EMAIL_SUBJECT='Your access credentials to Walletto SBX internet banking services' +APP_USER_ACCESS_EMAIL_TEMPORARY_PASSWORD_LIFETIME='72 hours' +APP_USER_ACCESS_EMAIL_TEST_MODE=0 + + +#added 20240719 - patch for PLAIS 1907 - не считать комиссии на комиссии PLAIS - 1318 +APP_PLAIS_SERVICE_FEE_CRITERIA=[{"amount":"102","payee_name":"Valstybės įmonė Registrų centras"}] + +#added 20240819 - смена статуса карт синхронно с Heimdall - 1320 +APP_ENABLE_CARD_STATUS_SYNC_WITH_CORE_BANKING=1 + +#added 20240819 - проверка уровня риска регистрируемых клиентов - 1317 +APP_CLIENT_PRE_ACTIVATION_CHECKS=RiskLevel +PARTNER_CHECKS_DURING_CLIENT_REGISTRATION= + +#added 20240819 - перевыпуск карт через машинный клиентский API - 1335 +APICLIENT_API_GPS_CARD_REPLACE_ALLOWED=1 +APICLIENT_API_GPS_CARD_REPLACE_ALLOWED_FOR= +APICLIENT_API_CARD_CLOSE_ALLOWED=1 +APICLIENT_API_CARD_CLOSE_ALLOWED_FOR= + +#added 20240918 - Возможность блокирования средств по PLAIS-распоряжениям общим холдом счета - 1303-1 +APP_PLAIS_USE_CONSOLIDATED_HOLD=1 + +#added 20241008 - Release 24.16 - для настройки списка доступных валют - 1365 +APP_ADDITIONAL_CURRENCIES=PLN + +#added 20241105 - Release 24.17 - срок доступности логов - 1291-1 +ADMIN_EXTERNAL_LOG_AVAILABILITY_PERIOD=14d + +#added 20241105 - Release 24.17 - понятные партнерам и клиентам сообщения при возникновении ошибок взаимодействия с внешними сервисами - 1323 +PARTNER_ALLOW_PROCESSING_DETAILS=1 +ADMIN_CONTROL_ALLOW_PROCESSING_DETAILS=1 +APICLIENT_ALLOW_PROCESSING_DETAILS=1 + +#added 20241219 - Release 24.19 - получение комиссии по платежам transfer - 1410 +APP_ENABLE_TRANSFER_COMMISSION_CHECK=1 + +#added 20250120 - Release 25.01 - Возможность проведение платежей deposit_from_card на расчетный счет без карты - 1420 (0 = проведение платежей deposit_from_card на расчетный счет без карты запрещено) +APP_ALLOW_CHECKING_ACCOUNT_FUNDING=0 + +#added 20250120 - Release 25.01 - Для настройки уведомления, что с момента активации клиента прошло более X дней и плата за закрытие не будет взиматься - 1425 +ADMIN_API_CLIENT_CLOSURE_RECENCY_PERIOD=184d + +#added 20250204 - Release 25.02 - Возможность сохранения нескольких IP адресов при проведении платежей - 1413-2 +APICLIENT_END_USER_IP_ADDRESS_REQUIRED=0 + +#added 20250204 - Release 25.02 - обработка уведомлений об отмене авторизаций по картам GPS - 1437 +ALLOW_GPS_REVERSAL_ADVICE_PROCESSING=1 + +#added 20250204 - Release 25.02 - Изменить логику обработки комиссий за входящие платежи - 1424 +APP_INCOMING_PAYMENT_AND_FEE_CONSOLIDATION=1 + +#added 20250220 - Release 25.03 - Возможность сохранять резервную копию файла при экспорте, если возникла ошибка подключения к SFTP - 1457 +APP_FAILED_SFTP_UPLOADS_DIR=/opt/project + +#added 20250220 - Release 25.03 - Списывать комиссию за исходящий платеж при его создании - 1449 +APP_DIRECT_OUTGOING_FEE_WRITEOFF=1 + +#added 20250414 - Release 25.05 - Возможность получить доступ к новой версии веб интерфейса - 11 +NGINX_I_CLIENT_V2_ENABLED=0 +FRONTEND_I_CLIENT_V2_ONLY=0 + +#added 20250414 - Release 25.05 - ... +###I_CLIENT_API_COOKIE_POLICY=https://walletto.eu/cookie-policy/ +###I_CLIENT_API_PRIVACY_POLICY=https://walletto.eu/privacy-policy/ +###I_CLIENT_API_TERMS_AND_CONDITIONS=https://walletto.eu/terms-and-conditions/ + +#added 20250721 - Release 25.11 - ... +I_CLIENT_API_ALLOWED_LANG_LT=1 + +#added 20251002 - Realease 25.17 - +APP_RTPS_RESOLVE_AUTHORIZE_INCREMENTAL=1 + +#added 20251003 - Release 25.17.5 - ... +APP_ENABLE_WITHDRAW_VOP_CHECK=0 +I_CLIENT_API_ENABLE_WITHDRAW_VOP_CHECK_RESULT_VIEW=0 + +#added 20251015 - Release 25.18 - ... +APP_SYNC_COMPANY_PERSON_TO_CORE_BANKING=1 +APP_ALLOW_WITHDRAW_TO_CARD_WITHOUT_CARD=0 +APP_ONBOARDING_COMPANY_REGISTERED_EMAIL_SUBJECT='successfully created' + +#added 20251216 - Release 25.22 - Оптимизация VoP для для партнерского и клиентского API - 1663 +APP_WITHDRAW_SEPA_VOP_ID_REQUIRED=0 +APP_WITHDRAW_SEPA_VOP_LIFETIME=24h + +#added 20251216 - Release 25.22 - период, за который отправляется дополнительное e-mail уведомление об окончании срока действия карты - 4364-4-9-1 +APP_EXPIRATION_NOTIFICATION_PERIOD=3d + + + + + + + + +TZ=Europe/Riga