# disable mysql pre-check script
DISABLE_MYSQL_CHECK=1

# default nameless settings
NAMELESS_MODE=production
NAMELESS_CONFIG=/opt/project/configs/global.conf

# perl proxy settings
PERL_LWP_SSL_VERIFY_HOSTNAME=0
#PROXY RIGA
#HTTPS_PROXY=http://10.85.86.101:8888
#PROXY AMS - 28342
HTTPS_PROXY=http://10.95.84.106:8888
NO_PROXY=ma-sbx.sandbox.walletto.eu,wlt-sbx-rtps-cb1-ams.wltsbxinner.walletto.eu,wlt-sbx-rtps-cb2-ams.wltsbxinner.walletto.eu,wlt-sbx-rtps-cb3-ams.wltsbxinner.walletto.eu,wlt-sbx-rtps-cb4-ams.wltsbxinner.walletto.eu,10.82.84.108,10.95.81.121,wlt-sbx-ssm-ams.wltsbxinner.walletto.eu,10.95.82.45,10.95.81.114,10.95.81.151,wlt-sbx-coinssm-ams.wltsbxinner.walletto.eu

# backend session settings
ADMIN_SESSION_DOMAIN=site-api-admin.sandbox-bank.walletto.eu
ADMIN_SESSION_SECRET=kdj839kwjJwhd1KE

INDIVIDUAL_CLIENT_SESSION_DOMAIN=site-api-i.sandbox-bank.walletto.eu
INDIVIDUAL_CLIENT_SESSION_SECRET=kzh3L7VuZLJ4X5Td

# api settings
ADMIN_API_URL=https://site-api-admin.sandbox-bank.walletto.eu
ADMIN_API_PREFIX=/
I_CLIENT_API_URL=https://site-api-i.sandbox-bank.walletto.eu
I_CLIENT_API_PREFIX=/
I_CLIENT_API_SHOW_RESPONSE_OBJECT_MODE=true
I_CLIENT_API_TOTP_PROTECTION_ENABLED=true


#individual client settings
INDIVIDUAL_CLIENT_ALLOWED_USER_CLIENT_TYPES=person,company
INDIVIDUAL_CLIENT_CLIENT_TYPE_VERIFICATION_ENABLED=0

INDIVIDUAL_CLIENT_CERTIFICATE_CHECK=0

INDIVIDUAL_CLIENT_CLIENT_TOTP_ENABLED=1
INDIVIDUAL_CLIENT_TOTP_TEST_MODE=0
INDIVIDUAL_CLIENT_TOTP_LABEL=i-Bank
INDIVIDUAL_CLIENT_ENFORCE_TOTP_ACTIVATION=1

INDIVIDUAL_CLIENT_TOTP_SAME_PASSWORD_CHECK_ENABLED=1
INDIVIDUAL_CLIENT_TOTP_SAME_PASSWORD_COOLDOWN_PERIOD=30s
INDIVIDUAL_CLIENT_TOTP_CHECK_DELAY_MS=1s
INDIVIDUAL_CLIENT_USER_REQUEST_SIGNATURE_LIFETIME=15m

INDIVIDUAL_CLIENT_DEFAULT_CARD_DELIVERY_METHOD_CLIENT_DESCRIPTION=unknown

# app settings
ENCRYPTOR_NAME=rest_gpg
ENCRYPTOR_KEY=gpg20241224-test@walletto.eu
ENCRYPTOR_PARTNER_NAME=rest_gpg

ENCRYPTOR_REST_GPG_BASE_URL=https://wlt-sbx-coinssm-ams.wltsbxinner.walletto.eu:5543/
ENCRYPTOR_REST_GPG_USERNAME=
ENCRYPTOR_REST_GPG_PASSWORD=
ENCRYPTOR_REST_GPG_CA_CERT=/run/secrets/rest_gpg_ca.crt

ENCRYPTOR_CBC_IV=/run/secrets/card_iv.txt
ENCRYPTOR_CBC_QWE=/run/secrets/card_qwe.txt
ENCRYPTOR_CBC_ASD=/run/secrets/card_asd.txt

APP_ENROLL_HINT_TEXT='EComm transaction'

SESSION_SECURE=1
APP_COOKIE_SECURE=1

# admin docs settings
APP_DOCUMENT_MAX_BACK_DAYS=30
SUMMARY_MODE=selftest

NGINX_APITEST_ENABLED=1
MAIN_PARTNER_ID=401325658112331011
ALLOW_CARD_ACCOUNT_TRANSFERS=1

# === CSRF settings ===

ADMIN_CSRF_ENABLED=1
ADMIN_API_CSRF_PROTECTION_ENABLED=true
ADMIN_CSRF_TOKEN_LIFETIME=5m

INDIVIDUAL_CLIENT_CSRF_ENABLED=1
I_CLIENT_API_CSRF_PROTECTION_ENABLED=true
INDIVIDUAL_CLIENT_CSRF_TOKEN_LIFETIME=5m

INDIVIDUAL_CLIENT_CSRF_ALWAYS_REGENERATE_TOKEN=0

# === EOF CSRF ===

#TOTP settings
# Set or reset TOTP (Google Authenticator) for very first time
TOTP_RESET_OTP_LIFETIME=72h
# Max attempts TOTP activation (Google Authenticator) for very first time
TOTP_RESET_OTP_ATTEMPTS=5
TOTP_BRUTEFORCE_COOLDOWN=30m

CLIENT_MAX_CARD_APPLICATION_COUNT=5
CLIENT_MAX_CARD_COUNT=5

ADMIN_API_SHOW_RESPONSE_OBJECT_MODE=true

STRICT_PARTNER_CARD_ACTIVATION=0
STRICT_CLIENT_CARD_ACTIVATION=0

#ADMIN_CERTIFICATE_CHECK=1

APP_COOKIE_SAME_SITE_MODE=strict

CARD_APPLICATION_DESIGN_FIELD=Reserved1
CARD_APPLICATION_DELIVERY_METHOD_FIELD=Reserved3
CARD_APPLICATION_COUNTRY_FIELD=Reserved4
CARD_APPLICATION_PHONE_FIELD=Reserved2
DEFAULT_CARD_DELIVERY_METHOD_ID=DEUTSCHE_POST_PACKET

SCHEDULER_EXEC_MODE=1


PARTNER_CARD_ENROLL_MODE=required_static_password
CLIENT_CARD_ENROLL_MODE=required_static_password


# list off accounts to skip from MB reconcillation (ReconciliateCoreBankingBalances)
SKIP_CORE_BANK_ACCOUNT_RECONCILIATION=""


# PASSWORD SETTINGS FOR ALL ENTRY POINTS FQDN.
# Admin web portal https://admin.sandbox-bank.walletto.eu/
ADMIN_USER_TEMPORARY_PASSWORD_LIFETIME=72h
ADMIN_USER_PASSWORD_LIFETIME=90d
ADMIN_USER_PASSWORD_EXPIRATION_NOTIFY=14d
ADMIN_USER_FORBID_LAST_PASSWORDS=5
ADMIN_USER_MAX_LOGIN_ATTEMPT=5
ADMIN_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=30m
ADMIN_USER_TEMPORARY_BLOCK_PERIOD=30m
ADMIN_USER_PASSWORD_HISTORY_SIZE=5

# Client API https://api-client.sandbox-bank.walletto.eu/
APICLIENT_USER_MAX_LOGIN_ATTEMPT=10000
APICLIENT_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=1m
APICLIENT_USER_TEMPORARY_BLOCK_PERIOD=1m

# Partner API https://api-partner.sandbox-bank.walletto.eu
PARTNER_USER_MAX_LOGIN_ATTEMPT=10000
PARTNER_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=1m
PARTNER_USER_TEMPORARY_BLOCK_PERIOD=1m

# SANDBOX ONLY. Test API https://api-test.sandbox-bank.walletto.eu
APITEST_USER_MAX_LOGIN_ATTEMPT=10000
APITEST_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=1m
APITEST_USER_TEMPORARY_BLOCK_PERIOD=1m

# Client (natural person) web portal https://i.sandbox-bank.walletto.eu
INDIVIDUAL_CLIENT_USER_TEMPORARY_PASSWORD_LIFETIME=72h
INDIVIDUAL_CLIENT_USER_PASSWORD_LIFETIME=340d
INDIVIDUAL_CLIENT_USER_PASSWORD_EXTENDED_LIFETIME=365d
INDIVIDUAL_CLIENT_USER_PASSWORD_EXPIRATION_NOTIFY=14d
INDIVIDUAL_CLIENT_USER_FORBID_LAST_PASSWORDS=5
INDIVIDUAL_CLIENT_USER_MAX_LOGIN_ATTEMPT=5
INDIVIDUAL_CLIENT_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=30m
INDIVIDUAL_CLIENT_USER_TEMPORARY_BLOCK_PERIOD=30m
INDIVIDUAL_CLIENT_USER_PASSWORD_HISTORY_SIZE=5
# END OF - PASSWORD SETTINGS FOR ENTRY POINTS FQDN.


# OTP SMS settings for "individual_client webapi"
INDIVIDUAL_CLIENT_OTP_ENABLED=1
INDIVIDUAL_CLIENT_OTP_TEST_MODE=0
INDIVIDUAL_CLIENT_OTP_LIFETIME=5m
INDIVIDUAL_CLIENT_OTP_MAX_CHECK_ATTEMPTS=5
# Depreciated in release 2012-12-05
#INDIVIDUAL_CLIENT_OTP_MAX_GENERATE_ATTEMPTS=3
INDIVIDUAL_CLIENT_OTP_USER_TEMPORARY_BLOCK_PERIOD=24h
INDIVIDUAL_CLIENT_OTP_CHECK_ATTEMPTS_RESET_PERIOD=900d
INDIVIDUAL_CLIENT_OTP_MIN_GENERATION_PERIOD=90s
#===== End of OTP SMS =====


#===== Admin Site-API =====
# About USER_PHONE_TRANSITIONAL_MODE
# when 1 then phone number is mandatory in user entity on create and edit
# when 0 then natural person card must be linked to user entity.
USER_PHONE_TRANSITIONAL_MODE=1
# About ADMIN_API_USER_PHONE_TRANSITIONAL_MODE - for Admin Web UI only
# use with USER_PHONE_TRANSITIONAL_MODE option (either both equal to 1 or to 0).
# when 1 then Phone Number field in user entity has got mandatory mark (on create and edit)
# when 0 then natural person card field is mandatory.
ADMIN_API_USER_PHONE_TRANSITIONAL_MODE=1
#===== End of Admin Site-API =====


# === Client UI ===

# == CSV file size allowed to upload
# Note: MANDATORY to deploy due of the bag!
# = Company-Client UI =
# = Individual-Client UI =
NGINX_INDIVIDUAL_CLIENT_MAX_BODY_SIZE=150k

# == Draft payment dialogue, links to PDF files.
# = Companies I-net bank.
CLIENT_API_DRAFT_TEMPLATE_URL=https://walletto.eu/documents/import_example.csv
CLIENT_API_DRAFT_REFERENCE_URL=https://walletto.eu/documents/import_file_instruction_en.pdf
# = Individuals I-net bank.
I_CLIENT_API_DRAFT_TEMPLATE_URL=https://walletto.eu/documents/import_example.csv
I_CLIENT_API_DRAFT_REFERENCE_URL=https://walletto.eu/documents/import_file_instruction_en.pdf

# == Allowed amount of the records of CSV file to upload
# = Company-Client UI =
# = Individual-Client UI =
INDIVIDUAL_CLIENT_MAX_IMPORT_ROWS_LIMIT=500

# == Amount of records in the payments lists in UI and for Show More button.
# = Individual-Client UI =
# 20230307 changed from 50 to 200 - 19389
I_CLIENT_API_OPERATION_LIST_LIMIT=200
# = Company-Client UI =

# == Max amount of records to proceed in lists confirmation in UI.
# = Individual-Client UI =
# 20230307 changed from 50 to 200 - 19389
INDIVIDUAL_CLIENT_MAX_PROCESS_DRAFT_COUNT=200
# = Company-Client UI =

# === End of Client UI ===


# === Multisubjects for clients ===

CLIENT_SUBJECT_TRANSITIONAL_MODE=1

# === End of Multisubjects for clients ===


# === Account statement limits ===
# == Admin UI==
# Max allowed time range for statement
ADMIN_ACCOUNT_STATEMENT_MAX_PERIOD=730d
# Max rec q-ty for export Admin UI
ADMIN_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=7500

# == Client API ==
# Max allowed time range for statement
APICLIENT_ACCOUNT_STATEMENT_MAX_PERIOD=90d
# Max rec q-ty for export
APICLIENT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=7500

# == Company-Client UI ==
# Max allowed time range for statement
# Max rec q-ty for export

# == Individual-Client UI ==
# Max allowed time range for statement
INDIVIDUAL_CLIENT_ACCOUNT_STATEMENT_MAX_PERIOD=90d
# Max rec q-ty for export
INDIVIDUAL_CLIENT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=7500
# === End of Account statement limits ===


##==== Starman workers amount
APICLIENT_WORKERS_COUNT=12
PARTNER_WORKERS_COUNT=12
INDIVIDUAL_WEBCLIENT_WORKERS_COUNT=12
ADMIN_WORKERS_COUNT=12
RTPS_WORKERS_COUNT=12
APITEST_WORKERS_COUNT=12
BONUS_CLIENT_WORKERS_COUNT=12
##==== End of Starman workers amount

# === AML settings ===
# == Send internal payments of WLT clients for checking to MB ==
EXTERNAL_AML_ENABLED=1
# == Partner API - restrict edit client's data (allow=0, disallow=1)
PARTNER_RESTRICT_CLIENT_INFO_UPDATING=1
# === End of AML settings ===

# === NGINX timeouts ====
# Note: NGINX_BACKEND - admin UI
# Note: NGINX_BACKEND set to 120s, other stay as was previously until 2021-04-06-c7d02ab2
NGINX_BACKEND_MAX_TIMEOUT=60s
NGINX_PARTNER_MAX_TIMEOUT=60s
# 20230307 changed from 60s to 5m - 19389
NGINX_CLIENT_MAX_TIMEOUT=5m
NGINX_INDIVIDUAL_WEBCLIENT_MAX_TIMEOUT=5m
NGINX_APITEST_MAX_TIMEOUT=60s
NGINX_RTPS_MAX_TIMEOUT=60s
# === End of NGINX timeouts ====

# === Authorization advices ===
# == Close authorization after (works with scheduler)
# Default value is 30d if omitted
PENDING_AUTHORIZATIONS_STORAGE_PERIOD=720h


## === Logging settings ===
# Default is 0 or when omitted (no limits)
APP_MAX_LOG_MESSAGE_LENGTH=0
## === End of Logging settings ===

# === MB API ===
# == Response timeout for requests to MB API in seconds (default is 10s if ommited)==
MACROBANK_EXTERNAL_AML_RESPONSE_TIMEOUT=10
# === End of MB API ===

# === Blocking hierarchy of client/account/card entity ===
# == Global ON/OFF blocking hierarchy switch: 0=OFF (default), 1=ON ==
APP_ALLOW_HIERARCHICAL_LOCKS=1
# == ON/OFF switch in Admin UI. 0=OFF (default), 1=ON ==
ADMIN_API_ALLOW_HIERARCHICAL_LOCKS=1
# === End of: Blocking hierarchy of client/account/card entity ===


# === Gift cards ===
# == Virtual cards ==
# = Max amount of one-time top-up (default is 15000 in EUR cents) =
VIRTUAL_INSTANT_CARD_TOP_UP_MAX_AMOUNT=15000
# === End of: Gift cards ===


# === Export tables as CSV in Admin UI ===
# == Transaction list ==
APP_TRANSACTION_EXPORT_MAX_RECORDS=30
# == Account list ==
APP_ACCOUNT_EXPORT_MAX_RECORDS=30
# == Auth list ==
APP_AUTHORIZATION_EXPORT_MAX_RECORDS=30
# == Document list ==
APP_DOCUMENT_EXPORT_MAX_RECORDS=30
# == Client entries export limit in Admin UI -
APP_CLIENT_EXPORT_MAX_RECORDS=4000
# === End of: Export tables as CSV in Admin UI ===


# === AML limits ===
# == Require personal code for these tax countries in API ==
APP_TAX_COUNTRIES_WITH_REQUIRED_PERSON_CODE=LTU
# == Require personal code for these tax countries in Admin UI ==
ADMIN_API_TAX_COUNTRIES_WITH_PERSON_CODE_CHECKING=LTU
# === End of: AML limits ===


# === PIN code management for virtual card ===
# == Switch ON/OFF PIN management (0=OFF, 1=ON)
APP_VIRTUAL_CARD_PIN_MANAGEMENT_ALLOWED=1
# == Add this in Admin UI ==
ADMIN_API_VIRTUAL_CARD_PIN_MANAGEMENT_ALLOWED=1
# == Add this in Client UI ==
# == Add this in Individual Client UI ==
I_CLIENT_API_VIRTUAL_CARD_PIN_MANAGEMENT_ALLOWED=1
# === End of: PIN code management for virtual card ===


# === Security ===
# == Advanced password policy (1 = ON, 0=OFF (default)) for all entry points
ADVANCED_PASSWORD_POLICY_ON_LOGIN_ENABLED=1
# Reject unknown and not used fields in API requests
APP_EXCESS_FIELDS_CHECK_REQUIRED=1
# === End of Security ===


# === GooglePay ===
# == Allow push-provisioning for partners (1 = ON, 0=OFF (default))
PARTNER_GOOGLE_PAY_PUSH_PROVISIONING_ENABLED=0
# == Allow push-provisioning for companies in Client UI (1 = ON, 0=OFF (default))
# == Allow push-provisioning for individuals in Client UI (1 = ON, 0=OFF (default))
INDIVIDUAL_CLIENT_GOOGLE_PAY_PUSH_PROVISIONING_ENABLED=0
# === End of GooglePay ===


# === Admin UI ===
# == Max period of stats data scope in Admin UI
APP_REPORTS_MAX_PERIOD=365d
# === End of Admin UI ===


# === ADMIN UI ===

# Makes end-user IP address fiels obligate (all requests)
# changed to 1 - 20221026 - Release 31 - 3270-2-1
# changed back to 0 - 20221031 – due to 422 rejects
# release 2022-11-28-e1f2ce903 necessity only on POST requests
# changed to 1 - 20221201 - Release 33 - 3270-2
PARTNER_END_USER_IP_ADDRESS_REQUIRED=1


# WEBHOOK

# [Webhook] api proxy read timeout
NGINX_WEBHOOK_MAX_TIMEOUT=120s
# [Webhook] Starman workers count for Webhook notifications
WEBHOOK_WORKERS_COUNT=5
# [Webhook] Common name and certificate check for webhook service
WEBHOOK_CERTIFICATE_CHECK=1
# [Webhook] Default account close reason, when ACC closed by webhook.
WEBHOOK_DEFAULT_ACCOUNT_CLOSE_REASON=Closed by external service

# EOF WEBHOOK

# 4 eye principale (document double cheking by bo_admin_senior)
ADMIN_ENABLE_FOUR_EYE_PRINCIPLE_USAGE=0


# NGINX monitoring settings
STUB_PORT=5444


# Countries where recipient_address field is required for SEPA payment
ADMIN_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE
PARTNER_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE
CLIENT_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE


# ID generator version. (Ver 1 is current, ver 2 uses smaller increment)
ID_GENERATOR_VERSION=1


# Allow checking the client's country by delivery whitelist and default partner delivery method when creating card application.
APP_REJECT_CARD_APPLICATION_WITH_NON_DELIVERY_WHITELIST_COUNTRY=1

# Allow new clients to be checked through external application (MB)
APP_EXTERNAL_CLIENT_CHECK_ENABLED=1

# Enables comission calculation and accounting upon external payments
APP_ENABLE_WITHDRAW_COMISSION_CHECK=1

# AML fields necessity parametrs
PARTNER_API_ENABLE_ADDITIONAL_AML_INFO_REQUIREMENT=0
ADMIN_API_ENABLE_ADDITIONAL_AML_INFO_REQUIREMENT=0


#enable SSL to db
#APP_MYSQL_SSL_ENABLE=1
APP_MYSQL_SSL_ENABLE=0
#APP_MYSQL_SSL_CA_FILE=/run/secrets/db-ca.pem


# enabling the updated payment form in the web interface of clients
I_CLIENT_API_FORBID_CONFIRM_ON_INSUFFICIENT_FUNDS=1


# the ability for users of the client web interface to reenroll into '3D-Secure` with a single request using the new 'ACS3`
APP_DISABLE_ADDITIONAL_UNENROLL=1


# PDF rendering internal service credentials
REPORT_GENERATOR_BASE_URL=http://pdf-renderer:5000
REPORT_GENERATOR_USERNAME=renderer
REPORT_GENERATOR_PASSWORD=renderer


# Send operation internal commission calc
APP_ENABLE_INTERNAL_COMISSION_CHECK=1


# CMS GPS test settings
APP_ALLOWED_BINS=460985,460986,999999,516300,440525,426528,456755,539966,539967
DEFAULT_CMS_DRIVER_NAME=worldline


# maximal count of requests per client (default=3)
APP_MAX_CLIENT_UPDATE_REQUEST=3


# === PLAIS ===
APP_PLAIS_CHECK_PAYER_NAME=1
# Sender organization identifiers
APP_PLAIS_OUR_SYSTEM_IDENTIFIER=UAWALT21XXX
APP_PLAIS_REMOTE_SYSTEM_IDENTIFIER=SNCTLT21XXX

# Comission amount in cents for PLAIS payment
APP_PLAIS_WRITEOFF_FEE_AMOUNT=100
# Description for PLAIS  payment doc_type=plais_writeoff_sepa
APP_PLAIS_WRITEOFF_CODESTRING="Fee for PLAIS payment"
# === EOF PLAIS ===

# Quantity and interval of repeated account access.
APP_ACCOUNT_ACCESS_RETRY_COUNT=6
APP_ACCOUNT_ACCESS_RETRY_INTERVAL=3s


# GPS card obligate PIN requirement (default is off=0)
INDIVIDUAL_CLIENT_API_CARD_APPLICATION_CREATION_PIN_REQUIREMENT=1
PARTNER_API_CARD_APPLICATION_CREATION_PIN_REQUIREMENT=1


# CSV list of card export maximum rows (default is 2000)
APP_CARD_EXPORT_MAX_RECORDS=2000

# Indvidual AML field necessity
# List of partners: walletto,OWNR,Cardbit,Mezoman,Capitalist,btc2wire,Poklet,GTM,Buyer,UnifiedFinance,PayUnionLT,European Securepay Center,PRO INVEST GROUP,Multiodot,
PARTNERS_WITH_ENABLED_ADDITIONAL_AML_INFO_REQUIREMENT=401325658112331011,403605021955115163,404067170051409799,404514610178740608,404891196419010608,408252775432791212,409024068105488332,409533795594140345,409861352458151534,410930764810750361,415260845331969866,415374653972638869,415657107989059593,419618502144810746,419618502144810746

# Toggeles Turnovers section in AdminUI client view (0=off)
ADMIN_API_SHOW_CLIENT_TURNOVERS=1

# added 20220803 - Release 25 - determining the user's geolocation
INDIVIDUAL_CLIENT_USER_HISTORY_COUNTRY_RESOLVE_ENABLED=1

# added 20220803 - Release 25 - the number of simultaneously uploaded records to the exported csv file of the list of user action histories.
APP_ACTION_HISTORY_EXPORT_MAX_RECORDS=2000

# added 20220816 - Release 26 - processing notifications about OCT by Worldline cards
# changed to 1 20230126 - Release 1 - 1429-6
ALLOW_OCT_AUTH_PROCESSING=1

# === ADMIN CONTROL API ===
# added 20220817 - Release 26 - new entry point Admin Control API - Heimdall-Coin

ADMIN_CONTROL_DOMAIN=api.admin-control

# api starman workers
ADMIN_CONTROL_WORKERS_COUNT=1

#api proxy read timeout
#by default time is in seconds, can be used in any of nginx formats (30s, 10m, 12h)
NGINX_ADMIN_CONTROL_MAX_TIMEOUT=30m

# authentication by API admin certificate
ADMIN_CONTROL_CERTIFICATE_CHECK=0

# Security settings
ADMIN_CONTROL_USER_PASSWORD_LIFETIME=90d
ADMIN_CONTROL_USER_MAX_LOGIN_ATTEMPT=3
ADMIN_CONTROL_USER_FAILED_ATTEMPTS_LOOKUP_PERIOD=10m
ADMIN_CONTROL_USER_TEMPORARY_BLOCK_PERIOD=30m
ADMIN_CONTROL_USER_PASSWORD_HISTORY_SIZE=5

# Account/statement limits
ADMIN_CONTROL_ACCOUNT_STATEMENT_MAX_PERIOD=730d
ADMIN_CONTROL_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=0

# Countries where recipient_address field is required for SEPA payment
ADMIN_CONTROL_API_COUNTRIES_WITH_REQUIRED_SEPA_RECIPIENT_ADDRESS=CHE

# Enabling mandatory additional fields when creating a person by an administrator and a partner
ADMIN_CONTROL_API_ENABLE_ADDITIONAL_AML_INFO_REQUIREMENT=0

# === EOF ADMIN CONTROL API ===

# added 20220919 - Release 28 - obligatory of CVV when activating GPS plastic cards by clients
I_CLIENT_API_CARD_ACTIVATION_CVV_REQUIREMENT=1

# added 20220919 - Release 28 - the maximum number of attempts to check CVV when activating GPS plastic cards by clients
I_CLIENT_API_CVV_MAX_CHECK_ATTEMPTS=3

# added 20220919 - Release 28 - use of data from the extended table of countries when performing various procedures related to checking countries
APP_USE_ADVANCED_COUNTRIES_CHECK_LIST=1

# added 20220920 - Release 28 - user geolocation definition by IP
APP_GEOIP_2_MMDB_FILE_PATH=/opt/project/core/app/geoip_data/GeoLite2-Country.mmdb

# added 20221010 - Release 29 -GPS available card product ids
# added 20240229 products 13646, 16377, 16379, 14353 - task 26870
#AVAILABLE_CARD_PRODUCT_IDS=13638,13643,14341,14060,14059,14351,14424,14026,14027,14066,14067,14407,14434,14377,13646,16377,16379,14353
# removed 20240307 products 14434,14377,14424
AVAILABLE_CARD_PRODUCT_IDS=13638,13643,14341,14060,14059,14351,14026,14027,14066,14067,14407,13646,16377,16379,14353

# added 20221012 - Release 30 -  definition of partner API clients geolocation
PARTNER_USER_HISTORY_COUNTRY_RESOLVE_ENABLED=1

# added 20221012 - Release 30 - Partner entrypoint OTP settings
PARTNER_OTP_LIFETIME=5m
PARTNER_OTP_MAX_CHECK_ATTEMPTS=10
PARTNER_OTP_USER_TEMPORARY_BLOCK_PERIOD=10m
PARTNER_OTP_CHECK_ATTEMPTS_RESET_PERIOD=30m
PARTNER_OTP_MIN_GENERATION_PERIOD=5m
PARTNER_OTP_ENABLED=1
PARTNER_OTP_TEST_MODE=0
PARTNER_CLIENT_REQUEST_SIGNATURE_LIFETIME=5m

# added 20221026 - Release 31 - 327-9
APP_PLAIS_CARD_ACCOUNT_PROCESSING_ENABLED=1

# added 20221026 - Release 31 - 593-1
PARTNER_API_СVN_MAX_CHECK_ATTEMPTS=3


# added 20221207 - Release 34 - 732
APP_USER_EXPORT_MAX_RECORDS=2000
APP_PARTNER_EXPORT_MAX_RECORDS=2000
APP_PERSON_EXPORT_MAX_RECORDS=2000
APP_COMPANY_EXPORT_MAX_RECORDS=2000
APP_EXTRA_ATTENTION_PERSON_EXPORT_MAX_RECORDS=2000
APP_CLIENT_PERSON_UPDATE_REQUEST_EXPORT_MAX_RECORDS=2000

# added 20221212 - Release 34.5.2 - 722
I_CLIENT_API_USE_SESSION_TOKEN=1

# added 20230111 - Release 35 - url to parcel service - 757
I_CLIENT_API_TRACKING_SERVICE_URL=https://parcelsapp.com/en

# added 20230411 - Release 6 - 855
APP_ALLOW_GPS_MONEYSEND_PAYMENT_AUTH_PROCESSING=1

# added 20230516 - Release 8 – 803
ADMIN_API_SHOW_SYNC_TO_SECONDARY_BUTTON=1

# added 20230605 - Release 9 - 6734-11
APP_ENABLE_RESOLVE_OPERATION_REGION_BY_SCHEMA=1

#added 20230626 - Release 11 - 19895
APP_ENABLE_UAE_SWIFT_PURPOSE_CODE_REQUIREMENT=1
APP_SWIFT_PURPOSE_CODE_PREFIX=#PC

# Bonus Client domain settings
BONUS_CLIENT_DOMAIN=webapi-bonus-client

# Bonus Client API settings
BONUS_CLIENT_SESSION_SECRET=8skj6342fj2hf234
BONUS_CLIENT_SESSION_DOMAIN=webapi-bonus-client.coin.local.work
BONUS_CLIENT_CSRF_ENABLED=1
BONUS_CLIENT_CSRF_TOKEN_LIFETIME=5m
BONUS_CLIENT_CSRF_ALWAYS_REGENERATE_TOKEN=0
BONUS_CLIENT_ACCOUNT_STATEMENT_MAX_PERIOD=90d
BONUS_CLIENT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=1000
NGINX_BONUS_CLIENT_MAX_BODY_SIZE=150k
NGINX_BONUS_CLIENT_MAX_TIMEOUT=5m
BONUS_CLIENT_GOOGLE_PAY_PUSH_PROVISIONING_ENABLED=1
BONUS_CLIENT_USER_HISTORY_COUNTRY_RESOLVE_ENABLED=1
BONUS_CLIENT_USE_SESSION_TOKEN=1

#added 20230727 - Release 12 - 882 - максимальное количество виртуальных бонусных карт на одного клиента
CLIENT_MAX_BONUS_CARD_COUNT=3

#added 20230727 - Release 12 - 933 - разрешение на перевыпуск карт
I_CLIENT_API_GPS_CARD_REPLACE_ALLOWED=1
I_CLIENT_API_GPS_CARD_REPLACE_ALLOWED_FOR=1

#added 20230821 - Release 14
APP_DISABLE_FINANCIAL_REQUEST_ON_CLOSED_GPS_CARD=1
ADMIN_CHECKS_DURING_CLIENT_REGISTRATION=ExternalCheck,ExternalKycCheck,ExtraAttentionPerson,WhitelistedCountries,PersonField,CountryRestrictions
ADMIN_API_DISABLE_ACCIDENTAL_CLIENT_CLOSING_PROTECTION=1
WEBHOOK_ALLOW_CLIENT_SEARCH_BY_EXTRA_REMOTE_ID=1
ADMIN_API_DISABLE_LIST_RECORD_COUNT_ON_FIRST_LOAD_FOR=clients,accounts

#added 20230908 - Release 15 - 878-2 - пользователям IB разрешено закрытие карты
I_CLIENT_API_CARD_CLOSE_ALLOWED=1
###список клиентских id, если параметр выше =1, параметр перестает применяться
###I_CLIENT_API_CARD_CLOSE_ALLOWED_FOR=

#added 20230908 - Release 15 - 937 - проверка стран происходит через список стран
APP_USE_ADVANCED_COUNTRIES_CHECK_LIST=1

#added 20230922 - Release 16 - 812 - Возможность администратору переоткрыть счет синхронно с Heimdall
ADMIN_API_SHOW_REOPEN_ACCOUNT_BUTTON=1

#added 20230928 - Release 16.7 - 999 - отображение иконок статусов карт на главной странице веб интерфейса клиента
I_CLIENT_API_SHOW_CARD_STATUS_ICONS=1

ALLOW_CHECKING_CARD_TO_CARD_TRANSFER=1

#added 20231101 - Release 19 - 983-1-1 - список доступных карточных продуктов для клиентов-юрлиц
AVAILABLE_CLIENT_COMPANY_CARD_PRODUCT_IDS=15424,15453,15868,15869

#added 20231101 - Release 19 - 1013 - дополнительная защита от создания дубликатов онлайн-сообщений от GPS
RTPS_ENABLE_ADDITIONAL_DUPLICATE_CHECK=1

#added 20231101 - Release 19 - 982 - возможность выпускать вспомогательные карты GPS до активации главной пластиковой карты
APP_CREATE_CARD_AT_GPS_CARD_APPLICATION_CREATION=1

#added 20231122 - Release 20.5 - session time
INDIVIDUAL_CLIENT_SESSION_EXPIRES=+15m
ADMIN_SESSION_EXPIRES=+240m

#added 20231122 - Release 20.5 - webhooks statuses
APP_PAYMENT_DOCUMENT_PROCESSING_CUSTOM_STATUSES={"withdraw_sepa":{"PSI_RETURNED":"pending","PSI_SENT":"pending","SR_CONFIRM_POSTED:"pending",”PSI_COMPLETED”:”approved”,”RECONCILIATION_WAITING”:”approved”,”PSI_REJECTED”:”declined”},"withdraw_swift":{"PSI_SENT":"pending"},"send":{"PSI_SENT":"pending"}}

#added 20231122 - Release 20.5 - internal payments with HMD
# transfer,card2card online
###APP_ONLINE_PAYMENT_DOCUMENT_TYPES_LIST=transfer,card2card
# transfer,card2card to files
APP_ONLINE_PAYMENT_DOCUMENT_TYPES_LIST=

#added 20231123 - Release 21.2 - 1073 - Изменить используемую функцию хеширования паролей
APP_USER_PASSWORD_HASH_TYPE=SHA256

#added 20231207 - Release 21.3 - 1017 - Для внешниx платежей
#максимальное количество записей внешних платежей в импортируемом файле
ADMIN_MAX_EXTERNAL_DOCUMENT_IMPORT_ROWS_LIMIT=100
#максимальное количество записей внешних платежей для обработки
ADMIN_MAX_EXTERNAL_DOCUMENT_PROCESSING_ROWS_LIMIT=100
#максимальный размер импортируемого файла с внешними платежами
NGINX_ADMIN_MAX_BODY_SIZE=150k

#added 20231207 - Release 21.3 - 1097 - список удаляемых типов документов
APP_DELETABLE_DOCUMENT_TYPES=withdraw_sepa,withdraw_swift

#added 20231211 - Release 22.1 - 1058 - включение возможности создания платежных документов reversal_sepa
APP_WITHDRAW_SEPA_REVERSAL_AUTO_APPROVE=1

#настройка параметров для веб-интерфейса
ADMIN_API_LAYOUT_INDEX=9HLLMx9b86NBfHv
I_CLIENT_API_LAYOUT_INDEX=9HLLMx9b86NBfHv

#added 20240105 - Release 22.2 - w24334 -  список идентификаторов клиентов, которые не должны попасть в отчет о денежном обороте
SKIP_CLIENT_FOR_TURNOVER_REPORT=

#added 20240126 - Release 24.1 - список доступных языков локализации для веб интерфейса администратора и клиента
ADMIN_API_AVAILABLE_LANGUAGES=en,ru
# русский язык убран в интернетбанке по задаче 28001
#I_CLIENT_API_AVAILABLE_LANGUAGES=en,ru
I_CLIENT_API_AVAILABLE_LANGUAGES=en

#added 20240126 - Release 24.1 - 25441 - список доступных типов комиссий за исходящие SWIFT платежи
APP_SWIFT_COMMISSION_TYPES=SHA

#added 20240126 - Release 24.1 - 1101 - диапазон дат и количество операций, выгружаемых в выписке по счетам
CUSTOM_REPORT_ACCOUNT_STATEMENT_MAX_PERIOD=1095d
CUSTOM_REPORT_ACCOUNT_STATEMENT_MAX_RECORD_COUNT=100000

#added 20240213 - patch for Release 24.1 - для выключения-включения возможности передачи информации о холдах PLAIS
APP_PLAIS_SYNC_HOLD_TO_CORE_BANKING=0

#added 20240308 - Release 24.3 - период задержки псевдоклиринга транзакций-пополнений - 1150
APP_PSEUDO_CLEARING_POSTPONE_PERIOD=5d

#added 20240318 - Release 24.5 - тестовый/продовый (0/1) режим отправки мейлов - 23623-2
APP_MSMTP_TEST_MODE=0

#added 20240318 - Release 24.6 - отображение элементов веб-интерфейса клиента
I_CLIENT_API_SHOW_BONUS_CARD_SPECIFIC_INFO_FOR=430119059880765423
I_CLIENT_API_BONUS_CARD_SPECIFIC_INFO=fee_statistic

#added 20240416 - Release 24.8 - для настройки корректной работы сервиса рендеринга отчетов
REPORT_GENERATOR_LAYOUT_INDEX=9HLLMx9b86NBfHv

#added 20240416 - Release 24.8 - кастомная базовая валюта системы
APP_BASE_CURRENCY=EUR

#added 20250515 - Release 24.9 - подмена символов при заказе новых пластиковых карт
APP_ENCODE_CARD_APPLICATION_FIELDS=first_name,last_name,address,city

#added 20250515 - Release 24.9 - cписок категории продуктов карт, при выпуске которых разрешено фактическое указание флага отказа от печати имени на карте
APP_NON_PERSONALIZED_CARD_PRODUCT_CATEGORIES=prepaid

#added 20240605 - Release 24.10 - Автоматическое списание платежей plais_writeoff_sepa - 1139
APP_PLAIS_WRITEOFF_SEPA_AUTO_APPROVE=1

#added 20240605 - Release 24.10 - Возможность обрабатывать переданные браузерные данные в формате base64 - 1242
I_CLIENT_API_BROWSER_DETAILS_FORMAT=base64_json

#added 20240605 - Release 24.10 - Возможность получения выписки о балансе по всем клиентским счетам - 1198-1
###commented 20240726 in Release 24.12 - 1287
###ADMIN_ACCOUNTS_BALANCE_STATEMENT_MAX_PERIOD=730d

#added 20240605 - Release 24.10 - Возможность кешировать результаты успешной валидации IBAN - 1160
APP_ENABLE_IBAN_INFO_CACHING=1
APP_IBAN_INFO_CACHE_LIFETIME=365d
APP_BYPASS_IBAN_VALIDATION=0

#added 20240607 - Release 24.11 - Не отправлять запросы изменения баланса по заблокированным картам GPS - 1264
APP_DISABLE_FINANCIAL_REQUEST_ON_BLOCKED_GPS_CARD=1

#added 20240607 - Release 24.11 - Возможность автоматического создания пользователя веб интерфейса клиента
APP_USER_CREATION_MODE=off

#added 20240607 - Release 24.11 - Возможность списания суммы закрывающей комисии в зависимости от причины закрытия клиента - 1257
APP_ENABLE_CONTRACT_TAX_CLOSE_REASON_USAGE=1
APP_CLIENT_CLOSURE_RECENCY_PERIOD=184d

#added 20240607 - Release 24.11 - Актуализировать интеграцию с сервисами для генерации QR-кодов - 1271
I_CLIENT_API_USE_INTERNAL_QR_CODE_RENDERER=1
TOTP_CHART_GOOGLEAPIS=

# added 20240711 -  Release 2023-12-21 - настройки полей в емайле с логином паролем
APP_MSMTP_CONFIG=run/secrets/msmtp.conf
APP_ENABLE_USER_ACCESS_EMAIL_SENDING_FOR=client,client_accountant
APP_USER_ACCESS_EMAIL_LOGIN_URL=https://i.bank.walletto.eu
APP_USER_ACCESS_EMAIL_SUBJECT='Your access credentials to Walletto SBX internet banking services'
APP_USER_ACCESS_EMAIL_TEMPORARY_PASSWORD_LIFETIME='72 hours'
APP_USER_ACCESS_EMAIL_TEST_MODE=0


#added 20240719 - patch for PLAIS 1907 - не считать комиссии на комиссии PLAIS - 1318
APP_PLAIS_SERVICE_FEE_CRITERIA=[{"amount":"102","payee_name":"Valstybės įmonė Registrų centras"}]

#added 20240819 - смена статуса карт синхронно с Heimdall - 1320
APP_ENABLE_CARD_STATUS_SYNC_WITH_CORE_BANKING=1

#added 20240819 - проверка уровня риска регистрируемых клиентов - 1317
APP_CLIENT_PRE_ACTIVATION_CHECKS=RiskLevel
PARTNER_CHECKS_DURING_CLIENT_REGISTRATION=

#added 20240819 - перевыпуск карт через машинный клиентский API - 1335
APICLIENT_API_GPS_CARD_REPLACE_ALLOWED=1
APICLIENT_API_GPS_CARD_REPLACE_ALLOWED_FOR=
APICLIENT_API_CARD_CLOSE_ALLOWED=1
APICLIENT_API_CARD_CLOSE_ALLOWED_FOR=

#added 20240918 - Возможность блокирования средств по PLAIS-распоряжениям общим холдом счета - 1303-1
APP_PLAIS_USE_CONSOLIDATED_HOLD=1

#added 20241008 - Release 24.16 - для настройки списка доступных валют - 1365
APP_ADDITIONAL_CURRENCIES=PLN

#added 20241105 - Release 24.17 - срок доступности логов - 1291-1
ADMIN_EXTERNAL_LOG_AVAILABILITY_PERIOD=14d

#added 20241105 - Release 24.17 - понятные партнерам и клиентам сообщения при возникновении ошибок взаимодействия с внешними сервисами - 1323
PARTNER_ALLOW_PROCESSING_DETAILS=1
ADMIN_CONTROL_ALLOW_PROCESSING_DETAILS=1
APICLIENT_ALLOW_PROCESSING_DETAILS=1

#added 20241219 - Release 24.19 - получение комиссии по платежам transfer - 1410
APP_ENABLE_TRANSFER_COMMISSION_CHECK=1

#added 20250120 - Release 25.01 - Возможность проведение платежей deposit_from_card на расчетный счет без карты - 1420 (0 = проведение платежей deposit_from_card на расчетный счет без карты запрещено)
APP_ALLOW_CHECKING_ACCOUNT_FUNDING=0

#added 20250120 - Release 25.01 - Для настройки уведомления, что с момента активации клиента прошло более X дней и плата за закрытие не будет взиматься - 1425
ADMIN_API_CLIENT_CLOSURE_RECENCY_PERIOD=184d

#added 20250204 - Release 25.02 - Возможность сохранения нескольких IP адресов при проведении платежей - 1413-2
APICLIENT_END_USER_IP_ADDRESS_REQUIRED=0

#added 20250204 - Release 25.02 - обработка уведомлений об отмене авторизаций по картам GPS - 1437
ALLOW_GPS_REVERSAL_ADVICE_PROCESSING=1

#added 20250204 - Release 25.02 - Изменить логику обработки комиссий за входящие платежи - 1424
APP_INCOMING_PAYMENT_AND_FEE_CONSOLIDATION=1

#added 20250220 - Release 25.03 - Возможность сохранять резервную копию файла при экспорте, если возникла ошибка подключения к SFTP - 1457
APP_FAILED_SFTP_UPLOADS_DIR=/opt/project

#added 20250220 - Release 25.03 - Списывать комиссию за исходящий платеж при его создании - 1449
APP_DIRECT_OUTGOING_FEE_WRITEOFF=1

#added 20250414 - Release 25.05 - Возможность получить доступ к новой версии веб интерфейса - 11
NGINX_I_CLIENT_V2_ENABLED=0
FRONTEND_I_CLIENT_V2_ONLY=0

#added 20250414 - Release 25.05 - ...
###I_CLIENT_API_COOKIE_POLICY=https://walletto.eu/cookie-policy/
###I_CLIENT_API_PRIVACY_POLICY=https://walletto.eu/privacy-policy/
###I_CLIENT_API_TERMS_AND_CONDITIONS=https://walletto.eu/terms-and-conditions/

#added 20250721 - Release 25.11 - ...
I_CLIENT_API_ALLOWED_LANG_LT=1

#added 20251002 - Realease 25.17 -
APP_RTPS_RESOLVE_AUTHORIZE_INCREMENTAL=1

#added 20251003 - Release 25.17.5 - ...
APP_ENABLE_WITHDRAW_VOP_CHECK=0
I_CLIENT_API_ENABLE_WITHDRAW_VOP_CHECK_RESULT_VIEW=0

#added 20251015 - Release 25.18 - ...
APP_SYNC_COMPANY_PERSON_TO_CORE_BANKING=1
APP_ALLOW_WITHDRAW_TO_CARD_WITHOUT_CARD=0
APP_ONBOARDING_COMPANY_REGISTERED_EMAIL_SUBJECT='successfully created'

#added 20251216 - Release 25.22 - Оптимизация VoP для для партнерского и клиентского API - 1663
APP_WITHDRAW_SEPA_VOP_ID_REQUIRED=0
APP_WITHDRAW_SEPA_VOP_LIFETIME=24h

#added 20251216 - Release 25.22 - период, за который отправляется дополнительное e-mail уведомление об окончании срока действия карты - 4364-4-9-1
APP_EXPIRATION_NOTIFICATION_PERIOD=3d








TZ=Europe/Riga