# Copyright (c) Abstract Machines
# SPDX-License-Identifier: Apache-2.0
# Docker: Environment variables in Compose

## Enable GRPC SSL
## If enabled run make all inside docker/ssl directory to generate the GRPC certs
GRPC_MTLS=

## NginX
MG_PUBLIC_HOST=localhost
MG_UI_HOST=ui
MG_LETSENCRYPT_ENABLED=false
MG_LETSENCRYPT_EMAIL=
MG_LETSENCRYPT_STAGING=true
MG_LETSENCRYPT_FORCE_RENEWAL=false
MG_NGINX_HTTP_PORT=80
MG_NGINX_SSL_PORT=443
MG_NGINX_MQTT_PORT=1883
MG_NGINX_MQTTS_PORT=8883
MG_NGINX_AMQP_PORT=5682
MG_NGINX_SERVER_NAME=
# After issuing a Let's Encrypt certificate, uncomment these paths and restart nginx.
# MG_NGINX_SERVER_CERT=./ssl/letsencrypt/live/${MG_PUBLIC_HOST}/fullchain.pem
# MG_NGINX_SERVER_KEY=./ssl/letsencrypt/live/${MG_PUBLIC_HOST}/privkey.pem

## FluxMQ Cluster
MG_FLUXMQ_IMAGE_TAG=latest
MG_FLUXMQ_AMQP091_PORT=5682
MG_FLUXMQ_API_PORT_1=9081
MG_FLUXMQ_API_PORT_2=9082
MG_FLUXMQ_API_PORT_3=9083

## Message Broker
MG_MESSAGE_BROKER_URL=amqp://guest:guest@nginx:${MG_FLUXMQ_AMQP091_PORT}/
MG_FLUXMQ_PUBLISH_HTTP_HOST=fluxmq-auth
MG_FLUXMQ_PUBLISH_HTTP_PORT=9026

## Redis
MG_REDIS_TCP_PORT=6379
MG_REDIS_URL=redis://es-redis:${MG_REDIS_TCP_PORT}/0

## Event Store
MG_ES_TYPE=es_fluxmq
MG_ES_URL=amqp://guest:guest@nginx:5682/

## Jaeger
MG_JAEGER_COLLECTOR_OTLP_ENABLED=true
MG_JAEGER_FRONTEND=16686
MG_JAEGER_OLTP_HTTP=4318
MG_JAEGER_URL=http://jaeger:4318/v1/traces
MG_JAEGER_TRACE_RATIO=1.0
MG_JAEGER_MEMORY_MAX_TRACES=5000

## Call home
MG_SEND_TELEMETRY=true

## Postgres
MG_POSTGRES_MAX_CONNECTIONS=100

## Core Services

### Auth
MG_AUTH_LOG_LEVEL=debug
MG_AUTH_HTTP_HOST=auth
MG_AUTH_HTTP_PORT=9001
MG_AUTH_HTTP_SERVER_CERT=
MG_AUTH_HTTP_SERVER_KEY=
MG_AUTH_GRPC_HOST=auth
MG_AUTH_GRPC_PORT=7001
MG_AUTH_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/auth-grpc-server.crt}${GRPC_TLS:+./ssl/certs/auth-grpc-server.crt}
MG_AUTH_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/auth-grpc-server.key}${GRPC_TLS:+./ssl/certs/auth-grpc-server.key}
MG_AUTH_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
MG_AUTH_DB_HOST=auth-db
MG_AUTH_DB_PORT=5432
MG_AUTH_DB_USER=magistrala
MG_AUTH_DB_PASS=magistrala
MG_AUTH_DB_NAME=auth
MG_AUTH_DB_SSL_MODE=disable
MG_AUTH_DB_SSL_CERT=
MG_AUTH_DB_SSL_KEY=
MG_AUTH_DB_SSL_ROOT_CERT=
MG_AUTH_ACCESS_TOKEN_DURATION="1h"
MG_AUTH_REFRESH_TOKEN_DURATION="24h"
MG_AUTH_KEYS_ALGORITHM="EdDSA"
MG_AUTH_KEYS_ACTIVE_KEY_PATH="./keys/active.key"
MG_AUTH_KEYS_RETIRING_KEY_PATH="./keys/retiring.key"
MG_AUTH_INVITATION_DURATION="168h"
MG_AUTH_ADAPTER_INSTANCE_ID=
MG_AUTH_CACHE_URL=redis://auth-redis:${MG_REDIS_TCP_PORT}/0
MG_AUTH_CACHE_KEY_DURATION=10m
MG_AUTH_JWKS_URL=http://${MG_AUTH_HTTP_HOST}:${MG_AUTH_HTTP_PORT}/keys/.well-known/jwks.json
MG_AUTH_JWKS_CACHE_MAX_AGE=900
MG_AUTH_JWKS_CACHE_STALE_WHILE_REVALIDATE=60

#### Client Callout
MG_CLIENTS_CALLOUT_URLS=""
MG_CLIENTS_CALLOUT_METHOD="POST"
MG_CLIENTS_CALLOUT_TLS_VERIFICATION="false"
MG_CLIENTS_CALLOUT_TIMEOUT="10s"
MG_CLIENTS_CALLOUT_CA_CERT=""
MG_CLIENTS_CALLOUT_CERT=""
MG_CLIENTS_CALLOUT_KEY=""
MG_CLIENTS_CALLOUT_OPERATIONS=""

#### Channel Callout
MG_CHANNELS_CALLOUT_URLS=""
MG_CHANNELS_CALLOUT_METHOD="POST"
MG_CHANNELS_CALLOUT_TLS_VERIFICATION="false"
MG_CHANNELS_CALLOUT_TIMEOUT="10s"
MG_CHANNELS_CALLOUT_CA_CERT=""
MG_CHANNELS_CALLOUT_CERT=""
MG_CHANNELS_CALLOUT_KEY=""
MG_CHANNELS_CALLOUT_OPERATIONS=""

#### Group Callout
MG_GROUPS_CALLOUT_URLS=""
MG_GROUPS_CALLOUT_METHOD="POST"
MG_GROUPS_CALLOUT_TLS_VERIFICATION="false"
MG_GROUPS_CALLOUT_TIMEOUT="10s"
MG_GROUPS_CALLOUT_CA_CERT=""
MG_GROUPS_CALLOUT_CERT=""
MG_GROUPS_CALLOUT_KEY=""
MG_GROUPS_CALLOUT_OPERATIONS=""

#### Domain Callout
MG_DOMAINS_CALLOUT_URLS=""
MG_DOMAINS_CALLOUT_METHOD="POST"
MG_DOMAINS_CALLOUT_TLS_VERIFICATION="false"
MG_DOMAINS_CALLOUT_TIMEOUT="10s"
MG_DOMAINS_CALLOUT_CA_CERT=""
MG_DOMAINS_CALLOUT_CERT=""
MG_DOMAINS_CALLOUT_KEY=""
MG_DOMAINS_CALLOUT_OPERATIONS=""

#### Auth Client Config
MG_AUTH_URL=auth:9001
MG_AUTH_GRPC_URL=auth:7001
MG_AUTH_GRPC_TIMEOUT=300s
MG_AUTH_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.crt}
MG_AUTH_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.key}
MG_AUTH_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

### Atom Integration
ATOM_URL=http://atom:8080
ATOM_PUBLIC_URL=http://nginx:80
ATOM_JWKS_URL=http://atom:8080/.well-known/jwks.json
ATOM_JWT_ISSUER=http://nginx:80
ATOM_JWT_AUDIENCE=magistrala
ATOM_SIGNUP_ENABLED=true
ATOM_DEV_ALLOW_UNVERIFIED_EMAIL_LOGIN=true
ATOM_CORS_ALLOWED_ORIGINS=http://localhost:3000,http://localhost
ATOM_UI_HTTP_PORT=3005
ATOM_SERVICE_TOKEN=
ATOM_SERVICE_USERNAME=mg-service
ATOM_SERVICE_SECRET=change-me-service-secret
ATOM_ADMIN_TOKEN=
ATOM_ADMIN_USERNAME=admin
ATOM_TIMEOUT=5s
ATOM_HTTP_PORT=8080
ATOM_GRPC_ADDR=0.0.0.0:8081
ATOM_DB_PORT=6010
ATOM_DB_USER=atom
ATOM_DB_PASSWORD=atom
ATOM_DB_NAME=atom
ATOM_JWT_SECRET=change-me-in-production
ATOM_JWT_EXPIRY_SECS=3600
ATOM_KEY_ENCRYPTION_KEY=6uQzr7tCp9cupO8anzo0i6XtfVocixzIK78lB4o6S3E=
ATOM_KEY_ENCRYPTION_KEY_ID=local:v1
ATOM_ALLOW_PLAINTEXT_SIGNING_KEYS=false
ATOM_ADMIN_SECRET=12345678
ATOM_MIN_PASSWORD_CHARS=8
ATOM_CERTS_ENABLED=true
ATOM_CERTS_CA_MODE=file_root_issuer
ATOM_CERTS_ROOT_CA_CERT_PATH=/certs/ca.crt
ATOM_CERTS_ROOT_CA_KEY_PATH=/certs/ca.key
ATOM_CERTS_CA_DIR=./ssl/certs
ATOM_CERTS_LEAF_DEFAULT_TTL_SECS=2592000
ATOM_CERTS_LEAF_MAX_TTL_SECS=2592000
ATOM_RUST_LOG=info
ATOM_INVITATION_REDIRECT=http://localhost:3000/invitations/accept
ATOM_INVITATION_EXPIRY_SECS=604800
ATOM_SMTP_HOST=host.docker.internal
ATOM_SMTP_PORT=2525
ATOM_SMTP_USERNAME=
ATOM_SMTP_PASSWORD=
ATOM_SMTP_FROM=from@example.com
ATOM_SMTP_TLS=none

### Domains
MG_DOMAINS_LOG_LEVEL=debug
MG_DOMAINS_HTTP_HOST=domains
MG_DOMAINS_HTTP_PORT=9003
MG_DOMAINS_HTTP_SERVER_KEY=
MG_DOMAINS_HTTP_SERVER_CERT=
MG_DOMAINS_GRPC_HOST=domains
MG_DOMAINS_GRPC_PORT=7003
MG_DOMAINS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.crt}${GRPC_TLS:+./ssl/certs/domains-grpc-server.crt}
MG_DOMAINS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.key}${GRPC_TLS:+./ssl/certs/domains-grpc-server.key}
MG_DOMAINS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
MG_DOMAINS_DB_HOST=domains-db
MG_DOMAINS_DB_PORT=5432
MG_DOMAINS_DB_NAME=domains
MG_DOMAINS_DB_USER=magistrala
MG_DOMAINS_DB_PASS=magistrala
MG_DOMAINS_DB_SSL_MODE=
MG_DOMAINS_DB_SSL_KEY=
MG_DOMAINS_DB_SSL_CERT=
MG_DOMAINS_DB_SSL_ROOT_CERT=
MG_DOMAINS_INSTANCE_ID=
MG_DOMAINS_CACHE_URL=redis://domains-redis:${MG_REDIS_TCP_PORT}/0
MG_DOMAINS_CACHE_KEY_DURATION=10m

#### Domains Client Config
MG_DOMAINS_URL=http://atom:8080/tenants
MG_DOMAINS_GRPC_URL=
MG_DOMAINS_GRPC_TIMEOUT=300s
MG_DOMAINS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.crt}
MG_DOMAINS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.key}
MG_DOMAINS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

MG_PERMISSIONS_FILE="/permission.yaml"

### Users
MG_USERS_LOG_LEVEL=debug
MG_USERS_SECRET_KEY=HyE2D4RUt9nnKG6v8zKEqAp6g6ka8hhZsqUpzgKvnwpXrNVQSH
MG_USERS_ADMIN_EMAIL=admin@example.com
MG_USERS_ADMIN_PASSWORD=12345678
MG_USERS_ADMIN_USERNAME=admin
MG_USERS_ADMIN_FIRST_NAME=super
MG_USERS_ADMIN_LAST_NAME=admin
MG_USERS_PASS_REGEX=^.{8,}$
MG_USERS_HTTP_HOST=users
MG_USERS_HTTP_PORT=9002
MG_USERS_HTTP_SERVER_CERT=
MG_USERS_HTTP_SERVER_KEY=
MG_USERS_GRPC_HOST=users
MG_USERS_GRPC_PORT=7002
MG_USERS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.crt}${GRPC_TLS:+./ssl/certs/domains-grpc-server.crt}
MG_USERS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-server.key}${GRPC_TLS:+./ssl/certs/domains-grpc-server.key}
MG_USERS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
MG_USERS_DB_HOST=users-db
MG_USERS_DB_PORT=5432
MG_USERS_DB_USER=magistrala
MG_USERS_DB_PASS=magistrala
MG_USERS_DB_NAME=users
MG_USERS_DB_SSL_MODE=disable
MG_USERS_DB_SSL_CERT=
MG_USERS_DB_SSL_KEY=
MG_USERS_DB_SSL_ROOT_CERT=
MG_USERS_INSTANCE_ID=
MG_USERS_ALLOW_SELF_REGISTER=true
MG_OAUTH_UI_REDIRECT_URL=http://localhost:3000/api/auth/token
MG_OAUTH_UI_ERROR_URL=http://localhost:3000/login
MG_USERS_DELETE_INTERVAL=24h
MG_USERS_DELETE_AFTER=720h
MG_PASSWORD_RESET_URL_PREFIX=http://localhost/password-reset
MG_PASSWORD_RESET_EMAIL_TEMPLATE=reset-password-email.tmpl
MG_VERIFICATION_URL_PREFIX=http://localhost/verify-email
MG_VERIFICATION_EMAIL_TEMPLATE=verification-email.tmpl

#### Users Client Config
MG_USERS_URL=http://atom:8080/entities
MG_USERS_GRPC_URL=
MG_USERS_GRPC_TIMEOUT=300s
MG_USERS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.crt}
MG_USERS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.key}
MG_USERS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

### Email utility
MG_EMAIL_HOST=host.docker.internal
MG_EMAIL_PORT=2525
MG_EMAIL_USERNAME=from@example.com
MG_EMAIL_PASSWORD=password
MG_EMAIL_FROM_ADDRESS=from@example.com
MG_EMAIL_FROM_NAME=Example
MG_EMAIL_TEMPLATE=
MG_EMAIL_INVITATION_TEMPLATE=invitation-sent-email.tmpl
MG_EMAIL_ACCEPTANCE_TEMPLATE=invitation-accepted-email.tmpl
MG_EMAIL_REJECTION_TEMPLATE=invitation-rejected-email.tmpl

### Notifications
MG_NOTIFICATIONS_LOG_LEVEL=debug
MG_NOTIFICATIONS_INSTANCE_ID=

### Google OAuth2
MG_GOOGLE_CLIENT_ID=
MG_GOOGLE_CLIENT_SECRET=
MG_GOOGLE_REDIRECT_URL=http://localhost:3000/oauth/callback/google
MG_GOOGLE_STATE=

### Groups
MG_GROUPS_LOG_LEVEL=debug
MG_GROUPS_HTTP_HOST=groups
MG_GROUPS_HTTP_PORT=9004
MG_GROUPS_HTTP_SERVER_CERT=
MG_GROUPS_HTTP_SERVER_KEY=
MG_GROUPS_GRPC_HOST=groups
MG_GROUPS_GRPC_PORT=7004
MG_GROUPS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/groups-grpc-server.crt}${GRPC_TLS:+./ssl/certs/groups-grpc-server.crt}
MG_GROUPS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/groups-grpc-server.key}${GRPC_TLS:+./ssl/certs/groups-grpc-server.key}
MG_GROUPS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
MG_GROUPS_DB_HOST=groups-db
MG_GROUPS_DB_PORT=5432
MG_GROUPS_DB_USER=magistrala
MG_GROUPS_DB_PASS=magistrala
MG_GROUPS_DB_NAME=groups
MG_GROUPS_DB_SSL_MODE=disable
MG_GROUPS_DB_SSL_CERT=
MG_GROUPS_DB_SSL_KEY=
MG_GROUPS_DB_SSL_ROOT_CERT=
MG_GROUPS_INSTANCE_ID=

#### Groups Client Config
MG_GROUPS_URL=http://atom:8080/groups
MG_GROUPS_GRPC_URL=
MG_GROUPS_GRPC_TIMEOUT=300s
MG_GROUPS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/groups-grpc-client.crt}
MG_GROUPS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/groups-grpc-client.key}
MG_GROUPS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

### Clients
MG_CLIENTS_LOG_LEVEL=debug
MG_CLIENTS_STANDALONE_ID=
MG_CLIENTS_STANDALONE_TOKEN=
MG_CLIENTS_CACHE_KEY_DURATION=1h
MG_CLIENTS_HTTP_HOST=clients
MG_CLIENTS_HTTP_PORT=9006
MG_CLIENTS_GRPC_HOST=clients
MG_CLIENTS_GRPC_PORT=7006
MG_CLIENTS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.crt}${GRPC_TLS:+./ssl/certs/clients-grpc-server.crt}
MG_CLIENTS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-server.key}${GRPC_TLS:+./ssl/certs/clients-grpc-server.key}
MG_CLIENTS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
MG_CLIENTS_CACHE_URL=redis://clients-redis:${MG_REDIS_TCP_PORT}/0
MG_CLIENTS_DB_HOST=clients-db
MG_CLIENTS_DB_PORT=5432
MG_CLIENTS_DB_USER=magistrala
MG_CLIENTS_DB_PASS=magistrala
MG_CLIENTS_DB_NAME=clients
MG_CLIENTS_DB_SSL_MODE=disable
MG_CLIENTS_DB_SSL_CERT=
MG_CLIENTS_DB_SSL_KEY=
MG_CLIENTS_DB_SSL_ROOT_CERT=
MG_CLIENTS_INSTANCE_ID=

#### Clients Client Config
MG_CLIENTS_URL=http://atom:8080/entities
MG_CLIENTS_GRPC_URL=
MG_CLIENTS_GRPC_TIMEOUT=300s
MG_CLIENTS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.crt}
MG_CLIENTS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/clients-grpc-client.key}
MG_CLIENTS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

### Channels
MG_CHANNELS_LOG_LEVEL=debug
MG_CHANNELS_HTTP_HOST=channels
MG_CHANNELS_HTTP_PORT=9005
MG_CHANNELS_GRPC_HOST=channels
MG_CHANNELS_GRPC_PORT=7005
MG_CHANNELS_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/channels-grpc-server.crt}${GRPC_TLS:+./ssl/certs/channels-grpc-server.crt}
MG_CHANNELS_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/channels-grpc-server.key}${GRPC_TLS:+./ssl/certs/channels-grpc-server.key}
MG_CHANNELS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}
MG_CHANNELS_DB_HOST=channels-db
MG_CHANNELS_DB_PORT=5432
MG_CHANNELS_DB_USER=magistrala
MG_CHANNELS_DB_PASS=magistrala
MG_CHANNELS_DB_NAME=channels
MG_CHANNELS_DB_SSL_MODE=disable
MG_CHANNELS_DB_SSL_CERT=
MG_CHANNELS_DB_SSL_KEY=
MG_CHANNELS_DB_SSL_ROOT_CERT=
MG_CHANNELS_INSTANCE_ID=
MG_CHANNELS_CACHE_URL=redis://channels-redis:${MG_REDIS_TCP_PORT}/0
MG_CHANNELS_CACHE_KEY_DURATION=10m

#### Channels Client Config
MG_CHANNELS_URL=http://atom:8080/resources
MG_CHANNELS_GRPC_URL=
MG_CHANNELS_GRPC_TIMEOUT=300s
MG_CHANNELS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/channels-grpc-client.crt}
MG_CHANNELS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/channels-grpc-client.key}
MG_CHANNELS_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

### FluxMQ Auth Bridge
MG_FLUXMQ_LOG_LEVEL=debug
MG_FLUXMQ_GRPC_HOST=fluxmq-auth
MG_FLUXMQ_GRPC_PORT=7016
MG_FLUXMQ_GRPC_URL=fluxmq-auth:7016
MG_FLUXMQ_INSTANCE_ID=
MG_FLUXMQ_CACHE_NUM_COUNTERS=200000
MG_FLUXMQ_CACHE_MAX_COST=1048576
MG_FLUXMQ_CACHE_BUFFER_ITEMS=64

### CoAP
MG_COAP_PORT=5683

## Addons Services

#### Auth gRPC client config for addons
MG_ADDONS_CERTS_PATH_PREFIX=../../
MG_AUTH_GRPC_URL=auth:7001
MG_AUTH_GRPC_TIMEOUT=300s
MG_AUTH_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.crt}
MG_AUTH_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/auth-grpc-client.key}
MG_AUTH_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

#### Domains gRPC client config for addons
MG_DOMAINS_GRPC_URL=
MG_DOMAINS_GRPC_TIMEOUT=300s
MG_DOMAINS_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.crt}
MG_DOMAINS_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/domains-grpc-client.key}
MG_DOMAINS_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

### Postgres
MG_POSTGRES_HOST=postgres
MG_POSTGRES_PORT=5432
MG_POSTGRES_USER=magistrala
MG_POSTGRES_PASS=magistrala
MG_POSTGRES_NAME=messages
MG_POSTGRES_SSL_MODE=disable
MG_POSTGRES_SSL_CERT=
MG_POSTGRES_SSL_KEY=
MG_POSTGRES_SSL_ROOT_CERT=

### Timescale
MG_TIMESCALE_HOST=timescale
MG_TIMESCALE_PORT=5432
MG_TIMESCALE_USER=magistrala
MG_TIMESCALE_PASS=magistrala
MG_TIMESCALE_NAME=magistrala
MG_TIMESCALE_SSL_MODE=disable
MG_TIMESCALE_SSL_CERT=
MG_TIMESCALE_SSL_KEY=
MG_TIMESCALE_SSL_ROOT_CERT=

### Journal
MG_JOURNAL_LOG_LEVEL=info
MG_JOURNAL_HTTP_HOST=journal
MG_JOURNAL_HTTP_PORT=9021
MG_JOURNAL_HTTP_SERVER_CERT=
MG_JOURNAL_HTTP_SERVER_KEY=
MG_JOURNAL_DB_HOST=journal-db
MG_JOURNAL_DB_PORT=5432
MG_JOURNAL_DB_USER=magistrala
MG_JOURNAL_DB_PASS=magistrala
MG_JOURNAL_DB_NAME=journal
MG_JOURNAL_DB_SSL_MODE=disable
MG_JOURNAL_DB_SSL_CERT=
MG_JOURNAL_DB_SSL_KEY=
MG_JOURNAL_DB_SSL_ROOT_CERT=
MG_JOURNAL_INSTANCE_ID=

### GRAFANA and PROMETHEUS
MG_PROMETHEUS_PORT=9090
MG_GRAFANA_PORT=3001
MG_GRAFANA_ADMIN_USER=magistrala
MG_GRAFANA_ADMIN_PASSWORD=magistrala

# Allow unverified user
MG_ALLOW_UNVERIFIED_USER=true

# Docker image tag
MG_RELEASE_TAG=latest


#### Timescale Reader gRPC Client Config
MG_TIMESCALE_READER_GRPC_URL=timescale-reader:7011
MG_TIMESCALE_READER_GRPC_TIMEOUT=300s
MG_TIMESCALE_READER_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/readers-grpc-client.crt}
MG_TIMESCALE_READER_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/readers-grpc-client.key}
MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
MG_TIMESCALE_READER_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}

## Addon Services

### Bootstrap
MG_BOOTSTRAP_LOG_LEVEL=debug
MG_BOOTSTRAP_ENCRYPT_KEY=v7aT0HGxJxt2gULzr3RHwf4WIf6DusPp
MG_BOOTSTRAP_EVENT_CONSUMER=bootstrap
MG_BOOTSTRAP_HTTP_HOST=bootstrap
MG_BOOTSTRAP_HTTP_PORT=9013
MG_BOOTSTRAP_HTTP_SERVER_CERT=
MG_BOOTSTRAP_HTTP_SERVER_KEY=
MG_BOOTSTRAP_DB_HOST=bootstrap-db
MG_BOOTSTRAP_DB_PORT=5432
MG_BOOTSTRAP_DB_USER=magistrala
MG_BOOTSTRAP_DB_PASS=magistrala
MG_BOOTSTRAP_DB_NAME=bootstrap
MG_BOOTSTRAP_DB_SSL_MODE=disable
MG_BOOTSTRAP_DB_SSL_CERT=
MG_BOOTSTRAP_DB_SSL_KEY=
MG_BOOTSTRAP_DB_SSL_ROOT_CERT=
MG_BOOTSTRAP_INSTANCE_ID=

### Provision
MG_PROVISION_CONFIG_FILE=/configs/config.toml
MG_PROVISION_LOG_LEVEL=debug
MG_PROVISION_HTTP_PORT=9016
MG_PROVISION_ENV_CLIENTS_TLS=false
MG_PROVISION_SERVER_CERT=
MG_PROVISION_SERVER_KEY=
MG_PROVISION_USERS_URL=http://atom:8080/entities
MG_PROVISION_CHANNELS_URL=http://atom:8080/resources
MG_PROVISION_CLIENTS_URL=http://atom:8080/entities
MG_PROVISION_USER=
MG_PROVISION_USERNAME=
MG_PROVISION_PASS=
MG_PROVISION_API_KEY=
MG_PROVISION_X509_PROVISIONING=false
MG_PROVISION_BS_SVC_URL=http://bootstrap:9013
MG_PROVISION_BS_CONFIG_PROVISIONING=true
MG_PROVISION_BS_AUTO_WHITELIST=true
MG_PROVISION_BS_CONTENT=
MG_PROVISION_INSTANCE_ID=

### Postgres Writer
MG_POSTGRES_WRITER_LOG_LEVEL=debug
MG_POSTGRES_WRITER_CONFIG_PATH=/config.toml
MG_POSTGRES_WRITER_HTTP_HOST=postgres-writer
MG_POSTGRES_WRITER_HTTP_PORT=9007
MG_POSTGRES_WRITER_HTTP_SERVER_CERT=
MG_POSTGRES_WRITER_HTTP_SERVER_KEY=
MG_POSTGRES_WRITER_INSTANCE_ID=

### Postgres Reader
MG_POSTGRES_READER_LOG_LEVEL=debug
MG_POSTGRES_READER_HTTP_HOST=postgres-reader
MG_POSTGRES_READER_HTTP_PORT=9009
MG_POSTGRES_READER_GRPC_HOST=postgres-reader
MG_POSTGRES_READER_GRPC_PORT=7009
MG_POSTGRES_READER_HTTP_SERVER_CERT=
MG_POSTGRES_READER_HTTP_SERVER_KEY=
MG_POSTGRES_READER_INSTANCE_ID=
MG_POSTGRES_READER_GRPC_URL=postgres-reader:7009
MG_POSTGRES_READER_GRPC_TIMEOUT=300s
MG_POSTGRES_READER_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/readers-grpc-client.crt}
MG_POSTGRES_READER_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
MG_POSTGRES_READER_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/readers-grpc-client.key}
MG_POSTGRES_READER_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/readers-grpc-server.crt}${GRPC_TLS:+./ssl/certs/readers-grpc-server.crt}
MG_POSTGRES_READER_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/readers-grpc-server.key}${GRPC_TLS:+./ssl/certs/readers-grpc-server.key}
MG_POSTGRES_READER_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}

### Timescale Writer
MG_TIMESCALE_WRITER_LOG_LEVEL=debug
MG_TIMESCALE_WRITER_CONFIG_PATH=/config.toml
MG_TIMESCALE_WRITER_HTTP_HOST=timescale-writer
MG_TIMESCALE_WRITER_HTTP_PORT=9012
MG_TIMESCALE_WRITER_HTTP_SERVER_CERT=
MG_TIMESCALE_WRITER_HTTP_SERVER_KEY=
MG_TIMESCALE_WRITER_INSTANCE_ID=

### Timescale Reader
MG_TIMESCALE_READER_LOG_LEVEL=debug
MG_TIMESCALE_READER_HTTP_HOST=timescale-reader
MG_TIMESCALE_READER_HTTP_PORT=9011
MG_TIMESCALE_READER_GRPC_HOST=timescale-reader
MG_TIMESCALE_READER_GRPC_PORT=7011
MG_TIMESCALE_READER_HTTP_SERVER_CERT=
MG_TIMESCALE_READER_HTTP_SERVER_KEY=
MG_TIMESCALE_READER_INSTANCE_ID=
MG_TIMESCALE_READER_GRPC_SERVER_CERT=${GRPC_MTLS:+./ssl/certs/readers-grpc-server.crt}${GRPC_TLS:+./ssl/certs/readers-grpc-server.crt}
MG_TIMESCALE_READER_GRPC_SERVER_KEY=${GRPC_MTLS:+./ssl/certs/readers-grpc-server.key}${GRPC_TLS:+./ssl/certs/readers-grpc-server.key}
MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}

#### Timescale Reader Client Config
MG_TIMESCALE_READER_URL=http://timescale-reader:9011
MG_TIMESCALE_READER_GRPC_URL=timescale-reader:7011
MG_TIMESCALE_READER_GRPC_TIMEOUT=300s
MG_TIMESCALE_READER_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/reader-grpc-client.crt}
MG_TIMESCALE_READER_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
MG_TIMESCALE_READER_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/readers-grpc-client.key}

## Magistrala Services (MG_ prefix)

### RE (Rules Engine)
MG_RE_LOG_LEVEL=debug
MG_RE_HTTP_HOST=re
MG_RE_HTTP_PORT=9008
MG_RE_HTTP_SERVER_CERT=
MG_RE_HTTP_SERVER_KEY=
MG_RE_DB_HOST=re-db
MG_RE_DB_PORT=5432
MG_RE_DB_USER=magistrala
MG_RE_DB_PASS=magistrala
MG_RE_DB_NAME=rules_engine
MG_RE_DB_SSL_MODE=disable
MG_RE_DB_SSL_CERT=
MG_RE_DB_SSL_KEY=
MG_RE_DB_SSL_ROOT_CERT=
MG_RE_INSTANCE_ID=
MG_RE_EMAIL_TEMPLATE=re.tmpl
MG_RE_CALLOUT_URLS=""
MG_RE_CALLOUT_METHOD="POST"
MG_RE_CALLOUT_TLS_VERIFICATION="false"
MG_RE_CALLOUT_TIMEOUT="10s"
MG_RE_CALLOUT_CA_CERT=""
MG_RE_CALLOUT_CERT=""
MG_RE_CALLOUT_KEY=""
MG_RE_CALLOUT_OPERATIONS=""
MG_RE_URL=http://re:9008

### Alarms
MG_ALARMS_LOG_LEVEL=debug
MG_ALARMS_HTTP_HOST=alarms
MG_ALARMS_HTTP_PORT=8050
MG_ALARMS_HTTP_SERVER_CERT=
MG_ALARMS_HTTP_SERVER_KEY=
MG_ALARMS_DB_HOST=alarms-db
MG_ALARMS_DB_PORT=5432
MG_ALARMS_DB_USER=magistrala
MG_ALARMS_DB_PASS=magistrala
MG_ALARMS_DB_NAME=alarms
MG_ALARMS_DB_SSL_MODE=disable
MG_ALARMS_DB_SSL_CERT=
MG_ALARMS_DB_SSL_KEY=
MG_ALARMS_DB_SSL_ROOT_CERT=
MG_ALARMS_INSTANCE_ID=
MG_ALARMS_EVENT_CONSUMER=alarms
MG_ALARMS_URL=http://alarms:8050

### Reports
MG_REPORTS_LOG_LEVEL=debug
MG_REPORTS_HTTP_HOST=reports
MG_REPORTS_HTTP_PORT=9017
MG_REPORTS_HTTP_SERVER_CERT=
MG_REPORTS_HTTP_SERVER_KEY=
MG_REPORTS_DB_HOST=reports-db
MG_REPORTS_DB_PORT=5432
MG_REPORTS_DB_USER=magistrala
MG_REPORTS_DB_PASS=magistrala
MG_REPORTS_DB_NAME=reports
MG_REPORTS_DB_SSL_MODE=disable
MG_REPORTS_DB_SSL_CERT=
MG_REPORTS_DB_SSL_KEY=
MG_REPORTS_DB_SSL_ROOT_CERT=
MG_REPORTS_INSTANCE_ID=
MG_REPORTS_EMAIL_TEMPLATE=reports.tmpl
MG_REPORTS_DEFAULT_TEMPLATE=
MG_REPORTS_URL=http://reports:9017
MG_PDF_CONVERTER_URL=http://pdf-generator:3000/forms/chromium/convert/html
MG_REPORTS_CALLOUT_URLS=""
MG_REPORTS_CALLOUT_METHOD="POST"
MG_REPORTS_CALLOUT_TLS_VERIFICATION="false"
MG_REPORTS_CALLOUT_TIMEOUT="10s"
MG_REPORTS_CALLOUT_CA_CERT=""
MG_REPORTS_CALLOUT_CERT=""
MG_REPORTS_CALLOUT_KEY=""
MG_REPORTS_CALLOUT_OPERATIONS=""

### Timescale Reader gRPC Client Config (Magistrala)
MG_TIMESCALE_READER_GRPC_URL=timescale-reader:7011
MG_TIMESCALE_READER_GRPC_TIMEOUT=300s
MG_TIMESCALE_READER_GRPC_CLIENT_CERT=${GRPC_MTLS:+./ssl/certs/reader-grpc-client.crt}
MG_TIMESCALE_READER_GRPC_CLIENT_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}
MG_TIMESCALE_READER_GRPC_CLIENT_KEY=${GRPC_MTLS:+./ssl/certs/readers-grpc-client.key}
MG_TIMESCALE_READER_GRPC_SERVER_CA_CERTS=${GRPC_MTLS:+./ssl/certs/ca.crt}${GRPC_TLS:+./ssl/certs/ca.crt}

# UI components and RE
## Dashboards
MG_UI_BACKEND_LOG_LEVEL=debug
MG_UI_BACKEND_HTTP_HOST=ui-backend
MG_UI_BACKEND_HTTP_PORT=9097
MG_UI_BACKEND_HTTP_SERVER_CERT=
MG_UI_BACKEND_HTTP_SERVER_KEY=
MG_UI_BACKEND_INSTANCE_ID=
MG_UI_BACKEND_URL=http://ui-backend:9097
MG_UI_VERIFICATION_TLS=false
MG_UI_CONTENT_TYPE=application/senml+json
# Set to yes to accept the EULA for the UI services. To view the EULA visit: https://github.com/absmach/eula
MG_UI_DOCKER_ACCEPT_EULA=no
OTEL_SERVICE_NAME=ui-mg
OTEL_EXPORTER_OTLP_ENDPOINT=http://jaeger:4318

# Object storage for images
# See docker/seaweedfs/s3.json.
MG_BACKEND_OBJECT_STORAGE_REGION=fra1
MG_BACKEND_OBJECT_STORAGE_BUCKET=mg-ui-images
MG_BACKEND_OBJECT_STORAGE_ENDPOINT=http://seaweedfs-s3:8333
MG_BACKEND_OBJECT_STORAGE_USE_PATH_STYLE=true
MG_BACKEND_OBJECT_STORAGE_PRESIGN_ENDPOINT=http://localhost:8333
MG_BACKEND_OBJECT_STORAGE_ACCESS_KEY=localKey
MG_BACKEND_OBJECT_STORAGE_SECRET_KEY=localSecret
MG_BACKEND_OBJECT_STORAGE_TTL=15m
MG_BACKEND_OBJECT_STORAGE_READ_TTL=15m

## Postgres
MG_UI_BACKEND_DB_HOST=ui-backend-db
MG_UI_BACKEND_DB_PORT=5432
MG_UI_BACKEND_DB_USER=magistrala
MG_UI_BACKEND_DB_PASS=magistrala
MG_UI_BACKEND_DB_NAME=magistrala
MG_UI_BACKEND_DB_SSL_MODE=disable
MG_UI_BACKEND_DB_SSL_CERT=
MG_UI_BACKEND_DB_SSL_KEY=
MG_UI_BACKEND_DB_SSL_ROOT_CERT=

## UI
MG_AUTH_URL=http://nginx:80/auth
MG_ATOM_URL=http://nginx:80
MG_DOMAINS_URL=http://nginx:80/tenants
MG_USERS_URL=http://nginx:80/entities
MG_CLIENTS_URL=http://nginx:80/entities
MG_CHANNELS_URL=http://nginx:80/resources
MG_GROUPS_URL=http://nginx:80/groups
MG_BOOTSTRAP_URL=http://bootstrap:9013
MG_HTTP_ADAPTER_URL=http://nginx:80/http
MG_PUBLISH_PROXY_URL=http://nginx:80
MG_READER_URL=http://timescale-reader:9011
MG_JOURNAL_URL=http://journal:9021

### UI Configuration
MG_UI_TYPE=mg
MG_UI_CLIENT_TYPE=client
MG_UI_BASE_PATH=/
MG_NEXTAUTH_BASE_PATH=/api/auth
NEXTAUTH_SECRET=4WdW0Z0tAOyQ/ZAI3YLVV/wNu+yUZXBLDDQ3AGrgfJ4=
NEXTAUTH_URL=http://localhost:3000
MG_HOST_URL=http://localhost:3000
MG_UI_IMAGE_URL=http://ui-backend:9097
MG_UI_BASEURL=http://localhost:3000

#Customer support email variables
MG_SUPPORT_EMAIL=
MG_SUPPORT_EMAIL_PASS=

## SMTP Variables
MG_UI_SMTP_HOST=host.docker.internal
MG_UI_SMTP_PORT=2525
MG_UI_SMTP_SECURE=
MG_UI_SUPPORT_FROM=from@example.com

# Message cli variables
MG_UI_CLI_MQTT_HOST=localhost
MG_UI_CLI_WS_URL=ws://localhost:80/mqtt
MG_UI_CLI_COAP_HOST=0.0.0.0
MG_UI_CLI_COAP_PORT=5684
MG_UI_CLI_HTTP_URL=http://localhost:80/http
