forked from juspay/hyperswitch
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.example.toml
239 lines (214 loc) · 12.2 KB
/
config.example.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
# This is a sample config file whose sole purpose is to enumerate
# all the available configuration options, and is intended to be used
# solely as a reference. Please copy this file to create a config.
# Server configuration
[server]
port = 8080
host = "127.0.0.1"
# This is the grace time (in seconds) given to the actix-server to stop the execution
# For more details: https://actix.rs/docs/server/#graceful-shutdown
shutdown_timeout = 30
# HTTP Request body limit. Defaults to 16kB
request_body_limit = 16_384
# Proxy server configuration for connecting to payment gateways.
# Don't define the fields if a Proxy isn't needed. Empty strings will cause failure.
[proxy]
# http_url = "http proxy url" # Proxy all HTTP traffic via this proxy
# https_url = "https proxy url" # Proxy all HTTPS traffic via this proxy
# Main SQL data store credentials
[master_database]
username = "db_user" # DB Username
password = "db_pass" # DB Password. Only applicable when KMS is disabled.
host = "localhost" # DB Host
port = 5432 # DB Port
dbname = "hyperswitch_db" # Name of Database
pool_size = 5 # Number of connections to keep open
connection_timeout = 10 # Timeout for database connection in seconds
kms_encrypted_password = "" # Base64-encoded (KMS encrypted) ciphertext of the database password. Only applicable when KMS is enabled.
# Replica SQL data store credentials
[replica_database]
username = "replica_user" # DB Username
password = "replica_pass" # DB Password. Only applicable when KMS is disabled.
host = "localhost" # DB Host
port = 5432 # DB Port
dbname = "hyperswitch_db" # Name of Database
pool_size = 5 # Number of connections to keep open
connection_timeout = 10 # Timeout for database connection in seconds
kms_encrypted_password = "" # Base64-encoded (KMS encrypted) ciphertext of the database password. Only applicable when KMS is enabled.
# Redis credentials
[redis]
host = "127.0.0.1"
port = 6379
pool_size = 5 # Number of connections to keep open
reconnect_max_attempts = 5 # Maximum number of reconnection attempts to make before failing. Set to 0 to retry forever.
reconnect_delay = 5 # Delay between reconnection attempts, in milliseconds
default_ttl = 300 # Default TTL for entries, in seconds
default_hash_ttl = 900 # Default TTL for hashes entries, in seconds
use_legacy_version = false # Resp protocol for fred crate (set this to true if using RESPv2 or redis version < 6)
stream_read_count = 1 # Default number of entries to read from stream if not provided in stream read options
# Logging configuration. Logging can be either to file or console or both.
# Logging configuration for file logging
[log.file]
enabled = false # Toggle [true or false]
path = "logs" # specify the directory to create log files
file_name = "debug.log" # base name for log files.
# levels can be "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "OFF"
# defaults to "WARN"
level = "WARN"
# sets the log level for one or more crates
filtering_directive = "WARN,router=INFO,reqwest=INFO"
# ^^^^ ^^^^---------^^^^-- sets the log level for the
# | router and reqwest crates to INFO.
# |
# |______________________________ sets the log level for all
# other crates to WARN.
# Logging configuration for console logging
[log.console]
enabled = true # boolean [true or false]
log_format = "default" # Log format. "default" or "json"
# levels can be "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "OFF"
# defaults to "WARN"
level = "DEBUG"
# sets the log level for one or more crates
filtering_directive = "WARN,router=INFO,reqwest=INFO"
# ^^^^ ^^^^---------^^^^-- sets the log level for the
# | router and reqwest crates to INFO.
# |
# |______________________________ sets the log level for all
# other crates to WARN.
# Telemetry configuration for metrics and traces
[log.telemetry]
traces_enabled = false # boolean [true or false], whether traces are enabled
metrics_enabled = false # boolean [true or false], whether metrics are enabled
ignore_errors = false # boolean [true or false], whether to ignore errors during traces or metrics pipeline setup
sampling_rate = 0.1 # decimal rate between 0.0 - 1.0
otel_exporter_otlp_endpoint = "http://localhost:4317" # endpoint to send metrics and traces to, can include port number
otel_exporter_otlp_timeout = 5000 # timeout (in milliseconds) for sending metrics and traces
# This section provides some secret values.
[secrets]
admin_api_key = "test_admin" # admin API key for admin authentication. Only applicable when KMS is disabled.
kms_encrypted_admin_api_key = "" # Base64-encoded (KMS encrypted) ciphertext of the admin_api_key. Only applicable when KMS is enabled.
jwt_secret = "secret" # JWT secret used for user authentication. Only applicable when KMS is disabled.
kms_encrypted_jwt_secret = "" # Base64-encoded (KMS encrypted) ciphertext of the jwt_secret. Only applicable when KMS is enabled.
# Locker settings contain details for accessing a card locker, a
# PCI Compliant storage entity which stores payment method information
# like card details
[locker]
host = "" # Locker host
mock_locker = true # Emulate a locker locally using Postgres
basilisk_host = "" # Basilisk host
locker_setup = "legacy_locker" # With locker to use while in the deployed environment (eg. legacy_locker, basilisk_locker)
locker_signing_key_id = "1" # Key_id to sign basilisk hs locker
[jwekey] # 4 priv/pub key pair
locker_key_identifier1 = "" # key identifier for key rotation , should be same as basilisk
locker_key_identifier2 = "" # key identifier for key rotation , should be same as basilisk
locker_encryption_key1 = "" # public key 1 in pem format, corresponding private key in basilisk
locker_encryption_key2 = "" # public key 2 in pem format, corresponding private key in basilisk
locker_decryption_key1 = "" # private key 1 in pem format, corresponding public key in basilisk
locker_decryption_key2 = "" # private key 2 in pem format, corresponding public key in basilisk
vault_encryption_key = "" # public key in pem format, corresponding private key in basilisk-hs
vault_private_key = "" # private key in pem format, corresponding public key in basilisk-hs
# Refund configuration
[refund]
max_attempts = 10 # Number of refund attempts allowed
max_age = 365 # Max age of a refund in days.
[webhooks]
outgoing_enabled = true
# Validity of an Ephemeral Key in Hours
[eph_key]
validity = 1
[api_keys]
# Base64-encoded (KMS encrypted) ciphertext of the API key hashing key
kms_encrypted_hash_key = ""
# Hex-encoded 32-byte long (64 characters long when hex-encoded) key used for calculating hashes of API keys
hash_key = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
# Connector configuration, provided attributes will be used to fulfill API requests.
# Examples provided here are sandbox/test base urls, can be replaced by live or mock
# base urls based on your need.
# Note: These are not optional attributes. hyperswitch request can fail due to invalid/empty values.
[connectors]
aci.base_url = "https://eu-test.oppwa.com/"
adyen.base_url = "https://checkout-test.adyen.com/"
airwallex.base_url = "https://api-demo.airwallex.com/"
applepay.base_url = "https://apple-pay-gateway.apple.com/"
authorizedotnet.base_url = "https://apitest.authorize.net/xml/v1/request.api"
bambora.base_url = "https://api.na.bambora.com"
bluesnap.base_url = "https://sandbox.bluesnap.com/"
braintree.base_url = "https://api.sandbox.braintreegateway.com/"
checkout.base_url = "https://api.sandbox.checkout.com/"
coinbase.base_url = "https://api.commerce.coinbase.com"
cybersource.base_url = "https://apitest.cybersource.com/"
dlocal.base_url = "https://sandbox.dlocal.com/"
dummyconnector.base_url = "http://localhost:8080/dummy-connector"
fiserv.base_url = "https://cert.api.fiservapps.com/"
forte.base_url = "https://sandbox.forte.net/api/v3"
globalpay.base_url = "https://apis.sandbox.globalpay.com/ucp/"
klarna.base_url = "https://api-na.playground.klarna.com/"
mollie.base_url = "https://api.mollie.com/v2/"
multisafepay.base_url = "https://testapi.multisafepay.com/"
nexinets.base_url = "https://apitest.payengine.de/v1"
nuvei.base_url = "https://ppp-test.nuvei.com/"
opennode.base_url = "https://dev-api.opennode.com"
payeezy.base_url = "https://api-cert.payeezy.com/"
paypal.base_url = "https://www.sandbox.paypal.com/"
payu.base_url = "https://secure.snd.payu.com/"
rapyd.base_url = "https://sandboxapi.rapyd.net"
shift4.base_url = "https://api.shift4.com/"
stripe.base_url = "https://api.stripe.com/"
stripe.base_url_file_upload = "https://files.stripe.com/"
worldline.base_url = "https://eu.sandbox.api-ingenico.com/"
worldpay.base_url = "https://try.access.worldpay.com/"
trustpay.base_url = "https://test-tpgw.trustpay.eu/"
trustpay.base_url_bank_redirects = "https://aapi.trustpay.eu/"
zen.base_url = "https://api.zen-test.com/"
# This data is used to call respective connectors for wallets and cards
[connectors.supported]
wallets = ["klarna", "braintree", "applepay"]
cards = [
"adyen",
"authorizedotnet",
"coinbase",
"braintree",
"checkout",
"cybersource",
"globalpay",
"mollie",
"paypal",
"shift4",
"stripe",
"worldpay",
"zen",
]
# Scheduler settings provides a point to modify the behaviour of scheduler flow.
# It defines the the streams/queues name and configuration as well as event selection variables
[scheduler]
stream = "SCHEDULER_STREAM"
graceful_shutdown_interval = 60000 # Specifies how much time to wait while re-attempting shutdown for a service (in milliseconds)
loop_interval = 5000 # Specifies how much time to wait before starting the defined behaviour of producer or consumer (in milliseconds)
[scheduler.consumer]
consumer_group = "SCHEDULER_GROUP"
disabled = false # This flag decides if the consumer should actively consume task
[scheduler.producer]
upper_fetch_limit = 0 # Upper limit for fetching entries from the redis queue (in seconds)
lower_fetch_limit = 1800 # Lower limit for fetching entries from redis queue (in seconds)
lock_key = "PRODUCER_LOCKING_KEY" # The following keys defines the producer lock that is created in redis with
lock_ttl = 160 # the ttl being the expiry (in seconds)
batch_size = 200 # Specifies the batch size the producer will push under a single entry in the redis queue
# Drainer configuration, which handles draining raw SQL queries from Redis streams to the SQL database
[drainer]
stream_name = "DRAINER_STREAM" # Specifies the stream name to be used by the drainer
num_partitions = 64 # Specifies the number of partitions the stream will be divided into
max_read_count = 100 # Specifies the maximum number of entries that would be read from redis stream in one call
shutdown_interval = 1000 # Specifies how much time to wait, while waiting for threads to complete execution (in milliseconds)
loop_interval = 500 # Specifies how much time to wait after checking all the possible streams in completed (in milliseconds)
# Filtration logic for list payment method, allowing use to limit payment methods based on the requirement country and currency
[pm_filters.stripe]
# ^--- This can be any connector (can be multiple)
paypal = { currency = "USD,INR", country = "US" }
# ^ ^------- comma-separated values
# ^------------------------------- any valid payment method type (can be multiple) (for cards this should be card_network)
# If either currency or country isn't provided then, all possible values are accepted
# KMS configuration. Only applicable when the `kms` feature flag is enabled.
[kms]
key_id = "" # The AWS key ID used by the KMS SDK for decrypting data.
region = "" # The AWS region used by the KMS SDK for decrypting data.