# Configuration Guide

Complete guide for configuring the Market Data Service environment variables and settings.

## Environment Variables

### Required Variables

| Variable | Description | Example |
|----------|-------------|---------|
| `DB_PASSWORD` | PostgreSQL database password | `your_secure_password` |
| `JWT_SECRET` | JWT secret key for authentication | `generated_secret_key` |
| `DOMAIN_NAME` | Domain name for SSL certificates | `market-price.insightbull.io` |
| `SSL_EMAIL` | Email for Let's Encrypt notifications | `admin@insightbull.io` |

### Optional Variables

| Variable | Description | Default |
|----------|-------------|---------|
| `DB_USER` | PostgreSQL database user | `postgres` |
| `DB_NAME` | Database name | `financial_data` |
| `NODE_ENV` | Environment mode | `production` |
| `PORT` | API port (internal) | `3000` |
| `CORS_ORIGIN` | Allowed CORS origins | `*` |
| `LOG_LEVEL` | Logging level | `info` |
| `SSL_STAGING` | Use Let's Encrypt staging server | `0` |

## .env File Setup

### Production Configuration

Create a `.env` file in the project root:

```bash
# Database Configuration
DB_USER=postgres
DB_PASSWORD=your_secure_password_here
DB_NAME=financial_data

# Application Configuration
NODE_ENV=production
PORT=3000
CORS_ORIGIN=https://market-price.insightbull.io
JWT_SECRET=your_secure_jwt_secret_here
LOG_LEVEL=info

# SSL Certificate Configuration
DOMAIN_NAME=market-price.insightbull.io
SSL_EMAIL=admin@insightbull.io
```

### Development Configuration

For local development:

```bash
# Database Configuration
DB_USER=postgres
DB_PASSWORD=postgres
DB_NAME=financial_data

# Application Configuration
NODE_ENV=development
PORT=3000
CORS_ORIGIN=*
JWT_SECRET=dev_secret_key
LOG_LEVEL=debug

# SSL not needed for local development
```

## Generating Secure Secrets

### JWT Secret

Generate a secure JWT secret:

```bash
# Using OpenSSL
openssl rand -base64 32

# Using Node.js
node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"
```

Then update in `.env`:
```bash
JWT_SECRET=<generated_secret>
```

### Database Password

Use a strong, unique password for production:
- Minimum 16 characters
- Mix of uppercase, lowercase, numbers, and symbols
- Don't reuse passwords

## Domain Configuration

### Production Domain

The production domain is: `market-price.insightbull.io`

**Important:**
- Domain must be set in `.env` as `DOMAIN_NAME=market-price.insightbull.io`
- DNS must point to your server's IP before obtaining SSL certificates
- CORS_ORIGIN should match: `https://market-price.insightbull.io`

### Local Development Domain

For local development, use: `market-data.local`

See [LOCAL_DEV_SETUP.md](./LOCAL_DEV_SETUP.md) for local domain setup.

## SSL Certificate Configuration

### Automatic SSL (Production)

SSL certificates are automatically managed via Docker containers. No manual configuration needed.

**Required variables:**
- `DOMAIN_NAME` - Your domain name
- `SSL_EMAIL` - Email for Let's Encrypt notifications

**For testing (staging server):**
```bash
SSL_STAGING=1
```

See [DEPLOYMENT.md](./DEPLOYMENT.md) for SSL certificate setup instructions.

## CORS Configuration

### Production

```bash
CORS_ORIGIN=https://market-price.insightbull.io
```

### Development

```bash
CORS_ORIGIN=*
```

### Multiple Origins

For multiple allowed origins, use comma-separated values (check your CORS middleware implementation).

## Logging Configuration

### Log Levels

- `debug` - Detailed debug information (development)
- `info` - General information (production)
- `warn` - Warning messages
- `error` - Error messages only

### Production

```bash
LOG_LEVEL=info
```

### Development

```bash
LOG_LEVEL=debug
```

## Database Configuration

### Docker (Recommended)

When using Docker, database connection is automatic:
- `DB_HOST=db` (service name in docker-compose)
- `DB_PORT=5432` (internal port)
- Database credentials from `.env`

### Non-Docker Setup

For non-Docker setups:
```bash
DB_HOST=localhost
DB_PORT=5432
DB_USER=postgres
DB_PASSWORD=your_password
DB_NAME=financial_data
```

## Verification

### Check Configuration

```bash
# Verify .env file exists
ls -la .env

# Check environment variables (in Docker)
docker-compose exec api env | grep -E 'DB_|JWT_|DOMAIN_|SSL_'
```

### Test Configuration

```bash
# Test database connection
docker-compose exec db psql -U postgres -d financial_data -c "SELECT 1;"

# Test API health
curl http://localhost/health
```

## Security Best Practices

1. **Never commit `.env` file** - Already in `.gitignore`
2. **Use strong secrets** - Generate secure random values
3. **Rotate secrets regularly** - Especially in production
4. **Limit CORS origins** - Don't use `*` in production
5. **Use different secrets** - Different values for dev/staging/prod

## Troubleshooting

### Environment Variables Not Loading

**Problem:** Variables not being read

**Solution:**
```bash
# Check .env file exists
ls -la .env

# Verify Docker is reading .env
docker-compose config | grep -A 5 environment
```

### SSL Certificate Issues

**Problem:** SSL certificate not working

**Solution:**
1. Verify `DOMAIN_NAME` matches your actual domain
2. Check DNS points to your server
3. Ensure ports 80 and 443 are open
4. See [DEPLOYMENT.md](./DEPLOYMENT.md) troubleshooting section

### Database Connection Issues

**Problem:** Can't connect to database

**Solution:**
1. Verify `DB_PASSWORD` is correct
2. Check database container is running: `docker-compose ps db`
3. Test connection: `docker-compose exec db pg_isready -U postgres`

## References

- **Production Deployment**: See [DEPLOYMENT.md](./DEPLOYMENT.md)
- **Local Development**: See [LOCAL_DEV_SETUP.md](./LOCAL_DEV_SETUP.md)
- **Docker Setup**: See [DOCKER.md](../DOCKER.md)