market-data-service/docs/CONFIGURATION.md

Configuration Guide

Complete guide for configuring the Market Data Service environment variables and settings.

Environment Variables

Required Variables

Variable	Description	Example
DB_PASSWORD	PostgreSQL database password	your_secure_password
JWT_SECRET	JWT secret key for authentication	generated_secret_key
DOMAIN_NAME	Domain name for SSL certificates	market-price.insightbull.io
SSL_EMAIL	Email for Let's Encrypt notifications	admin@insightbull.io

Optional Variables

Variable	Description	Default
DB_USER	PostgreSQL database user	postgres
DB_NAME	Database name	financial_data
NODE_ENV	Environment mode	production
PORT	API port (internal)	3000
CORS_ORIGIN	Allowed CORS origins	*
LOG_LEVEL	Logging level	info
SSL_STAGING	Use Let's Encrypt staging server	0

.env File Setup

Production Configuration

Create a .env file in the project root:

# Database Configuration
DB_USER=postgres
DB_PASSWORD=your_secure_password_here
DB_NAME=financial_data

# Application Configuration
NODE_ENV=production
PORT=3000
CORS_ORIGIN=https://market-price.insightbull.io
JWT_SECRET=your_secure_jwt_secret_here
LOG_LEVEL=info

# SSL Certificate Configuration
DOMAIN_NAME=market-price.insightbull.io
SSL_EMAIL=admin@insightbull.io

Development Configuration

For local development:

# Database Configuration
DB_USER=postgres
DB_PASSWORD=postgres
DB_NAME=financial_data

# Application Configuration
NODE_ENV=development
PORT=3000
CORS_ORIGIN=*
JWT_SECRET=dev_secret_key
LOG_LEVEL=debug

# SSL not needed for local development

Generating Secure Secrets

JWT Secret

Generate a secure JWT secret:

# Using OpenSSL
openssl rand -base64 32

# Using Node.js
node -e "console.log(require('crypto').randomBytes(32).toString('base64'))"

Then update in .env:

JWT_SECRET=<generated_secret>

Database Password

Use a strong, unique password for production:

• Minimum 16 characters
• Mix of uppercase, lowercase, numbers, and symbols
• Don't reuse passwords

Domain Configuration

Production Domain

The production domain is: market-price.insightbull.io

Important:

• Domain must be set in .env as DOMAIN_NAME=market-price.insightbull.io
• DNS must point to your server's IP before obtaining SSL certificates
• CORS_ORIGIN should match: https://market-price.insightbull.io

Local Development Domain

For local development, use: market-data.local

See LOCAL_DEV_SETUP.md for local domain setup.

SSL Certificate Configuration

Automatic SSL (Production)

SSL certificates are automatically managed via Docker containers. No manual configuration needed.

Required variables:

• DOMAIN_NAME - Your domain name
• SSL_EMAIL - Email for Let's Encrypt notifications

For testing (staging server):

SSL_STAGING=1

See DEPLOYMENT.md for SSL certificate setup instructions.

CORS Configuration

Production

CORS_ORIGIN=https://market-price.insightbull.io

Development

CORS_ORIGIN=*

Multiple Origins

For multiple allowed origins, use comma-separated values (check your CORS middleware implementation).

Logging Configuration

Log Levels

• debug - Detailed debug information (development)
• info - General information (production)
• warn - Warning messages
• error - Error messages only

Production

LOG_LEVEL=info

Development

LOG_LEVEL=debug

Database Configuration

Docker (Recommended)

When using Docker, database connection is automatic:

• DB_HOST=db (service name in docker-compose)
• DB_PORT=5432 (internal port)
• Database credentials from .env

Non-Docker Setup

For non-Docker setups:

DB_HOST=localhost
DB_PORT=5432
DB_USER=postgres
DB_PASSWORD=your_password
DB_NAME=financial_data

Verification

Check Configuration

# Verify .env file exists
ls -la .env

# Check environment variables (in Docker)
docker-compose exec api env | grep -E 'DB_|JWT_|DOMAIN_|SSL_'

Test Configuration

# Test database connection
docker-compose exec db psql -U postgres -d financial_data -c "SELECT 1;"

# Test API health
curl http://localhost/health

Security Best Practices

1. Never commit .env file - Already in .gitignore
2. Use strong secrets - Generate secure random values
3. Rotate secrets regularly - Especially in production
4. Limit CORS origins - Don't use * in production
5. Use different secrets - Different values for dev/staging/prod

Troubleshooting

Environment Variables Not Loading

Problem: Variables not being read

Solution:

# Check .env file exists
ls -la .env

# Verify Docker is reading .env
docker-compose config | grep -A 5 environment

SSL Certificate Issues

Problem: SSL certificate not working

Solution:

1. Verify DOMAIN_NAME matches your actual domain
2. Check DNS points to your server
3. Ensure ports 80 and 443 are open
4. See DEPLOYMENT.md troubleshooting section

Database Connection Issues

Problem: Can't connect to database

Solution:

1. Verify DB_PASSWORD is correct
2. Check database container is running: docker-compose ps db
3. Test connection: docker-compose exec db pg_isready -U postgres

References

• Production Deployment: See DEPLOYMENT.md
• Local Development: See LOCAL_DEV_SETUP.md
• Docker Setup: See DOCKER.md