Configuration

This document describes all environment variables used to configure the Wallet Service.

Setup

Copy the example environment file:
```
cp example.env .env
```
Edit .env with your values
Restart the service for changes to take effect

Environment Variables

Application Settings

Variable	Type	Default	Description
`HOST`	string	`0.0.0.0`	Server bind address
`PORT`	number	`3000`	Server port
`NODE_ENV`	string	`test`	Environment: `development`, `production`, `test`
`HTTPS`	boolean	`false`	Enable HTTPS
`WEBSERVICE_URL`	string	`localhost`	Public URL of the service
`LANG`	string	`de`	Default language

Logging & Monitoring

Variable	Type	Default	Description
`LOGGER`	boolean	`false`	Enable logging
`LOG_LEVEL`	string	`info`	Log level: `debug`, `info`, `warn`, `error`
`SENTRY_DSN`	string	-	Sentry error tracking DSN

Security & Authentication

Variable	Type	Default	Description
`AUTH_TOKEN`	string	-	Authentication token for Apple Wallet requests
`CERT_PASSPHRASE`	string	-	Passphrase for Apple certificate

Apple Wallet Configuration

Variable	Type	Default	Description
`PASS_TYPE_IDENTIFIER`	string	`pass.de.dotSource.DigitalMembershipCard`	Apple Pass Type ID
`TEAM_IDENTIFIER`	string	-	Apple Developer Team ID

Salesforce Integration

Variable	Type	Default	Description
`SF_USERNAME`	string	-	Salesforce username
`SF_PASSWD`	string	-	Salesforce password
`SF_SECURITY_TOKEN`	string	-	Salesforce security token
`SF_CONSUMER_KEY`	string	-	Connected App consumer key
`SF_CONSUMER_SECERET`	string	-	Connected App consumer secret
`SF_REDIRECT_URI`	string	`https://localhost`	OAuth redirect URI
`SF_LOGIN_URL`	string	`https://test.salesforce.com`	Salesforce login endpoint

Email (SMTP) Configuration

Variable	Type	Default	Description
`SMTP_USERNAME`	string	-	SMTP username/email
`SMTP_PASSWD`	string	-	SMTP password

Example Configuration

# Application
HOST="0.0.0.0"
PORT="3000"
NODE_ENV="production"
WEBSERVICE_URL="wallet.example.com"

# Logging
LOGGER="true"
LOG_LEVEL="info"
SENTRY_DSN="https://your-sentry-dsn"

# Security
AUTH_TOKEN="your-secure-auth-token"
CERT_PASSPHRASE="your-certificate-passphrase"

# Apple Wallet
PASS_TYPE_IDENTIFIER="pass.com.example.membership"
TEAM_IDENTIFIER="ABCD123456"

# Salesforce
SF_USERNAME="api@example.com"
SF_PASSWD="your-password"
SF_SECURITY_TOKEN="your-security-token"
SF_CONSUMER_KEY="your-consumer-key"
SF_CONSUMER_SECERET="your-consumer-secret"
SF_LOGIN_URL="https://login.salesforce.com"

# Email
SMTP_USERNAME="noreply@example.com"
SMTP_PASSWD="your-smtp-password"

Certificate Setup

Apple Wallet Certificates

To generate Apple Wallet passes, you need:

Pass Type ID Certificate - Download from Apple Developer Portal
Apple WWDR Certificate - Apple Worldwide Developer Relations CA

Place certificates in src/lib/certs/:

src/lib/certs/
├── pass.pem          # Your Pass Type ID certificate
├── pass.key          # Private key
└── wwdr.pem          # Apple WWDR certificate

Google Wallet Credentials

For Google Wallet integration:

Create a service account in Google Cloud Console
Enable the Google Wallet API
Place the service account JSON in src/lib/assets/key.json

Production Considerations

Security Recommendations

Use strong tokens: Generate secure random values for AUTH_TOKEN
Enable HTTPS: Set HTTPS=true and configure TLS certificates
Restrict CORS: Configure allowed origins for production
Monitor errors: Configure Sentry DSN for error tracking

Performance Settings

In production mode (NODE_ENV=production), the service automatically enables:

Rate limiting: 100 requests per 2 seconds
Circuit breaker: Prevents cascade failures
Response compression: Reduces bandwidth

Deployment Platforms

The service supports multiple deployment platforms:

Platform	Configuration File
Docker	`Dockerfile`, `docker-compose.yml`
Heroku	`Procfile`, `app.json`
Railway	`railway.json`
Fly.io	`fly.toml`