mirror of
https://github.com/juspay/hyperswitch.git
synced 2025-11-02 04:04:43 +08:00
283 lines
15 KiB
TOML
283 lines
15 KiB
TOML
# This is a sample config file whose sole purpose is to enumerate
|
|
# all the available configuration options, and is intended to be used
|
|
# solely as a reference. Please copy this file to create a config.
|
|
|
|
# Server configuration
|
|
[server]
|
|
port = 8080
|
|
host = "127.0.0.1"
|
|
# This is the grace time (in seconds) given to the actix-server to stop the execution
|
|
# For more details: https://actix.rs/docs/server/#graceful-shutdown
|
|
shutdown_timeout = 30
|
|
# HTTP Request body limit. Defaults to 16kB
|
|
request_body_limit = 16_384
|
|
# Proxy server configuration for connecting to payment gateways.
|
|
# Don't define the fields if a Proxy isn't needed. Empty strings will cause failure.
|
|
[proxy]
|
|
# http_url = "http proxy url" # Proxy all HTTP traffic via this proxy
|
|
# https_url = "https proxy url" # Proxy all HTTPS traffic via this proxy
|
|
|
|
# Main SQL data store credentials
|
|
[master_database]
|
|
username = "db_user" # DB Username
|
|
password = "db_pass" # DB Password. Only applicable when KMS is disabled.
|
|
host = "localhost" # DB Host
|
|
port = 5432 # DB Port
|
|
dbname = "hyperswitch_db" # Name of Database
|
|
pool_size = 5 # Number of connections to keep open
|
|
connection_timeout = 10 # Timeout for database connection in seconds
|
|
kms_encrypted_password = "" # Base64-encoded (KMS encrypted) ciphertext of the database password. Only applicable when KMS is enabled.
|
|
|
|
# Replica SQL data store credentials
|
|
[replica_database]
|
|
username = "replica_user" # DB Username
|
|
password = "replica_pass" # DB Password. Only applicable when KMS is disabled.
|
|
host = "localhost" # DB Host
|
|
port = 5432 # DB Port
|
|
dbname = "hyperswitch_db" # Name of Database
|
|
pool_size = 5 # Number of connections to keep open
|
|
connection_timeout = 10 # Timeout for database connection in seconds
|
|
kms_encrypted_password = "" # Base64-encoded (KMS encrypted) ciphertext of the database password. Only applicable when KMS is enabled.
|
|
|
|
# Redis credentials
|
|
[redis]
|
|
host = "127.0.0.1"
|
|
port = 6379
|
|
pool_size = 5 # Number of connections to keep open
|
|
reconnect_max_attempts = 5 # Maximum number of reconnection attempts to make before failing. Set to 0 to retry forever.
|
|
reconnect_delay = 5 # Delay between reconnection attempts, in milliseconds
|
|
default_ttl = 300 # Default TTL for entries, in seconds
|
|
default_hash_ttl = 900 # Default TTL for hashes entries, in seconds
|
|
use_legacy_version = false # Resp protocol for fred crate (set this to true if using RESPv2 or redis version < 6)
|
|
stream_read_count = 1 # Default number of entries to read from stream if not provided in stream read options
|
|
|
|
# Logging configuration. Logging can be either to file or console or both.
|
|
|
|
# Logging configuration for file logging
|
|
[log.file]
|
|
enabled = false # Toggle [true or false]
|
|
path = "logs" # specify the directory to create log files
|
|
file_name = "debug.log" # base name for log files.
|
|
# levels can be "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "OFF"
|
|
# defaults to "WARN"
|
|
level = "WARN"
|
|
# sets the log level for one or more crates
|
|
filtering_directive = "WARN,router=INFO,reqwest=INFO"
|
|
# ^^^^ ^^^^---------^^^^-- sets the log level for the
|
|
# | router and reqwest crates to INFO.
|
|
# |
|
|
# |______________________________ sets the log level for all
|
|
# other crates to WARN.
|
|
|
|
# Logging configuration for console logging
|
|
[log.console]
|
|
enabled = true # boolean [true or false]
|
|
log_format = "default" # Log format. "default" or "json"
|
|
# levels can be "TRACE", "DEBUG", "INFO", "WARN", "ERROR", "OFF"
|
|
# defaults to "WARN"
|
|
level = "DEBUG"
|
|
# sets the log level for one or more crates
|
|
filtering_directive = "WARN,router=INFO,reqwest=INFO"
|
|
# ^^^^ ^^^^---------^^^^-- sets the log level for the
|
|
# | router and reqwest crates to INFO.
|
|
# |
|
|
# |______________________________ sets the log level for all
|
|
# other crates to WARN.
|
|
|
|
# Telemetry configuration for metrics and traces
|
|
[log.telemetry]
|
|
traces_enabled = false # boolean [true or false], whether traces are enabled
|
|
metrics_enabled = false # boolean [true or false], whether metrics are enabled
|
|
ignore_errors = false # boolean [true or false], whether to ignore errors during traces or metrics pipeline setup
|
|
sampling_rate = 0.1 # decimal rate between 0.0 - 1.0
|
|
otel_exporter_otlp_endpoint = "http://localhost:4317" # endpoint to send metrics and traces to, can include port number
|
|
otel_exporter_otlp_timeout = 5000 # timeout (in milliseconds) for sending metrics and traces
|
|
use_xray_generator = false # Set this to true for AWS X-ray compatible traces
|
|
|
|
# This section provides some secret values.
|
|
[secrets]
|
|
master_enc_key = "sample_key" # Master Encryption key used to encrypt merchant wise encryption key. Should be 32-byte long.
|
|
admin_api_key = "test_admin" # admin API key for admin authentication. Only applicable when KMS is disabled.
|
|
kms_encrypted_admin_api_key = "" # Base64-encoded (KMS encrypted) ciphertext of the admin_api_key. Only applicable when KMS is enabled.
|
|
jwt_secret = "secret" # JWT secret used for user authentication. Only applicable when KMS is disabled.
|
|
kms_encrypted_jwt_secret = "" # Base64-encoded (KMS encrypted) ciphertext of the jwt_secret. Only applicable when KMS is enabled.
|
|
|
|
# Locker settings contain details for accessing a card locker, a
|
|
# PCI Compliant storage entity which stores payment method information
|
|
# like card details
|
|
[locker]
|
|
host = "" # Locker host
|
|
mock_locker = true # Emulate a locker locally using Postgres
|
|
basilisk_host = "" # Basilisk host
|
|
locker_setup = "legacy_locker" # With locker to use while in the deployed environment (eg. legacy_locker, basilisk_locker)
|
|
locker_signing_key_id = "1" # Key_id to sign basilisk hs locker
|
|
|
|
[delayed_session_response]
|
|
connectors_with_delayed_session_response = "trustpay" # List of connectors which has delayed session response
|
|
|
|
[jwekey] # 4 priv/pub key pair
|
|
locker_key_identifier1 = "" # key identifier for key rotation , should be same as basilisk
|
|
locker_key_identifier2 = "" # key identifier for key rotation , should be same as basilisk
|
|
locker_encryption_key1 = "" # public key 1 in pem format, corresponding private key in basilisk
|
|
locker_encryption_key2 = "" # public key 2 in pem format, corresponding private key in basilisk
|
|
locker_decryption_key1 = "" # private key 1 in pem format, corresponding public key in basilisk
|
|
locker_decryption_key2 = "" # private key 2 in pem format, corresponding public key in basilisk
|
|
vault_encryption_key = "" # public key in pem format, corresponding private key in basilisk-hs
|
|
vault_private_key = "" # private key in pem format, corresponding public key in basilisk-hs
|
|
|
|
|
|
# Refund configuration
|
|
[refund]
|
|
max_attempts = 10 # Number of refund attempts allowed
|
|
max_age = 365 # Max age of a refund in days.
|
|
|
|
[webhooks]
|
|
outgoing_enabled = true
|
|
|
|
# Validity of an Ephemeral Key in Hours
|
|
[eph_key]
|
|
validity = 1
|
|
|
|
[api_keys]
|
|
# Base64-encoded (KMS encrypted) ciphertext of the API key hashing key
|
|
kms_encrypted_hash_key = ""
|
|
# Hex-encoded 32-byte long (64 characters long when hex-encoded) key used for calculating hashes of API keys
|
|
hash_key = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
|
|
|
|
# Connector configuration, provided attributes will be used to fulfill API requests.
|
|
# Examples provided here are sandbox/test base urls, can be replaced by live or mock
|
|
# base urls based on your need.
|
|
# Note: These are not optional attributes. hyperswitch request can fail due to invalid/empty values.
|
|
[connectors]
|
|
aci.base_url = "https://eu-test.oppwa.com/"
|
|
adyen.base_url = "https://checkout-test.adyen.com/"
|
|
airwallex.base_url = "https://api-demo.airwallex.com/"
|
|
applepay.base_url = "https://apple-pay-gateway.apple.com/"
|
|
authorizedotnet.base_url = "https://apitest.authorize.net/xml/v1/request.api"
|
|
bambora.base_url = "https://api.na.bambora.com"
|
|
bitpay.base_url = "https://test.bitpay.com"
|
|
bluesnap.base_url = "https://sandbox.bluesnap.com/"
|
|
braintree.base_url = "https://api.sandbox.braintreegateway.com/"
|
|
checkout.base_url = "https://api.sandbox.checkout.com/"
|
|
coinbase.base_url = "https://api.commerce.coinbase.com"
|
|
cybersource.base_url = "https://apitest.cybersource.com/"
|
|
dlocal.base_url = "https://sandbox.dlocal.com/"
|
|
dummyconnector.base_url = "http://localhost:8080/dummy-connector"
|
|
fiserv.base_url = "https://cert.api.fiservapps.com/"
|
|
forte.base_url = "https://sandbox.forte.net/api/v3"
|
|
globalpay.base_url = "https://apis.sandbox.globalpay.com/ucp/"
|
|
iatapay.base_url = "https://sandbox.iata-pay.iata.org/api/v1"
|
|
klarna.base_url = "https://api-na.playground.klarna.com/"
|
|
mollie.base_url = "https://api.mollie.com/v2/"
|
|
multisafepay.base_url = "https://testapi.multisafepay.com/"
|
|
nexinets.base_url = "https://apitest.payengine.de/v1"
|
|
nmi.base_url = "https://secure.nmi.com/"
|
|
noon.base_url = "https://api-test.noonpayments.com/"
|
|
nuvei.base_url = "https://ppp-test.nuvei.com/"
|
|
opennode.base_url = "https://dev-api.opennode.com"
|
|
payeezy.base_url = "https://api-cert.payeezy.com/"
|
|
paypal.base_url = "https://www.sandbox.paypal.com/"
|
|
payu.base_url = "https://secure.snd.payu.com/"
|
|
rapyd.base_url = "https://sandboxapi.rapyd.net"
|
|
shift4.base_url = "https://api.shift4.com/"
|
|
stripe.base_url = "https://api.stripe.com/"
|
|
stripe.base_url_file_upload = "https://files.stripe.com/"
|
|
worldline.base_url = "https://eu.sandbox.api-ingenico.com/"
|
|
worldpay.base_url = "https://try.access.worldpay.com/"
|
|
trustpay.base_url = "https://test-tpgw.trustpay.eu/"
|
|
trustpay.base_url_bank_redirects = "https://aapi.trustpay.eu/"
|
|
zen.base_url = "https://api.zen-test.com/"
|
|
|
|
# Bank redirect configs for allowed banks through online_banking_czech_republic payment method
|
|
[bank_config.online_banking_czech_republic]
|
|
adyen = { banks = "ceska_sporitelna,komercni_banka,platnosc_online_karta_platnicza" }
|
|
|
|
# Bank redirect configs for allowed banks through online_banking_slovakia payment method
|
|
[bank_config.online_banking_slovakia]
|
|
adyen = { banks = "e_platby_vub,postova_banka,sporo_pay,tatra_pay,viamo" }
|
|
|
|
# Bank redirect configs for allowed banks through online_banking_poland payment method
|
|
[bank_config.online_banking_poland]
|
|
adyen = { banks = "blik_psp,place_zipko,m_bank,pay_with_ing,santander_przelew24,bank_pekaosa,bank_millennium,pay_with_alior_bank,banki_spoldzielcze,pay_with_inteligo,bnp_paribas_poland,bank_nowy_sa,credit_agricole,pay_with_bos,pay_with_citi_handlowy,pay_with_plus_bank,toyota_bank,velo_bank,e_transfer_pocztowy24"}
|
|
|
|
# Bank redirect configs for allowed banks through przelewy24 payment method
|
|
[bank_config.przelewy24]
|
|
stripe = { banks = "alior_bank,bank_millennium,bank_nowy_bfg_sa,bank_pekao_sa,banki_spbdzielcze,blik,bnp_paribas,boz,citi,credit_agricole,e_transfer_pocztowy24,getin_bank,idea_bank,inteligo,mbank_mtransfer,nest_przelew,noble_pay,pbac_z_ipko,plus_bank,santander_przelew24,toyota_bank,volkswagen_bank" }
|
|
|
|
# This data is used to call respective connectors for wallets and cards
|
|
[connectors.supported]
|
|
wallets = ["klarna", "braintree", "applepay"]
|
|
cards = [
|
|
"adyen",
|
|
"authorizedotnet",
|
|
"coinbase",
|
|
"braintree",
|
|
"checkout",
|
|
"cybersource",
|
|
"globalpay",
|
|
"mollie",
|
|
"paypal",
|
|
"shift4",
|
|
"stripe",
|
|
"worldpay",
|
|
"zen",
|
|
]
|
|
|
|
# Scheduler settings provides a point to modify the behaviour of scheduler flow.
|
|
# It defines the the streams/queues name and configuration as well as event selection variables
|
|
[scheduler]
|
|
stream = "SCHEDULER_STREAM"
|
|
graceful_shutdown_interval = 60000 # Specifies how much time to wait while re-attempting shutdown for a service (in milliseconds)
|
|
loop_interval = 5000 # Specifies how much time to wait before starting the defined behaviour of producer or consumer (in milliseconds)
|
|
|
|
[scheduler.consumer]
|
|
consumer_group = "SCHEDULER_GROUP"
|
|
disabled = false # This flag decides if the consumer should actively consume task
|
|
|
|
[scheduler.producer]
|
|
upper_fetch_limit = 0 # Upper limit for fetching entries from the redis queue (in seconds)
|
|
lower_fetch_limit = 1800 # Lower limit for fetching entries from redis queue (in seconds)
|
|
lock_key = "PRODUCER_LOCKING_KEY" # The following keys defines the producer lock that is created in redis with
|
|
lock_ttl = 160 # the ttl being the expiry (in seconds)
|
|
|
|
batch_size = 200 # Specifies the batch size the producer will push under a single entry in the redis queue
|
|
|
|
# Drainer configuration, which handles draining raw SQL queries from Redis streams to the SQL database
|
|
[drainer]
|
|
stream_name = "DRAINER_STREAM" # Specifies the stream name to be used by the drainer
|
|
num_partitions = 64 # Specifies the number of partitions the stream will be divided into
|
|
max_read_count = 100 # Specifies the maximum number of entries that would be read from redis stream in one call
|
|
shutdown_interval = 1000 # Specifies how much time to wait, while waiting for threads to complete execution (in milliseconds)
|
|
loop_interval = 500 # Specifies how much time to wait after checking all the possible streams in completed (in milliseconds)
|
|
|
|
# Filtration logic for list payment method, allowing use to limit payment methods based on the requirement country and currency
|
|
[pm_filters.stripe]
|
|
# ^--- This can be any connector (can be multiple)
|
|
paypal = { currency = "USD,INR", country = "US" }
|
|
# ^ ^------- comma-separated values
|
|
# ^------------------------------- any valid payment method type (can be multiple) (for cards this should be card_network)
|
|
# If either currency or country isn't provided then, all possible values are accepted
|
|
|
|
# KMS configuration. Only applicable when the `kms` feature flag is enabled.
|
|
[kms]
|
|
key_id = "" # The AWS key ID used by the KMS SDK for decrypting data.
|
|
region = "" # The AWS region used by the KMS SDK for decrypting data.
|
|
|
|
# EmailClient configuration. Only applicable when the `email` feature flag is enabled.
|
|
[email]
|
|
from_email = "notify@example.com" # Sender email
|
|
aws_region = "" # AWS region used by AWS SES
|
|
base_url = "" # Base url used when adding links that should redirect to self
|
|
|
|
[dummy_connector]
|
|
payment_ttl = 172800 # Time to live for dummy connector payment in redis
|
|
payment_duration = 1000 # Fake delay duration for dummy connector payment
|
|
payment_tolerance = 100 # Fake delay tolerance for dummy connector payment
|
|
payment_retrieve_duration = 500 # Fake delay duration for dummy connector payment sync
|
|
payment_retrieve_tolerance = 100 # Fake delay tolerance for dummy connector payment sync
|
|
refund_ttl = 172800 # Time to live for dummy connector refund in redis
|
|
refund_duration = 1000 # Fake delay duration for dummy connector refund
|
|
refund_tolerance = 100 # Fake delay tolerance for dummy connector refund
|
|
refund_retrieve_duration = 500 # Fake delay duration for dummy connector refund sync
|
|
refund_retrieve_tolerance = 100 # Fake delay tolerance for dummy connector refund sync
|