.env.example

# ------------------------------------------------------------
# sysnode-backend environment
# Copy this file to `.env` and fill in values. `.env` is gitignored.
# ------------------------------------------------------------

# Express server
PORT=3001
BASE_URL=http://localhost:3001
# Origin of the SPA; used for credentialed CORS on /auth and /vault and as
# the destination for email-verification magic links. Falls back to
# CORS_ORIGIN when FRONTEND_URL is unset.
CORS_ORIGIN=http://localhost:3000
FRONTEND_URL=http://localhost:3000
NODE_ENV=development

# Reverse-proxy awareness. Without this, Express treats the proxy's socket
# address as req.ip and every real client collapses into a single rate-limit
# bucket (so a few failed logins throttle everyone).
#   - "loopback"  : trust 127.0.0.1 / ::1 only (safe dev default)
#   - "1"         : single proxy hop (typical nginx in front)
#   - "2"         : two hops (e.g. CDN -> LB -> app)
#   - "10.0.0.0/8": trust a specific CIDR
#   - "true"      : trust everything (ONLY for closed networks you control)
TRUST_PROXY=loopback

# SQLite database file (relative paths are resolved against CWD)
SYSNODE_DB_PATH=./data/sysnode.db

# Auth pepper: 32+ random bytes in hex. REQUIRED in production.
# Generate with: `node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"`
SYSNODE_AUTH_PEPPER=

# SMTP (required for email verification + vote reminders).
# In production the server refuses to start unless either SMTP_HOST is set
# or MAIL_TRANSPORT=log is set explicitly (stdout-only dry-run).
SMTP_HOST=
SMTP_PORT=587
SMTP_USER=
SMTP_PASS=
MAIL_FROM=no-reply@syscoin.dev
# Optional explicit override. Valid values: smtp | log | memory.
# Leave unset to auto-select (smtp if SMTP_HOST is set, otherwise log in
# dev / hard-fail in production).
MAIL_TRANSPORT=

# Syscoin Core RPC
SYSCOIN_RPC_HOST=localhost
SYSCOIN_RPC_PORT=8370
SYSCOIN_RPC_LOG_LEVEL=error
#
# Authentication. Two modes are supported, with cookie taking
# precedence if both are set. Same-host deployments (backend running
# next to syscoind) should prefer cookie auth — Core rotates the
# token on every restart and we pick the new one up automatically
# on the next 401 without needing an operator-managed secret.
#
# Mode 1 — COOKIE (recommended for same-host):
#   Absolute path to the `.cookie` file that syscoind writes into
#   its datadir on startup. Leave blank to fall back to Mode 2.
#     Linux default : /root/.syscoin/.cookie  (or ~/.syscoin/.cookie)
#     macOS default : ~/Library/Application Support/Syscoin/.cookie
#   The backend process must have read access; if syscoind runs as
#   a different user, either share the group or set
#   `-rpccookieperms=group` in syscoin.conf.
SYSCOIN_RPC_COOKIE_PATH=
#
# Mode 2 — STATIC (for remote RPC nodes or pre-configured rpcauth).
# Only used when SYSCOIN_RPC_COOKIE_PATH is blank. Both must be set.
SYSCOIN_RPC_USER=
SYSCOIN_RPC_PASS=

# Governance "Pay with Pali" path. Both variables MUST be set for the
# server to build a 150-SYS collateral PSBT from a connected Pali
# account; either blank disables the /collateral/psbt route (the FE
# feature-detects and keeps the manual CLI fallback visible).
#
# SYSCOIN_NETWORK: 'mainnet' | 'testnet'. Pinned chain — must match
#                  the SYSCOIN_RPC_* node above AND the Blockbook URL
#                  below. The PSBT builder uses this to pick the
#                  correct xpub prefix (zpub / vpub) and bech32 HRP
#                  (sys / tsys) and to reject Pali users on the wrong
#                  network before any fees could be burned.
#
# SYSCOIN_BLOCKBOOK_URL: xpub-UTXO indexer used by syscoinjs-lib.
#                  Trailing slashes are tolerated; the library appends
#                  its own API paths.
#                   Mainnet : https://blockbook.syscoin.org/
#                   Testnet : https://blockbook-dev.syscoin.org/
SYSCOIN_NETWORK=
SYSCOIN_BLOCKBOOK_URL=