Documentation/operations/configuration.md

# Configuration

## Environment Variables

### Application

| Variable | Description | Example |
|----------|-------------|---------|
| `NODE_ENV` | Runtime environment | `production` |
| `PORT` | API server port | `3000` |
| `LOG_LEVEL` | Logging verbosity | `info` |

### Database

| Variable | Description | Example |
|----------|-------------|---------|
| `DB_HOST` | PostgreSQL host | `postgres.internal` |
| `DB_PORT` | PostgreSQL port | `5432` |
| `DB_USER` | Database user | `tlas_app` |
| `DB_PASSWORD` | Database password | `<secure>` |
| `DB_NAME` | Database name | `tlas_prod` |

### Authentication

| Variable | Description | Example |
|----------|-------------|---------|
| `JWT_SECRET` | Token signing key | `<64-char-random>` |
| `JWT_EXPIRY` | Token lifetime | `3600` |

### Blockchain

| Variable | Description | Example |
|----------|-------------|---------|
| `BESU_RPC_URL` | Besu JSON-RPC endpoint | `http://besu:8545` |
| `CONTRACT_ADDRESS` | NFT contract address | `0x123...` |
| `WALLET_PRIVATE_KEY` | Signing wallet key | `<secure>` |

### External Services

| Variable | Description | Example |
|----------|-------------|---------|
| `DIGILOCKER_CLIENT_ID` | DigiLocker OAuth client | `<client-id>` |
| `DIGILOCKER_SECRET` | DigiLocker OAuth secret | `<secret>` |
| `SMTP_HOST` | Email server | `smtp.gov.in` |
| `SMS_API_KEY` | SMS gateway key | `<api-key>` |

## Configuration Files

### `config/production.yaml`

```yaml
server:
  port: 3000
  cors:
    origins:
      - https://tlas.gov.in
      - https://admin.tlas.gov.in

database:
  pool:
    min: 5
    max: 20

blockchain:
  confirmations: 2
  gasLimit: 500000

upload:
  maxSize: 10485760  # 10MB
  allowedTypes:
    - application/pdf
    - image/jpeg
    - image/png
```

## Secrets Management

Store sensitive values in:
- Environment variables (Docker/Kubernetes)
- HashiCorp Vault
- AWS Secrets Manager

Never commit secrets to version control.
docs: Rebuild documentation as enterprise-grade TLAS platform - Migrate from custom HTTP server to VitePress framework - Rename project to Tokenized License Approval System (TLAS) - Add comprehensive documentation for all stakeholders: - Business: Executive summary, value proposition, governance - Operations: Infrastructure, installation, monitoring, backup - Departments: User guide, workflows, verification, issuance - Developers: API reference, authentication, webhooks, SDKs - Compliance: OWASP, DPDP Act, IT Act, audit framework - Add modern theme with dark mode and full-text search - Update Dockerfile for VitePress build process Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> 2026-02-10 00:05:20 -04:00			`# Configuration`

			`## Environment Variables`

			`### Application`

			`\| Variable \| Description \| Example \|`
			`\|----------\|-------------\|---------\|`
			\| `NODE_ENV` \| Runtime environment \| `production` \|
			\| `PORT` \| API server port \| `3000` \|
			\| `LOG_LEVEL` \| Logging verbosity \| `info` \|

			`### Database`

			`\| Variable \| Description \| Example \|`
			`\|----------\|-------------\|---------\|`
			\| `DB_HOST` \| PostgreSQL host \| `postgres.internal` \|
			\| `DB_PORT` \| PostgreSQL port \| `5432` \|
			\| `DB_USER` \| Database user \| `tlas_app` \|
			\| `DB_PASSWORD` \| Database password \| `<secure>` \|
			\| `DB_NAME` \| Database name \| `tlas_prod` \|

			`### Authentication`

			`\| Variable \| Description \| Example \|`
			`\|----------\|-------------\|---------\|`
			\| `JWT_SECRET` \| Token signing key \| `<64-char-random>` \|
			\| `JWT_EXPIRY` \| Token lifetime \| `3600` \|

			`### Blockchain`

			`\| Variable \| Description \| Example \|`
			`\|----------\|-------------\|---------\|`
			\| `BESU_RPC_URL` \| Besu JSON-RPC endpoint \| `http://besu:8545` \|
			\| `CONTRACT_ADDRESS` \| NFT contract address \| `0x123...` \|
			\| `WALLET_PRIVATE_KEY` \| Signing wallet key \| `<secure>` \|

			`### External Services`

			`\| Variable \| Description \| Example \|`
			`\|----------\|-------------\|---------\|`
			\| `DIGILOCKER_CLIENT_ID` \| DigiLocker OAuth client \| `<client-id>` \|
			\| `DIGILOCKER_SECRET` \| DigiLocker OAuth secret \| `<secret>` \|
			\| `SMTP_HOST` \| Email server \| `smtp.gov.in` \|
			\| `SMS_API_KEY` \| SMS gateway key \| `<api-key>` \|

			`## Configuration Files`

			### `config/production.yaml`

			```yaml
			`server:`
			`port: 3000`
			`cors:`
			`origins:`
			`- https://tlas.gov.in`
			`- https://admin.tlas.gov.in`

			`database:`
			`pool:`
			`min: 5`
			`max: 20`

			`blockchain:`
			`confirmations: 2`
			`gasLimit: 500000`

			`upload:`
			`maxSize: 10485760 # 10MB`
			`allowedTypes:`
			`- application/pdf`
			`- image/jpeg`
			`- image/png`
			```

			`## Secrets Management`

			`Store sensitive values in:`
			`- Environment variables (Docker/Kubernetes)`
			`- HashiCorp Vault`
			`- AWS Secrets Manager`

			`Never commit secrets to version control.`