#
# Registry servers configuration
#
#
# Be sure to restart your server when you modify settings.
#

#
# SMTP configuration (for Admin/EPP/Registrar/Registrant servers)
#
smtp_address: 'server-hostname'
smtp_port: '25' # 587, 465
smtp_user_name: 'login'
smtp_password: 'pw/key'
# If you need to specify a HELO domain, you can do it here.
smtp_domain: '' # 'domain for HELO checking'
# Use "none" only when for a self-signed and/or wildcard certificate
smtp_openssl_verify_mode: 'peer' # 'none', 'peer', 'client_once','fail_if_no_peer_cert'
# Detects if STARTTLS is enabled in your SMTP server and starts to use it. Defaults to true.
# Set this to false if there is a problem with your server certificate that you cannot resolve.
smtp_enable_starttls_auto: 'true' # 'false'
# If your mail server requires authentication, please change.
smtp_authentication: 'plain' # 'plain', 'login', 'cram_md5'
registrant_url: 'https://registrant.example.com' # for valid email body registrant links
# Staging env does not send any emails unless they are whitelisted
whitelist_emails_for_staging: >
  test@example.org,
  old@example.org,
  new@example.org,
  old@example.com,
  new@example.com

#
# ADMIN server
#
app_name: '.EE Registry'
zonefile_export_dir: 'export/zonefiles'
bank_statement_import_dir: 'import/bank_statements'
legal_documents_dir: 'import/legal_documents'
time_zone: 'Tallinn' # more zones by rake time:zones:all

openssl_config_path: '/etc/ssl/openssl.cnf'
crl_dir:     '/home/registry/registry/shared/ca/crl'
crl_path:     '/home/registry/registry/shared/ca/crl/crl.pem'
ca_cert_path: '/home/registry/registry/shared/ca/certs/ca.crt.pem'
ca_key_path:  '/home/registry/registry/shared/ca/private/ca.key.pem'
ca_key_password: 'your-root-key-password'

directo_invoice_url: 'https://domain/ddddd.asp'


#
# EPP
#
webclient_ips: '127.0.0.1,0.0.0.0' #ips, separated with commas
webclient_cert_common_name: 'webclient'
# Contact epp will not accept org value by default
# and returns 2306 "Parameter value policy error"
contact_org_enabled: 'false'

# Overwrite rack default trusted proxies list in order to
# enable test external interfaces EPP/REPP from webserver network
# eis_trusted_proxies: '1.1.1.1,2.2.2.2' #ips, separated with commas

# Enable iptables counter updater
# iptables_counter_enabled: 'true'
# iptables_server_ip: '127.0.0.1'

# Custom legal document types. Changing this requires updating EPP extension schema for allowed legalDocEnumType values.
# System default for legal document types is: pdf,bdoc,ddoc,zip,rar,gz,tar,7z,odt,doc,docx
# legal_document_types: "pdf,bdoc,ddoc,zip,rar,gz,tar,7z,odt,doc,docx"


#
# REGISTRAR configuration (DEPP)
#
show_ds_data_fields: 'false'
default_nameservers_count: '2'
default_admin_contacts_count: '1'
epp_port: '700'
cert_path: '/home/registry/registry/shared/ca/certs/webclient.cert.pem'
key_path: '/home/registry/registry/shared/ca/private/webclient.key.pem'
epp_hostname: 'registry.gitlab.eu'
repp_url: 'https://repp.gitlab.eu/repp/v1/'

# Estonian Business Registry
# http://www.rik.ee/en/e-business-registry/xml-service
arireg_username:
arireg_password:
arireg_wsdl:  'https://demo-ariregxml.rik.ee:447/testariport/?wsdl'
arireg_host: 'http://demo-ariregxml.rik.ee:81/'

# Mobile-ID and ID-card login
# https://www.id.ee/?id=35760 General how-to
# https://www.id.ee/?id=36381 Mobile-ID test numbers
sk_digi_doc_service_endpoint: 'https://tsp.demo.sk.ee'
sk_digi_doc_service_name: 'Testimine'


#
# MISC

# You can use `rake secret` to generate a secure secret key.
# Your secret key is used for verifying the integrity of signed cookies.
# If you change this key, all old signed cookies will become invalid!
secret_key_base: 'please-change-it-you-can-generate-it-with-rake-secret'
devise_secret: 'please-change-it-you-can-generate-it-with-rake-secret'

payments_banks: >
  seb,
  swed,
  lhv
payments_seb_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r'
payments_seb_bank_certificate: 'eyp_pub.pem'
payments_seb_seller_private: 'kaupmees_priv.pem'
payments_seb_seller_account: 'testvpos'
payments_swed_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r'
payments_swed_bank_certificate: 'eyp_pub.pem'
payments_swed_seller_private: 'kaupmees_priv.pem'
payments_swed_seller_account: 'testvpos'
payments_lhv_url: 'https://www.seb.ee/cgi-bin/dv.sh/ipank.r'
payments_lhv_bank_certificate: 'eyp_pub.pem'
payments_lhv_seller_private: 'kaupmees_priv.pem'
payments_lhv_seller_account: 'testvpos'

user_session_timeout: '3600' # 1 hour
secure_session_cookies: 'false' # true|false
same_site_session_cookies: 'false' # false|strict|lax