# =============================================================================
# STELLA OPS CHINA COMPLIANCE ENVIRONMENT
# =============================================================================
# Environment template for China (SM2/SM3/SM4) compliance deployments.
#
# Usage with simulation:
#   cp env/compliance-china.env.example .env
#   docker compose -f docker-compose.stella-ops.yml \
#     -f docker-compose.compliance-china.yml \
#     -f docker-compose.crypto-sim.yml up -d
#
# Usage with SM Remote (production):
#   docker compose -f docker-compose.stella-ops.yml \
#     -f docker-compose.compliance-china.yml \
#     -f docker-compose.sm-remote.yml up -d
#
# =============================================================================

# Crypto profile
STELLAOPS_CRYPTO_PROFILE=china

# =============================================================================
# SM REMOTE SERVICE CONFIGURATION
# =============================================================================

SM_REMOTE_PORT=56080

# Software-only SM2 provider (for testing/development)
SM_SOFT_ALLOWED=1

# OSCCA-certified HSM configuration (for production)
# Set these when using a certified hardware security module
SM_REMOTE_HSM_URL=
SM_REMOTE_HSM_API_KEY=
SM_REMOTE_HSM_TIMEOUT=30000

# Client certificate authentication for HSM (optional)
SM_REMOTE_CLIENT_CERT_PATH=
SM_REMOTE_CLIENT_CERT_PASSWORD=

# =============================================================================
# CRYPTO SIMULATION (for testing only)
# =============================================================================

# Enable simulation mode
STELLAOPS_CRYPTO_ENABLE_SIM=1
STELLAOPS_CRYPTO_SIM_URL=http://sim-crypto:8080
SIM_CRYPTO_PORT=18090