# Delphi Consulting Group Database System - Environment Variables
# Copy this file to .env and modify the values as needed

# ===== APPLICATION SETTINGS =====
APP_NAME=Delphi Consulting Group Database System
DEBUG=False

# ===== DATABASE CONFIGURATION =====
# For Docker: sqlite:///data/delphi_database.db (uses volume)
# For local development: sqlite:///./delphi_database.db
DATABASE_URL=sqlite:///data/delphi_database.db

# ===== SECURITY SETTINGS - CRITICAL FOR PRODUCTION =====
# IMPORTANT: Generate a secure secret key for production!
# Use: python -c "import secrets; print(secrets.token_urlsafe(32))"
SECRET_KEY=CHANGE-THIS-TO-A-SECURE-RANDOM-KEY-IN-PRODUCTION
ACCESS_TOKEN_EXPIRE_MINUTES=30
ALGORITHM=HS256

# ===== ADMIN USER CREATION (Docker only) =====
# Set to true to auto-create admin user on first run
CREATE_ADMIN_USER=true
ADMIN_USERNAME=admin
ADMIN_EMAIL=admin@delphicg.local
ADMIN_PASSWORD=CHANGE-THIS-SECURE-ADMIN-PASSWORD
ADMIN_FULLNAME=System Administrator

# ===== SERVER SETTINGS =====
HOST=0.0.0.0
PORT=8000
# External port mapping (Docker compose uses 6920:8000)
EXTERNAL_PORT=6920

# ===== FILE STORAGE =====
UPLOAD_DIR=./uploads
BACKUP_DIR=./backups

# ===== PAGINATION =====
DEFAULT_PAGE_SIZE=50
MAX_PAGE_SIZE=200

# ===== LOGGING =====
LOG_LEVEL=INFO

# ===== PRODUCTION SECURITY =====
# Set to True only in production with proper SSL
SECURE_COOKIES=False
SECURE_SSL_REDIRECT=False

# ===== CORS SETTINGS =====
# Restrict these in production to your actual domains
CORS_ORIGINS=["http://localhost:6920", "https://yourdomain.com"]

# ===== RATE LIMITING =====
RATE_LIMIT_PER_MINUTE=100
LOGIN_RATE_LIMIT_PER_MINUTE=10

# ===== DOCKER SETTINGS =====
# Number of Gunicorn workers (production)
WORKERS=4
WORKER_TIMEOUT=120

# ===== BACKUP SETTINGS =====
# Automatic backup retention (number of backups to keep)
BACKUP_RETENTION_COUNT=10

# ===== EMAIL SETTINGS (Future feature) =====
# SMTP_HOST=smtp.example.com
# SMTP_PORT=587
# SMTP_USER=noreply@example.com
# SMTP_PASSWORD=your-email-password
# SMTP_TLS=True

# ===== MONITORING & HEALTH CHECKS =====
HEALTH_CHECK_INTERVAL=30
HEALTH_CHECK_TIMEOUT=10

# ===== SSL/TLS SETTINGS (for Nginx) =====
# SSL_CERT_PATH=/app/ssl/cert.pem
# SSL_KEY_PATH=/app/ssl/key.pem