furt/config/furt.conf.example

# furt.conf - Multi-Tenant Configuration Example
# Dragons@Work Digital Sovereignty Project

# Server configuration
[server]
host = 127.0.0.1
port = 7811
log_level = info
log_requests = true
client_timeout = 10

# CORS configuration
cors_allowed_origins = http://localhost:1313,http://127.0.0.1:1313,https://dragons-at-work.de,https://www.dragons-at-work.de

# Security settings
[security]
rate_limit_api_key_max = 60
rate_limit_ip_max = 100
rate_limit_window = 3600
enable_test_endpoint = false

# Default SMTP settings (used when API keys don't have custom SMTP)
[smtp_default]
host = mail.dragons-at-work.de
port = 465
user = noreply@dragons-at-work.de
password = your-smtp-password-here
use_ssl = true

# Dragons@Work Website
[api_key "daw-frontend-key"]
name = "Dragons@Work Website"
permissions = mail:send
allowed_ips = 127.0.0.1, 10.0.0.0/8, 192.168.0.0/16
mail_to = admin@dragons-at-work.de
mail_from = noreply@dragons-at-work.de
mail_subject_prefix = "[DAW Contact] "

# Biocodie Website (same SMTP, different recipient)
[api_key "bio-frontend-key"]
name = "Biocodie Website"
permissions = mail:send
allowed_ips = 127.0.0.1, 10.0.0.0/8
mail_to = contact@biocodie.de
mail_from = noreply@biocodie.de
mail_subject_prefix = "[Biocodie] "

# Verlag Website
[api_key "verlag-frontend-key"]
name = "Verlag Dragons@Work"
permissions = mail:send
allowed_ips = 127.0.0.1, 10.0.0.0/8
mail_to = verlag@dragons-at-work.de
mail_from = noreply@verlag.dragons-at-work.de
mail_subject_prefix = "[Verlag] "

# Customer with custom SMTP
[api_key "kunde-x-frontend-key"]
name = "Kunde X Website"
permissions = mail:send
allowed_ips = 1.2.3.4/32, 5.6.7.8/32
mail_to = info@kunde-x.de
mail_from = noreply@kunde-x.de
mail_subject_prefix = "[Kunde X] "
# Custom SMTP for this customer
mail_smtp_host = mail.kunde-x.de
mail_smtp_port = 587
mail_smtp_user = noreply@kunde-x.de
mail_smtp_pass = kunde-x-smtp-password
mail_smtp_ssl = true

# Customer with external provider (e.g., Gmail)
[api_key "kunde-y-frontend-key"]
name = "Kunde Y Website"
permissions = mail:send
allowed_ips = 9.10.11.12/32
mail_to = support@kunde-y.com
mail_from = website@kunde-y.com
mail_subject_prefix = "[Kunde Y Support] "
# Gmail SMTP example
mail_smtp_host = smtp.gmail.com
mail_smtp_port = 587
mail_smtp_user = website@kunde-y.com
mail_smtp_pass = gmail-app-password
mail_smtp_ssl = true

# Admin API key (full access for management)
[api_key "admin-management-key"]
name = "Admin Access"
permissions = *, mail:send, auth:status
allowed_ips = 127.0.0.1, 10.0.0.0/8
mail_to = admin@dragons-at-work.de
mail_from = furt-admin@dragons-at-work.de
mail_subject_prefix = "[Furt Admin] "

# Monitoring key (limited access)
[api_key "monitoring-health-key"]
name = "Monitoring Service"
permissions = health:check
allowed_ips = 127.0.0.1, 10.0.0.0/8, 172.16.0.0/12
# No mail config needed for monitoring
feat(config): implement multi-tenant config system (DAW/furt#89) - nginx-style furt.conf configuration - Multi-tenant mail routing per API key - Custom SMTP support per customer - Backward compatibility via server.lua adapter WIP: Ready for testing on werner 2025-08-15 16:18:55 +02:00			`# furt.conf - Multi-Tenant Configuration Example`
			`# Dragons@Work Digital Sovereignty Project`

			`# Server configuration`
			`[server]`
			`host = 127.0.0.1`
feat(config): integrate rate limiting and CORS configuration from furt.conf - Add RateLimiter:configure() function to accept config-based limits - Integrate security section parameters (rate_limit_api_key_max, ip_max, window) - Add CORS configuration from config file with environment fallback - Replace hardcoded rate limiting defaults with configurable values - Add test endpoint control via config.security.enable_test_endpoint - Update startup logging to show actual configured rate limits - Add configuration validation and detailed startup information Rate limiting now uses values from [security] section instead of hardcoded defaults. CORS origins prioritize config file over environment variables. Related to DAW/furt#89 2025-08-29 20:01:47 +02:00			`port = 7811`
feat(config): implement multi-tenant config system (DAW/furt#89) - nginx-style furt.conf configuration - Multi-tenant mail routing per API key - Custom SMTP support per customer - Backward compatibility via server.lua adapter WIP: Ready for testing on werner 2025-08-15 16:18:55 +02:00			`log_level = info`
feat(config): integrate rate limiting and CORS configuration from furt.conf - Add RateLimiter:configure() function to accept config-based limits - Integrate security section parameters (rate_limit_api_key_max, ip_max, window) - Add CORS configuration from config file with environment fallback - Replace hardcoded rate limiting defaults with configurable values - Add test endpoint control via config.security.enable_test_endpoint - Update startup logging to show actual configured rate limits - Add configuration validation and detailed startup information Rate limiting now uses values from [security] section instead of hardcoded defaults. CORS origins prioritize config file over environment variables. Related to DAW/furt#89 2025-08-29 20:01:47 +02:00			`log_requests = true`
			`client_timeout = 10`

			`# CORS configuration`
			`cors_allowed_origins = http://localhost:1313,http://127.0.0.1:1313,https://dragons-at-work.de,https://www.dragons-at-work.de`

			`# Security settings`
			`[security]`
			`rate_limit_api_key_max = 60`
			`rate_limit_ip_max = 100`
			`rate_limit_window = 3600`
			`enable_test_endpoint = false`
feat(config): implement multi-tenant config system (DAW/furt#89) - nginx-style furt.conf configuration - Multi-tenant mail routing per API key - Custom SMTP support per customer - Backward compatibility via server.lua adapter WIP: Ready for testing on werner 2025-08-15 16:18:55 +02:00
			`# Default SMTP settings (used when API keys don't have custom SMTP)`
			`[smtp_default]`
			`host = mail.dragons-at-work.de`
			`port = 465`
			`user = noreply@dragons-at-work.de`
			`password = your-smtp-password-here`
			`use_ssl = true`

			`# Dragons@Work Website`
			`[api_key "daw-frontend-key"]`
			`name = "Dragons@Work Website"`
			`permissions = mail:send`
			`allowed_ips = 127.0.0.1, 10.0.0.0/8, 192.168.0.0/16`
			`mail_to = admin@dragons-at-work.de`
			`mail_from = noreply@dragons-at-work.de`
			`mail_subject_prefix = "[DAW Contact] "`

			`# Biocodie Website (same SMTP, different recipient)`
			`[api_key "bio-frontend-key"]`
			`name = "Biocodie Website"`
			`permissions = mail:send`
			`allowed_ips = 127.0.0.1, 10.0.0.0/8`
			`mail_to = contact@biocodie.de`
			`mail_from = noreply@biocodie.de`
			`mail_subject_prefix = "[Biocodie] "`

			`# Verlag Website`
			`[api_key "verlag-frontend-key"]`
			`name = "Verlag Dragons@Work"`
			`permissions = mail:send`
			`allowed_ips = 127.0.0.1, 10.0.0.0/8`
			`mail_to = verlag@dragons-at-work.de`
			`mail_from = noreply@verlag.dragons-at-work.de`
			`mail_subject_prefix = "[Verlag] "`

			`# Customer with custom SMTP`
			`[api_key "kunde-x-frontend-key"]`
			`name = "Kunde X Website"`
			`permissions = mail:send`
			`allowed_ips = 1.2.3.4/32, 5.6.7.8/32`
			`mail_to = info@kunde-x.de`
			`mail_from = noreply@kunde-x.de`
			`mail_subject_prefix = "[Kunde X] "`
			`# Custom SMTP for this customer`
			`mail_smtp_host = mail.kunde-x.de`
			`mail_smtp_port = 587`
			`mail_smtp_user = noreply@kunde-x.de`
			`mail_smtp_pass = kunde-x-smtp-password`
			`mail_smtp_ssl = true`

			`# Customer with external provider (e.g., Gmail)`
			`[api_key "kunde-y-frontend-key"]`
			`name = "Kunde Y Website"`
			`permissions = mail:send`
			`allowed_ips = 9.10.11.12/32`
			`mail_to = support@kunde-y.com`
			`mail_from = website@kunde-y.com`
			`mail_subject_prefix = "[Kunde Y Support] "`
			`# Gmail SMTP example`
			`mail_smtp_host = smtp.gmail.com`
			`mail_smtp_port = 587`
			`mail_smtp_user = website@kunde-y.com`
			`mail_smtp_pass = gmail-app-password`
			`mail_smtp_ssl = true`

			`# Admin API key (full access for management)`
			`[api_key "admin-management-key"]`
			`name = "Admin Access"`
			`permissions = *, mail:send, auth:status`
			`allowed_ips = 127.0.0.1, 10.0.0.0/8`
			`mail_to = admin@dragons-at-work.de`
			`mail_from = furt-admin@dragons-at-work.de`
			`mail_subject_prefix = "[Furt Admin] "`

			`# Monitoring key (limited access)`
			`[api_key "monitoring-health-key"]`
			`name = "Monitoring Service"`
			`permissions = health:check`
			`allowed_ips = 127.0.0.1, 10.0.0.0/8, 172.16.0.0/12`
			`# No mail config needed for monitoring`