# furt-lua/.env.production
# Production Environment Configuration Template

# =====================================
# API KEYS (CHANGE THESE!)
# =====================================
# Generate secure keys: openssl rand -hex 32
HUGO_API_KEY=daw-hugo-$(openssl rand -hex 16)
ADMIN_API_KEY=daw-admin-$(openssl rand -hex 16)
MONITORING_API_KEY=daw-monitor-$(openssl rand -hex 16)

# =====================================
# SMTP CONFIGURATION
# =====================================
SMTP_HOST=mail.dragons-at-work.de
SMTP_PORT=465
SMTP_USERNAME=noreply@dragons-at-work.de
SMTP_PASSWORD=your-secure-smtp-password-here
SMTP_FROM=noreply@dragons-at-work.de
SMTP_TO=michael@dragons-at-work.de

# =====================================
# CORS CONFIGURATION (Production Domains)
# =====================================
CORS_ALLOWED_ORIGINS=https://dragons-at-work.de,https://www.dragons-at-work.de

# =====================================
# GATEWAY CONFIGURATION
# =====================================
GATEWAY_HOST=127.0.0.1
GATEWAY_PORT=8080
GATEWAY_LOG_LEVEL=warn

# =====================================
# SECURITY SETTINGS
# =====================================
# Test endpoint (disable in production)
ENABLE_TEST_ENDPOINT=false

# Rate limiting (production values)
RATE_LIMIT_API_KEY_MAX=60
RATE_LIMIT_IP_MAX=100
RATE_LIMIT_WINDOW=3600

# =====================================
# DEVELOPMENT SETTINGS (Remove in production)
# =====================================
# DEBUG=false
# LOG_REQUESTS=false