# ===========================================
# Secure Portal - Environment Configuration
# ===========================================
# Kopieren nach .env und Werte anpassen:
#   cp .env.example .env
#
# Secrets generieren:
#   openssl rand -base64 32
# ===========================================

# ----- Datenbank (PostgreSQL) -----
POSTGRES_USER=portal_user
POSTGRES_PASSWORD=change_this_password
POSTGRES_DB=secure_portal

# ----- Redis -----
REDIS_PASSWORD=change_this_redis_password

# ----- JWT Secrets (WICHTIG: ändern!) -----
# Generieren mit: openssl rand -base64 32
JWT_ACCESS_SECRET=change_this_secret_key_for_production_32_chars
JWT_REFRESH_SECRET=change_this_refresh_secret_key_production_32

# ----- Encryption Key (WICHTIG: exakt 32 Zeichen!) -----
# Generieren mit: openssl rand -base64 32 | cut -c1-32
ENCRYPTION_KEY=change_this_32_character_key_prod

# ----- URLs -----
# Frontend URL (wo die App läuft)
FRONTEND_URL=https://portal.example.com
# Password Reset Link in E-Mails
PASSWORD_RESET_URL=https://portal.example.com/password-reset
# API URL für Frontend (muss vom Browser erreichbar sein)
VITE_API_URL=https://portal.example.com/api
# CORS erlaubte Origins (kommagetrennt für mehrere)
CORS_ORIGIN=https://portal.example.com

# ----- Email Configuration -----
# Provider: brevo, sendgrid, smtp
MAIL_PROVIDER=smtp
MAIL_FROM_EMAIL=noreply@example.com
MAIL_FROM_NAME=Secure Portal

# Brevo (wenn MAIL_PROVIDER=brevo)
BREVO_API_KEY=your_brevo_api_key_here

# SendGrid (wenn MAIL_PROVIDER=sendgrid)
SENDGRID_API_KEY=your_sendgrid_api_key_here

# SMTP (wenn MAIL_PROVIDER=smtp)
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_USER=your_smtp_user
SMTP_PASSWORD=your_smtp_password
SMTP_SECURE=false

# ----- Lizenzierung (optional) -----
LICENSE_SERVER_URL=https://license.unixweb.de
LICENSE_KEY=

# ----- Feature Toggles -----
# Registrierung deaktivieren nach Admin-Erstellung
ENABLE_REGISTER=true

# ----- Docker Registry Version (für docker-compose.registry.yml) -----
VERSION=1.0.3