# ------------------------------
# Application
# ------------------------------
# Display name used in API docs/UI.
APP_NAME=NexaPG Monitor
# Runtime environment: dev | staging | prod | test
ENVIRONMENT=dev
# Backend log level: DEBUG | INFO | WARNING | ERROR
LOG_LEVEL=INFO

# ------------------------------
# Core Database (internal metadata DB)
# ------------------------------
# Database that stores users, targets, metrics, query stats, and audit logs.
DB_NAME=nexapg
DB_USER=nexapg
DB_PASSWORD=nexapg
# Host port mapped to the internal PostgreSQL container port 5432.
DB_PORT=5433

# ------------------------------
# Backend API
# ------------------------------
# Host port mapped to backend container port 8000.
BACKEND_PORT=8000
# JWT signing secret. Change this in every non-local environment.
JWT_SECRET_KEY=change_this_super_secret
JWT_ALGORITHM=HS256
# Access token lifetime in minutes.
JWT_ACCESS_TOKEN_MINUTES=15
# Refresh token lifetime in minutes (10080 = 7 days).
JWT_REFRESH_TOKEN_MINUTES=10080
# Key used to encrypt monitored target passwords at rest.
# Generate with:
# python -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
ENCRYPTION_KEY=REPLACE_WITH_FERNET_KEY
# Allowed CORS origins for browser clients.
# Use comma-separated values, e.g.:
# CORS_ORIGINS=http://localhost:5173,https://nexapg.example.com
# Dev-only shortcut:
# CORS_ORIGINS=*
CORS_ORIGINS=http://localhost:5173,http://localhost:8080
# Target polling interval in seconds.
POLL_INTERVAL_SECONDS=30
# Active Connection Ratio alert is only evaluated when total sessions
# are at least this number (reduces false positives on low-traffic DBs).
ALERT_ACTIVE_CONNECTION_RATIO_MIN_TOTAL_CONNECTIONS=5
# Rollback Ratio tuning to reduce false positives on low traffic.
ALERT_ROLLBACK_RATIO_WINDOW_MINUTES=15
ALERT_ROLLBACK_RATIO_MIN_TOTAL_TRANSACTIONS=100
ALERT_ROLLBACK_RATIO_MIN_ROLLBACKS=10
# Initial admin bootstrap user (created on first startup if not present).
INIT_ADMIN_EMAIL=admin@example.com
INIT_ADMIN_PASSWORD=ChangeMe123!

# ------------------------------
# Frontend
# ------------------------------
# Host port mapped to frontend container port 80.
FRONTEND_PORT=5173
# Base API URL used at frontend build time.
# For reverse proxy + SSL, keep this relative to avoid mixed-content issues.
# Example direct mode: VITE_API_URL=http://localhost:8000/api/v1
VITE_API_URL=/api/v1