# =====================================================
# DECKERR DOCKER CONFIGURATION
# =====================================================
# Copy this file to .env and configure your settings
#
# Two deployment modes available:
#   1. External Supabase: Use docker-compose.yml (simpler)
#   2. Self-hosted Supabase: Use docker-compose.selfhosted.yml (full stack)
# =====================================================

# =====================================================
# MODE 1: EXTERNAL SUPABASE (docker-compose.yml)
# =====================================================
# Use this if you have:
# - A Supabase cloud account (supabase.com)
# - A separately self-hosted Supabase instance
# - Access to a paid hosted Supabase service

# Your Supabase project URL
VITE_SUPABASE_URL=https://your-project.supabase.co

# Your Supabase anonymous/public key
VITE_SUPABASE_ANON_KEY=your-anon-key-here

# Port to run Deckerr on (default: 3000)
PORT=3000


# =====================================================
# MODE 2: SELF-HOSTED SUPABASE (docker-compose.selfhosted.yml)
# =====================================================
# Use this to run everything locally, including Supabase

# --- Site Configuration ---
# Your domain or IP address (used for redirects)
SITE_URL=http://localhost:3000

# External API URL (Kong gateway)
API_EXTERNAL_URL=http://localhost:8000

# --- Port Configuration ---
DECKERR_PORT=3000
KONG_HTTP_PORT=8000
KONG_HTTPS_PORT=8443
POSTGRES_PORT=5432

# --- Security Keys ---
# IMPORTANT: Generate secure random values for production!
# You can use: openssl rand -base64 32

# PostgreSQL password
POSTGRES_PASSWORD=your-super-secret-postgres-password

# JWT Secret (must be at least 32 characters)
# Generate with: openssl rand -base64 32
JWT_SECRET=your-super-secret-jwt-token-with-at-least-32-characters

# JWT Expiry in seconds (default: 3600 = 1 hour)
JWT_EXPIRY=3600

# Supabase Anonymous Key
# Generate at: https://supabase.com/docs/guides/self-hosting#api-keys
# Or use: npx @supabase/cli@latest gen key --type anon --jwt-secret "YOUR_JWT_SECRET"
ANON_KEY=your-anon-key

# Supabase Service Role Key (admin access)
# Generate at: https://supabase.com/docs/guides/self-hosting#api-keys
# Or use: npx @supabase/cli@latest gen key --type service_role --jwt-secret "YOUR_JWT_SECRET"
SERVICE_ROLE_KEY=your-service-role-key

# --- Email Configuration (Optional) ---
# Required for email verification and password reset
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_USER=your-email@example.com
SMTP_PASS=your-email-password
SMTP_ADMIN_EMAIL=admin@example.com
SMTP_SENDER_NAME=Deckerr

# Enable email auto-confirm (set to true to skip email verification)
ENABLE_EMAIL_AUTOCONFIRM=true

# --- Feature Flags ---
# Disable new user signups
DISABLE_SIGNUP=false

# Enable email signup
ENABLE_EMAIL_SIGNUP=true

# Enable anonymous users
ENABLE_ANONYMOUS_USERS=false

# --- Advanced ---
# Additional redirect URLs (comma-separated)
ADDITIONAL_REDIRECT_URLS=

# PostgREST schemas
PGRST_DB_SCHEMAS=public,graphql_public