# ===================================
# APPLICATION CONFIGURATION
# ===================================
APP_VERSION=1.0.5
APP_NAME="Padi REST API Framework"
APP_ENV=production
APP_DEBUG=false
# Base URL of the application (leave empty to auto-detect from request)
APP_URL=https://simapi.smkn1cipeundeuy.sch.id/

# Show detailed query information in debug (only works if APP_DEBUG=true and APP_ENV=development)
DEBUG_SHOW_QUERIES=true

# Show all database errors in debug response (only works if APP_DEBUG=true)
DEBUG_SHOW_ALL_DB_ERRORS=false

# Response format: full (framework standard), simple (status/code/item), raw (data only)
RESPONSE_FORMAT=full

# Enable gzip compression for responses (recommended: true)
ENABLE_COMPRESSION=true

# ===================================
# DATABASE CONFIGURATION
# ===================================

# Default database connection to use (mysql, mariadb, pgsql, sqlite)
DB_CONNECTION=mysql

# MySQL/MariaDB Configuration (Default)
DB_HOST=localhost
DB_PORT=3306
DB_DATABASE=smkncip1_sim
DB_USERNAME=smkncip1_sim
DB_PASSWORD=c6QQ%kql(X*t
DB_CHARSET=utf8mb4
DB_COLLATION=utf8mb4_unicode_ci

# MariaDB Configuration (Optional - if using separate MariaDB)
MARIADB_HOST=localhost
MARIADB_PORT=3306
MARIADB_DATABASE=rest_api_db
MARIADB_USERNAME=root
MARIADB_PASSWORD=

# PostgreSQL Configuration (Optional)
PGSQL_HOST=localhost
PGSQL_PORT=5432
PGSQL_DATABASE=rest_api_db
PGSQL_USERNAME=postgres
PGSQL_PASSWORD=
PGSQL_CHARSET=utf8
PGSQL_SCHEMA=public

# SQLite Configuration (Optional)
# Path can be absolute or relative to the project root
# Use :memory: for an in-memory database
SQLITE_DATABASE=database/database.sqlite

# ===================================
# SECURITY CONFIGURATION
# ===================================

# JWT Secret - MUST be at least 32 characters!
# Generate a strong secret: php -r "echo bin2hex(random_bytes(32));"
# CRITICAL: Change this in production!
JWT_SECRET=c308bbb9290a7484b22015dd4da1d6e73979cd68d7912eeff21d3bee3067ca4b
QR_SECRET=padi_qr_secret_2026_change_me

# JWT Algorithm (HS256, HS384, HS512)
JWT_ALGORITHM=HS256

# JWT Token Expiry (in seconds) - Default: 3600 (1 hour)
JWT_EXPIRY=3600

# ===================================
# CORS CONFIGURATION
# ===================================

# Allowed origins for CORS (comma-separated)
# In development, wildcard (*) is used automatically
# In production, specify exact domains
# Example: CORS_ALLOWED_ORIGINS=https://yourdomain.com,https://app.yourdomain.com
CORS_ALLOWED_ORIGINS=https://sim.smkn1cipeundeuy.sch.id/

# ===================================
# RATE LIMITING
# ===================================

# Maximum requests per window
RATE_LIMIT_MAX=60

# Time window in seconds
RATE_LIMIT_WINDOW=60

# ===================================
# EMAIL CONFIGURATION (For Queue Jobs)
# ===================================
MAIL_DRIVER=smtp
MAIL_HOST=smtp.mailtrap.io
MAIL_PORT=2525
MAIL_USERNAME=
MAIL_PASSWORD=
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS=noreply@restapi.local
MAIL_FROM_NAME="${APP_NAME}"

# ===================================
# CACHE CONFIGURATION
# ===================================

# Cache driver: file|redis
# - file: Simple file-based cache (default, no dependencies)
# - redis: Redis cache (requires Redis server, recommended for production)
CACHE_DRIVER=file

# Maximum entries in L1 in-memory cache (per worker process)
CACHE_L1_MAX=1000

# Redis Configuration (when CACHE_DRIVER=redis)
# For Docker: REDIS_HOST=redis
# For local: REDIS_HOST=127.0.0.1
REDIS_HOST=127.0.0.1
REDIS_PORT=6379
REDIS_USERNAME=
REDIS_PASSWORD=
REDIS_DATABASE=0
REDIS_PREFIX=padi:

# ===================================
# QUEUE CONFIGURATION
# ===================================

# Queue driver: sync|database|redis
QUEUE_DRIVER=sync

# ===================================
# LOGGING
# ===================================

# Log level: debug|info|warning|error
LOG_LEVEL=debug

# ===================================
# SESSION
# ===================================
SESSION_LIFETIME=120
SESSION_DRIVER=file

# ===================================
# PRODUCTION CHECKLIST
# ===================================
# Before deploying to production, ensure:
# 1. APP_ENV=production
# 2. APP_DEBUG=false
# 3. DEBUG_SHOW_QUERIES=false
# 4. JWT_SECRET is 32+ random characters (use: php -r "echo bin2hex(random_bytes(32));")
# 5. CORS_ALLOWED_ORIGINS contains only your trusted domains
# 6. Strong database credentials (DB_USER, DB_PASS)
# 7. SSL/TLS enabled (HTTPS)
# 8. Rate limiting properly configured
# 9. Email credentials configured
# 10. Consider using Redis for cache and rate limiting
