# Gondulf IndieAuth Server Configuration
# Copy this file to .env and fill in your values

# REQUIRED - Secret key for cryptographic operations
# Generate with: python -c "import secrets; print(secrets.token_urlsafe(32))"
GONDULF_SECRET_KEY=

# Database Configuration
# Default: sqlite:///./data/gondulf.db (relative to working directory)
# Production example: sqlite:////var/lib/gondulf/gondulf.db
GONDULF_DATABASE_URL=sqlite:///./data/gondulf.db

# SMTP Configuration for Email Verification
# Use port 587 with STARTTLS (most common) or port 465 for implicit TLS
GONDULF_SMTP_HOST=localhost
GONDULF_SMTP_PORT=587
GONDULF_SMTP_USERNAME=
GONDULF_SMTP_PASSWORD=
GONDULF_SMTP_FROM=noreply@example.com
GONDULF_SMTP_USE_TLS=true

# Token and Code Expiry (in seconds)
# GONDULF_TOKEN_EXPIRY: How long access tokens are valid (default: 3600 = 1 hour)
# GONDULF_CODE_EXPIRY: How long authorization/verification codes are valid (default: 600 = 10 minutes)
GONDULF_TOKEN_EXPIRY=3600
GONDULF_CODE_EXPIRY=600

# Logging Configuration
# LOG_LEVEL: DEBUG, INFO, WARNING, ERROR, CRITICAL
# DEBUG: Enable debug mode (sets LOG_LEVEL to DEBUG if not specified)
GONDULF_LOG_LEVEL=INFO
GONDULF_DEBUG=false