# Production Environment Configuration
# WICHTIG: Dieses File nach .env.production kopieren und anpassen!

# Application Settings
APP_ENV=production
APP_DEBUG=false
APP_NAME="Michael Schiemer"
APP_KEY=base64:kJH8fsd89fs8df7sdf8sdf7sd8f7sdf
APP_TIMEZONE=Europe/Berlin
APP_LOCALE=de

# Database Configuration (Production)
DB_DRIVER=mysql
DB_HOST=db
DB_PORT=3306
DB_DATABASE=michaelschiemer
DB_USERNAME=mdb-user
DB_PASSWORD=StartSimple2024!
DB_CHARSET=utf8mb4

# Security Configuration
SECURITY_ALLOWED_HOSTS=localhost,michaelschiemer.de,www.michaelschiemer.de
SECURITY_RATE_LIMIT_PER_MINUTE=30
SECURITY_RATE_LIMIT_BURST=5
SESSION_LIFETIME=1800

# Docker Production Configuration
RESTART_POLICY=always
VOLUME_MODE=ro
LOG_DRIVER=json-file
LOG_MAX_SIZE=10m
LOG_MAX_FILE=3
LOG_LABELS=environment=production

# PHP Production Settings
PHP_USER=www-data:www-data
PHP_IDE_CONFIG=""
XDEBUG_MODE=off
COMPOSER_INSTALL_FLAGS=--no-dev --optimize-autoloader --classmap-authoritative

# Resource Limits (Production)
WEB_MEMORY_LIMIT=256M
WEB_CPU_LIMIT=0.5
WEB_MEMORY_RESERVATION=128M
WEB_CPU_RESERVATION=0.25

PHP_MEMORY_LIMIT=512M
PHP_CPU_LIMIT=1.0
PHP_MEMORY_RESERVATION=256M
PHP_CPU_RESERVATION=0.5

DB_MEMORY_LIMIT=1G
DB_CPU_LIMIT=1.0
DB_MEMORY_RESERVATION=512M
DB_CPU_RESERVATION=0.5

REDIS_MEMORY_LIMIT=256M
REDIS_CPU_LIMIT=0.5
REDIS_MEMORY_RESERVATION=128M
REDIS_CPU_RESERVATION=0.25

# Network Security (Production)
NETWORK_BACKEND_INTERNAL=true
NETWORK_CACHE_INTERNAL=true

# Production-specific configs
DB_PORT=
REDIS_CONFIG_PATH=./docker/redis/redis-secure.conf
DB_CONFIG_PATH=./docker/mysql/conf.d/security.cnf
HEALTHCHECK_START_PERIOD=30s

# Production ports (only HTTPS)
APP_PORT=
APP_SSL_PORT=443

# External APIs (Production)
SHOPIFY_WEBHOOK_SECRET=SECURE_WEBHOOK_SECRET_HERE
RAPIDMAIL_USERNAME=production_username
RAPIDMAIL_PASSWORD=SECURE_API_PASSWORD_HERE
RAPIDMAIL_TEST_MODE=false

# SSL/TLS Configuration
APP_SSL_PORT=443
FORCE_HTTPS=true

# Docker Production Settings
COMPOSE_PROJECT_NAME=framework-production
UID=1000
GID=1000

# Performance Settings
OPCACHE_ENABLED=true
REDIS_HOST=production-redis-host
REDIS_PORT=6379
REDIS_PASSWORD=SECURE_REDIS_PASSWORD_HERE

# Analytics Configuration (Production)
ANALYTICS_ENABLED=true
ANALYTICS_TRACK_PAGE_VIEWS=true
ANALYTICS_TRACK_API_CALLS=true
ANALYTICS_TRACK_USER_ACTIONS=true
ANALYTICS_TRACK_ERRORS=true
ANALYTICS_TRACK_PERFORMANCE=false  # Disable debug performance tracking

# Session Fingerprinting (Production - Stricter)
SESSION_FINGERPRINT_STRICT=true
SESSION_FINGERPRINT_USER_AGENT=true
SESSION_FINGERPRINT_ACCEPT_LANGUAGE=true
SESSION_FINGERPRINT_IP_PREFIX=true
SESSION_FINGERPRINT_THRESHOLD=0.8

# JavaScript Logger Configuration
VITE_LOG_LEVEL=error

# CRITICAL: Disable Xdebug in production
XDEBUG_MODE=off

# Admin IP Whitelist (comma-separated)
# Add your office/home IP for production admin access
ADMIN_ALLOWED_IPS=127.0.0.1,::1