# =============================================================================
# Meldestelle - Production Environment Configuration
# =============================================================================
# Production-specific environment variables
# IMPORTANT: Change all CHANGE_ME values before deployment!
# =============================================================================

# =============================================================================
# 1. APPLICATION CONFIGURATION
# =============================================================================
APP_NAME=Meldestelle
APP_VERSION=1.0.0
APP_DESCRIPTION='Pferdesport Meldestelle System'
APP_ENVIRONMENT=production
APP_HOST=0.0.0.0

# Production settings
DEBUG_MODE=false
DEV_HOT_RELOAD=false

# =============================================================================
# 2. PORT MANAGEMENT
# =============================================================================
# Gateway Ports
GATEWAY_PORT=8081
GATEWAY_ADMIN_PORT=8080

# Service Ports
PING_SERVICE_PORT=8082
MEMBERS_SERVICE_PORT=8083
HORSES_SERVICE_PORT=8084
EVENTS_SERVICE_PORT=8085
MASTERDATA_SERVICE_PORT=8086
AUTH_SERVICE_PORT=8087

# Infrastructure Ports
CONSUL_PORT=8500
REDIS_PORT=6379
KAFKA_PORT=9092
PROMETHEUS_PORT=9090
GRAFANA_PORT=3000

# =============================================================================
# 3. DATABASE CONFIGURATION
# =============================================================================
DB_HOST=postgres
DB_PORT=5432
DB_NAME=meldestelle_prod
DB_USER=meldestelle_prod
DB_PASSWORD=CHANGE_ME_STRONG_DB_PASSWORD_HERE
DB_MAX_POOL_SIZE=20
DB_MIN_POOL_SIZE=10
DB_AUTO_MIGRATE=false

POSTGRES_USER=meldestelle_prod
POSTGRES_PASSWORD=CHANGE_ME_STRONG_DB_PASSWORD_HERE
POSTGRES_DB=meldestelle_prod
POSTGRES_EXTERNAL_PORT=5432

# =============================================================================
# 4. REDIS CONFIGURATION
# =============================================================================
REDIS_EVENT_STORE_HOST=redis
REDIS_EVENT_STORE_PORT=6379
REDIS_EVENT_STORE_PASSWORD=CHANGE_ME_STRONG_REDIS_PASSWORD_HERE
REDIS_EVENT_STORE_DATABASE=0
REDIS_EVENT_STORE_CONNECTION_TIMEOUT=5000
REDIS_EVENT_STORE_READ_TIMEOUT=5000
REDIS_EVENT_STORE_USE_POOLING=true
REDIS_EVENT_STORE_MAX_POOL_SIZE=20
REDIS_EVENT_STORE_MIN_POOL_SIZE=5

REDIS_CACHE_HOST=redis
REDIS_CACHE_PORT=6379
REDIS_CACHE_PASSWORD=CHANGE_ME_STRONG_REDIS_PASSWORD_HERE
REDIS_CACHE_DATABASE=1

REDIS_EXTERNAL_PORT=6379
REDIS_PASSWORD=CHANGE_ME_STRONG_REDIS_PASSWORD_HERE

# =============================================================================
# 5. SECURITY CONFIGURATION
# =============================================================================
JWT_SECRET=CHANGE_ME_STRONG_JWT_SECRET_AT_LEAST_256_BITS_HERE
JWT_ISSUER=meldestelle-api-prod
JWT_AUDIENCE=meldestelle-clients-prod
JWT_REALM=meldestelle-prod
API_KEY=CHANGE_ME_STRONG_API_KEY_HERE

# =============================================================================
# 6. KEYCLOAK CONFIGURATION
# =============================================================================
KEYCLOAK_ADMIN=CHANGE_ME_ADMIN_USERNAME
KEYCLOAK_ADMIN_PASSWORD=CHANGE_ME_STRONG_ADMIN_PASSWORD_HERE
KC_DB=postgres
KC_DB_URL=jdbc:postgresql://postgres:5432/keycloak_prod
KC_DB_USERNAME=keycloak_prod
KC_DB_PASSWORD=CHANGE_ME_STRONG_KEYCLOAK_DB_PASSWORD_HERE
KC_HOSTNAME=auth.yourdomain.com

# =============================================================================
# 7. SERVICE DISCOVERY
# =============================================================================
CONSUL_HOST=consul
CONSUL_ENABLED=true
SERVICE_DISCOVERY_ENABLED=true
SERVICE_DISCOVERY_REGISTER_SERVICES=true
SERVICE_DISCOVERY_HEALTH_CHECK_PATH=/health
SERVICE_DISCOVERY_HEALTH_CHECK_INTERVAL=30

# =============================================================================
# 8. MESSAGING (Kafka)
# =============================================================================
ZOOKEEPER_CLIENT_PORT=2181
KAFKA_BROKER_ID=1
KAFKA_ZOOKEEPER_CONNECT=zookeeper:2181
KAFKA_ADVERTISED_LISTENERS=PLAINTEXT://kafka:29092,PLAINTEXT_HOST://localhost:9092
KAFKA_LISTENER_SECURITY_PROTOCOL_MAP=PLAINTEXT:PLAINTEXT,PLAINTEXT_HOST:PLAINTEXT
KAFKA_INTER_BROKER_LISTENER_NAME=PLAINTEXT
KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR=1

# =============================================================================
# 9. MONITORING
# =============================================================================
GF_SECURITY_ADMIN_USER=CHANGE_ME_GRAFANA_ADMIN_USERNAME
GF_SECURITY_ADMIN_PASSWORD=CHANGE_ME_STRONG_GRAFANA_PASSWORD_HERE
GF_USERS_ALLOW_SIGN_UP=false

METRICS_AUTH_USERNAME=CHANGE_ME_METRICS_USERNAME
METRICS_AUTH_PASSWORD=CHANGE_ME_STRONG_METRICS_PASSWORD_HERE

GRAFANA_HOSTNAME=monitoring.yourdomain.com
PROMETHEUS_HOSTNAME=metrics.yourdomain.com

# =============================================================================
# 10. LOGGING CONFIGURATION
# =============================================================================
LOGGING_LEVEL=INFO
LOGGING_REQUESTS=false
LOGGING_RESPONSES=false
LOGGING_REQUEST_HEADERS=false
LOGGING_REQUEST_BODY=false
LOGGING_RESPONSE_HEADERS=false
LOGGING_RESPONSE_BODY=false
LOGGING_STRUCTURED=true
LOGGING_CORRELATION_ID=true
LOGGING_REQUEST_ID_HEADER=X-Request-ID

# =============================================================================
# 11. CORS AND RATE LIMITING
# =============================================================================
SERVER_CORS_ENABLED=true
SERVER_CORS_ALLOWED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com
RATELIMIT_ENABLED=true
RATELIMIT_GLOBAL_LIMIT=1000
RATELIMIT_GLOBAL_PERIOD_MINUTES=1
RATELIMIT_INCLUDE_HEADERS=true

# =============================================================================
# 12. SPRING PROFILES AND GATEWAY
# =============================================================================
SPRING_PROFILES_ACTIVE=prod
GATEWAY_ADMIN_USER=CHANGE_ME_GATEWAY_ADMIN_USERNAME
GATEWAY_ADMIN_PASSWORD=CHANGE_ME_STRONG_GATEWAY_ADMIN_PASSWORD_HERE