.env.example

# Database Configuration
DATABASE_URL=postgresql://ltx_user:ltx_password@localhost/ltx_db

# API Server Configuration
HOST=0.0.0.0
PORT=3000

# Logging
RUST_LOG=debug

# Cron Service Configuration
CRON_POLL_INTERVAL_S=300

# ============================================================================
# Authentication (Optional)
# ============================================================================
# Set to true to enable password authentication
# When enabled, users must login before accessing the application
ENABLE_AUTH=false

# Required if ENABLE_AUTH=true
# Plain text password - used by the cron service for programmatic authentication
# This should be the same password you use to login through the web interface
AUTH_PASSWORD=

# Required if ENABLE_AUTH=true
# Bcrypt-hashed password for authentication
# Generate with: cargo run --bin generate-password-hash -- your_password_here
# This should be the hash of AUTH_PASSWORD above
# Example (hash of "test_password"):
# AUTH_PASSWORD_HASH=$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/LewY5GyYWNGZqKzRu
AUTH_PASSWORD_HASH=

# Required if ENABLE_AUTH=true
# Secret key for signing session cookies
# Generate with: openssl rand -base64 32
# Example:
# SESSION_SECRET=your_base64_secret_here_32_bytes_or_more
SESSION_SECRET=

# Optional - Session duration in seconds (default: 86400 = 24 hours)
SESSION_DURATION_SECONDS=86400

# ============================================================================
# TLS/HTTPS Configuration (Required)
# ============================================================================
# Path to TLS certificate file (PEM format)
# Generate with: ./make_tls_cert.sh
TLS_CERT_PATH=./certs/cert.pem

# Path to TLS private key file (PEM format)
# Generate with: ./make_tls_cert.sh
TLS_KEY_PATH=./certs/key.pem

# For development: Accept self-signed certificates in cron service
# Set to "true" when using self-signed certificates
# MUST be "false" or unset in production
ACCEPT_INVALID_CERTS=true