Rustelo/config/examples/full-featured.toml

# Full-Featured Configuration Example
# This configuration demonstrates all available features and settings
# Use this as a reference for comprehensive deployments

[server]
protocol = "https"
host = "0.0.0.0"
port = 443
environment = "production"
log_level = "info"

[server.tls]
cert_path = "certs/server.crt"
key_path = "certs/server.key"

[app]
name = "Rustelo-full-featured"
version = "0.1.0"
debug = false
enable_metrics = true
enable_health_check = true
enable_compression = true
max_request_size = 52428800  # 50MB

[database]
url = "postgresql://rustelo:secure_password@localhost:5432/rustelo_full"
max_connections = 25
min_connections = 5
connect_timeout = 30
idle_timeout = 600
max_lifetime = 1800

[database.migrations]
auto_migrate = true
migration_dir = "migrations"
create_db_if_missing = true

[database.health]
enable_ping = true
ping_timeout = 5
max_retries = 3

[database.logging]
log_queries = false
log_slow_queries = true
slow_query_threshold = 500  # milliseconds

[session]
secret = "@encrypted_session_secret"
cookie_name = "rustelo_session"
cookie_secure = true
cookie_http_only = true
cookie_same_site = "strict"
max_age = 7200  # 2 hours

[security]
enable_csrf = true
csrf_token_name = "csrf_token"
rate_limit_requests = 1000
rate_limit_window = 60
bcrypt_cost = 14

[cors]
allowed_origins = ["https://yourdomain.com", "https://api.yourdomain.com", "https://admin.yourdomain.com"]
allowed_methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"]
allowed_headers = ["Content-Type", "Authorization", "X-Requested-With", "X-API-Key"]
allow_credentials = true
max_age = 86400

[static]
assets_dir = "public"
site_root = "target/site"
site_pkg_dir = "pkg"

[server_dirs]
public_dir = "public"
uploads_dir = "uploads"
logs_dir = "logs"
temp_dir = "tmp"
cache_dir = "cache"
config_dir = "config"
data_dir = "data"
backup_dir = "backups"

[logging]
format = "json"
level = "info"
file_path = "logs/full_app.log"
max_file_size = 52428800  # 50MB
max_files = 10
enable_console = false
enable_file = true

# Authentication Configuration
[auth]
enabled = true

[auth.jwt]
secret = "@encrypted_jwt_secret"
expiration = 86400  # 24 hours
refresh_token_expiration = 604800  # 7 days
algorithm = "HS256"
issuer = "rustelo-full"
audience = "rustelo-users"

[auth.password]
min_length = 12
require_uppercase = true
require_lowercase = true
require_numbers = true
require_special_chars = true
max_age_days = 90
history_count = 12

[auth.security]
max_login_attempts = 3
lockout_duration = 1800  # 30 minutes
session_timeout = 7200  # 2 hours
require_email_verification = true
password_reset_timeout = 3600  # 1 hour

[auth.two_factor]
enabled = true
backup_codes_count = 10
totp_issuer = "Rustelo Full Featured"
totp_digits = 6
totp_period = 30

[auth.registration]
enabled = true
require_email_verification = true
auto_approve = false
default_role = "user"
allowed_domains = ["yourdomain.com", "trusted-partner.com"]

[auth.sessions]
cleanup_interval = 1800  # 30 minutes
max_concurrent_sessions = 3
remember_me_duration = 2592000  # 30 days

[auth.rate_limiting]
login_attempts_per_minute = 3
registration_attempts_per_hour = 2
password_reset_attempts_per_hour = 2

# OAuth Configuration
[oauth]
enabled = true

[oauth.google]
client_id = "@encrypted_google_client_id"
client_secret = "@encrypted_google_client_secret"
redirect_uri = "https://yourdomain.com/auth/google/callback"

[oauth.github]
client_id = "@encrypted_github_client_id"
client_secret = "@encrypted_github_client_secret"
redirect_uri = "https://yourdomain.com/auth/github/callback"

# Email Configuration
[email]
enabled = true
from_email = "noreply@yourdomain.com"
from_name = "Rustelo Full Featured"
reply_to = "support@yourdomain.com"
default_provider = "smtp"

[email.smtp]
host = "smtp.yourdomain.com"
port = 587
username = "@encrypted_smtp_username"
password = "@encrypted_smtp_password"
use_tls = true
use_starttls = true
timeout = 30
pool_size = 10

[email.templates]
template_dir = "templates/email"
default_language = "en"
supported_languages = ["en", "es", "fr", "de", "ja"]
cache_templates = true
reload_on_change = false

[email.queue]
enabled = true
max_retry_attempts = 5
retry_delay = 120  # seconds
batch_size = 25
processing_interval = 15  # seconds

[email.rate_limiting]
max_emails_per_minute = 100
max_emails_per_hour = 5000
max_emails_per_day = 50000
burst_limit = 50

[email.validation]
check_mx_records = true
check_disposable_domains = true
allowed_domains = []
blocked_domains = ["tempmail.org", "10minutemail.com", "guerrillamail.com"]

[email.bounce_handling]
enabled = true
webhook_url = "/webhooks/email/bounce"
webhook_secret = "@encrypted_email_webhook_secret"
max_bounce_rate = 0.02  # 2%
auto_suppress_bounces = true

[email.security]
enable_dkim = true
dkim_selector = "default"
dkim_private_key_path = "certs/dkim_private.key"
enable_spf = true
enable_dmarc = true

# Content Management Configuration
[content]
enabled = true
content_dir = "content"
cache_enabled = true
cache_ttl = 7200  # 2 hours
max_file_size = 10485760  # 10MB
auto_save_interval = 30  # seconds
enable_versioning = true
max_versions = 25

[content.types.article]
enabled = true
template = "article.hbs"
slug_prefix = "articles"
allow_comments = true
enable_seo = true
max_length = 100000

[content.types.page]
enabled = true
template = "page.hbs"
slug_prefix = "pages"
allow_comments = false
enable_seo = true
max_length = 200000

[content.types.blog_post]
enabled = true
template = "blog_post.hbs"
slug_prefix = "blog"
allow_comments = true
enable_seo = true
max_length = 50000
enable_series = true

[content.markdown]
enable_syntax_highlighting = true
theme = "github"
enable_tables = true
enable_strikethrough = true
enable_autolinks = true
enable_task_lists = true
enable_footnotes = true
enable_math = true
heading_anchors = true
code_block_line_numbers = true

[content.seo]
auto_generate_meta = true
default_meta_description_length = 160
auto_generate_og_tags = true
enable_json_ld = true
sitemap_enabled = true
sitemap_path = "/sitemap.xml"
robots_txt_enabled = true

[content.publishing]
auto_publish = false
require_review = true
enable_drafts = true
enable_scheduling = true
default_status = "draft"

[content.taxonomy]
enable_categories = true
max_categories_per_content = 10
enable_tags = true
max_tags_per_content = 50
enable_hierarchical_categories = true

[content.media]
enabled = true
upload_dir = "uploads/content"
allowed_extensions = ["jpg", "jpeg", "png", "gif", "webp", "svg", "pdf", "doc", "docx", "mp4", "webm"]
max_file_size = 52428800  # 50MB
enable_image_optimization = true
generate_thumbnails = true
thumbnail_sizes = [150, 300, 600, 1200, 1920]

[content.media.images]
auto_optimize = true
quality = 90
progressive_jpeg = true
strip_metadata = true
enable_webp_conversion = true
enable_lazy_loading = true

[content.search]
enabled = true
search_engine = "database"
index_content = true
index_metadata = true
search_fields = ["title", "content", "excerpt", "tags", "categories", "author"]
min_search_length = 2
max_results = 100

[content.search.fulltext]
enable_stemming = true
enable_fuzzy_search = true
fuzzy_distance = 2
boost_title = 3.0
boost_tags = 2.0
boost_categories = 1.5

[content.cache]
enable_redis = true
redis_url = "redis://localhost:6379/1"
redis_prefix = "content:"
cache_rendered_content = true
cache_search_results = true
search_cache_ttl = 600  # 10 minutes

[content.api]
enabled = true
enable_public_api = true
enable_admin_api = true
api_prefix = "/api/content"
rate_limit_per_minute = 200
require_auth_for_write = true
enable_bulk_operations = true

[content.backup]
enabled = true
backup_interval = 43200  # 12 hours
backup_retention_days = 90
backup_dir = "backups/content"
include_media = true
compress_backups = true

[content.workflows]
enabled = true
require_approval = true
approval_roles = ["editor", "admin"]
notification_on_submission = true
notification_on_approval = true
auto_notify_authors = true

[content.comments]
enabled = true
require_approval = true
enable_replies = true
max_nesting_level = 5
enable_voting = true
enable_email_notifications = true
anti_spam_enabled = true

[content.analytics]
track_views = true
track_reading_time = true
track_popular_content = true
analytics_retention_days = 365
enable_heatmaps = true

[content.feeds]
enabled = true
rss_enabled = true
atom_enabled = true
feed_title = "Rustelo Full Featured Content"
feed_description = "Latest content from our full-featured Rustelo application"
max_items = 50
include_full_content = true

[content.security]
enable_content_sanitization = true
allowed_html_tags = ["p", "br", "strong", "em", "ul", "ol", "li", "h1", "h2", "h3", "h4", "h5", "h6", "blockquote", "code", "pre", "a", "img", "table", "thead", "tbody", "tr", "th", "td"]
enable_xss_protection = true
enable_csrf_protection = true
max_content_length = 5000000  # 5MB

[content.i18n]
enabled = true
default_language = "en"
supported_languages = ["en", "es", "fr", "de", "ja", "zh"]
fallback_to_default = true
auto_detect_language = true

[content.performance]
enable_lazy_loading = true
enable_pagination = true
default_page_size = 25
max_page_size = 100
enable_content_compression = true
minify_html = true

# Metrics Configuration
[metrics]
enabled = true
endpoint = "/metrics"
health_endpoint = "/metrics/health"
collection_interval = 30  # seconds
enable_process_metrics = true
enable_runtime_metrics = true

[metrics.prometheus]
namespace = "rustelo_full"
subsystem = ""
registry_type = "default"
enable_exemplars = true
histogram_buckets = [0.0005, 0.001, 0.0025, 0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1.0, 2.5, 5.0, 10.0]

[metrics.http]
enabled = true
track_request_count = true
track_request_duration = true
track_requests_in_flight = true
track_response_size = true
track_request_size = true
include_user_agent = false
include_ip_address = false
slow_request_threshold = 0.5  # seconds

[metrics.database]
enabled = true
track_connection_pool = true
track_query_duration = true
track_query_count = true
track_connection_errors = true
track_migration_status = true
slow_query_threshold = 0.05  # seconds
include_query_tags = false

[metrics.auth]
enabled = true
track_login_attempts = true
track_login_failures = true
track_session_duration = true
track_active_sessions = true
track_token_generations = true
track_password_resets = true
track_registration_attempts = true
include_failure_reasons = true

[metrics.content]
enabled = true
track_content_requests = true
track_cache_performance = true
track_content_processing_time = true
track_search_queries = true
track_content_views = true
track_popular_content = true

[metrics.email]
enabled = true
track_emails_sent = true
track_email_failures = true
track_queue_size = true
track_processing_time = true
track_bounce_rate = true
track_delivery_rate = true
include_provider_metrics = true

[metrics.system]
enabled = true
track_memory_usage = true
track_cpu_usage = true
track_disk_usage = true
track_network_io = true
track_file_descriptors = true
track_uptime = true
collection_interval = 15  # seconds

[metrics.business]
enabled = true
track_user_registrations = true
track_user_logins = true
track_content_creation = true
track_api_usage = true
track_feature_usage = true
track_error_rates = true
track_conversion_metrics = true

[metrics.custom]
enabled = true
allow_custom_counters = true
allow_custom_gauges = true
allow_custom_histograms = true
max_custom_metrics = 500
custom_metric_prefix = "custom_"

[metrics.labels]
include_environment = true
include_version = true
include_instance_id = true
include_hostname = true
custom_labels = {datacenter = "us-west-1", team = "platform"}

[metrics.security]
enable_authentication = true
allowed_ips = ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]
api_key_header = "X-Metrics-API-Key"
api_key = "@encrypted_metrics_api_key"

# TLS Configuration
[tls]
enabled = true
port = 443
bind_address = "0.0.0.0"
protocols = ["TLSv1.2", "TLSv1.3"]
prefer_server_cipher_order = true
enable_http2 = true
enable_ocsp_stapling = true

[tls.certificates]
cert_path = "certs/production.crt"
key_path = "certs/production.key"
chain_path = "certs/chain.pem"
verify_client_certs = false

[tls.letsencrypt]
enabled = true
email = "admin@yourdomain.com"
domains = ["yourdomain.com", "www.yourdomain.com", "api.yourdomain.com"]
acme_server = "https://acme-v02.api.letsencrypt.org/directory"
challenge_type = "http-01"
cert_path = "certs/letsencrypt"
auto_renew = true
renew_days_before = 30

[tls.monitoring]
check_expiry = true
expiry_warning_days = 30
expiry_critical_days = 7
notify_on_expiry = true
health_check_enabled = true

[tls.ciphers]
allowed_ciphers = [
    "TLS_AES_256_GCM_SHA384",
    "TLS_CHACHA20_POLY1305_SHA256",
    "TLS_AES_128_GCM_SHA256",
    "ECDHE-RSA-AES256-GCM-SHA384",
    "ECDHE-RSA-CHACHA20-POLY1305",
    "ECDHE-RSA-AES128-GCM-SHA256"
]
allow_legacy_ciphers = false

[tls.hsts]
enabled = true
max_age = 31536000  # 1 year
include_subdomains = true
preload = true

[tls.redirect]
enable_http_redirect = true
redirect_port = 80
permanent_redirect = true
redirect_status_code = 301

# Redis Configuration
[redis]
enabled = true
url = "redis://localhost:6379/0"
pool_size = 20
connection_timeout = 10
command_timeout = 10

# Feature Flags
[features]
auth = true
tls = true
content_db = true
two_factor_auth = true

# Build Configuration
[build]
features = ["auth", "content-db", "crypto", "email", "metrics", "tls"]
chore: add config path 2025-07-07 23:13:01 +01:00			`# Full-Featured Configuration Example`
			`# This configuration demonstrates all available features and settings`
			`# Use this as a reference for comprehensive deployments`

			`[server]`
			`protocol = "https"`
			`host = "0.0.0.0"`
			`port = 443`
			`environment = "production"`
			`log_level = "info"`

			`[server.tls]`
			`cert_path = "certs/server.crt"`
			`key_path = "certs/server.key"`

			`[app]`
			`name = "Rustelo-full-featured"`
			`version = "0.1.0"`
			`debug = false`
			`enable_metrics = true`
			`enable_health_check = true`
			`enable_compression = true`
			`max_request_size = 52428800 # 50MB`

			`[database]`
			`url = "postgresql://rustelo:secure_password@localhost:5432/rustelo_full"`
			`max_connections = 25`
			`min_connections = 5`
			`connect_timeout = 30`
			`idle_timeout = 600`
			`max_lifetime = 1800`

			`[database.migrations]`
			`auto_migrate = true`
			`migration_dir = "migrations"`
			`create_db_if_missing = true`

			`[database.health]`
			`enable_ping = true`
			`ping_timeout = 5`
			`max_retries = 3`

			`[database.logging]`
			`log_queries = false`
			`log_slow_queries = true`
			`slow_query_threshold = 500 # milliseconds`

			`[session]`
			`secret = "@encrypted_session_secret"`
			`cookie_name = "rustelo_session"`
			`cookie_secure = true`
			`cookie_http_only = true`
			`cookie_same_site = "strict"`
			`max_age = 7200 # 2 hours`

			`[security]`
			`enable_csrf = true`
			`csrf_token_name = "csrf_token"`
			`rate_limit_requests = 1000`
			`rate_limit_window = 60`
			`bcrypt_cost = 14`

			`[cors]`
			`allowed_origins = ["https://yourdomain.com", "https://api.yourdomain.com", "https://admin.yourdomain.com"]`
			`allowed_methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH"]`
			`allowed_headers = ["Content-Type", "Authorization", "X-Requested-With", "X-API-Key"]`
			`allow_credentials = true`
			`max_age = 86400`

			`[static]`
			`assets_dir = "public"`
			`site_root = "target/site"`
			`site_pkg_dir = "pkg"`

			`[server_dirs]`
			`public_dir = "public"`
			`uploads_dir = "uploads"`
			`logs_dir = "logs"`
			`temp_dir = "tmp"`
			`cache_dir = "cache"`
			`config_dir = "config"`
			`data_dir = "data"`
			`backup_dir = "backups"`

			`[logging]`
			`format = "json"`
			`level = "info"`
			`file_path = "logs/full_app.log"`
			`max_file_size = 52428800 # 50MB`
			`max_files = 10`
			`enable_console = false`
			`enable_file = true`

			`# Authentication Configuration`
			`[auth]`
			`enabled = true`

			`[auth.jwt]`
			`secret = "@encrypted_jwt_secret"`
			`expiration = 86400 # 24 hours`
			`refresh_token_expiration = 604800 # 7 days`
			`algorithm = "HS256"`
			`issuer = "rustelo-full"`
			`audience = "rustelo-users"`

			`[auth.password]`
			`min_length = 12`
			`require_uppercase = true`
			`require_lowercase = true`
			`require_numbers = true`
			`require_special_chars = true`
			`max_age_days = 90`
			`history_count = 12`

			`[auth.security]`
			`max_login_attempts = 3`
			`lockout_duration = 1800 # 30 minutes`
			`session_timeout = 7200 # 2 hours`
			`require_email_verification = true`
			`password_reset_timeout = 3600 # 1 hour`

			`[auth.two_factor]`
			`enabled = true`
			`backup_codes_count = 10`
			`totp_issuer = "Rustelo Full Featured"`
			`totp_digits = 6`
			`totp_period = 30`

			`[auth.registration]`
			`enabled = true`
			`require_email_verification = true`
			`auto_approve = false`
			`default_role = "user"`
			`allowed_domains = ["yourdomain.com", "trusted-partner.com"]`

			`[auth.sessions]`
			`cleanup_interval = 1800 # 30 minutes`
			`max_concurrent_sessions = 3`
			`remember_me_duration = 2592000 # 30 days`

			`[auth.rate_limiting]`
			`login_attempts_per_minute = 3`
			`registration_attempts_per_hour = 2`
			`password_reset_attempts_per_hour = 2`

			`# OAuth Configuration`
			`[oauth]`
			`enabled = true`

			`[oauth.google]`
			`client_id = "@encrypted_google_client_id"`
			`client_secret = "@encrypted_google_client_secret"`
			`redirect_uri = "https://yourdomain.com/auth/google/callback"`

			`[oauth.github]`
			`client_id = "@encrypted_github_client_id"`
			`client_secret = "@encrypted_github_client_secret"`
			`redirect_uri = "https://yourdomain.com/auth/github/callback"`

			`# Email Configuration`
			`[email]`
			`enabled = true`
			`from_email = "noreply@yourdomain.com"`
			`from_name = "Rustelo Full Featured"`
			`reply_to = "support@yourdomain.com"`
			`default_provider = "smtp"`

			`[email.smtp]`
			`host = "smtp.yourdomain.com"`
			`port = 587`
			`username = "@encrypted_smtp_username"`
			`password = "@encrypted_smtp_password"`
			`use_tls = true`
			`use_starttls = true`
			`timeout = 30`
			`pool_size = 10`

			`[email.templates]`
			`template_dir = "templates/email"`
			`default_language = "en"`
			`supported_languages = ["en", "es", "fr", "de", "ja"]`
			`cache_templates = true`
			`reload_on_change = false`

			`[email.queue]`
			`enabled = true`
			`max_retry_attempts = 5`
			`retry_delay = 120 # seconds`
			`batch_size = 25`
			`processing_interval = 15 # seconds`

			`[email.rate_limiting]`
			`max_emails_per_minute = 100`
			`max_emails_per_hour = 5000`
			`max_emails_per_day = 50000`
			`burst_limit = 50`

			`[email.validation]`
			`check_mx_records = true`
			`check_disposable_domains = true`
			`allowed_domains = []`
			`blocked_domains = ["tempmail.org", "10minutemail.com", "guerrillamail.com"]`

			`[email.bounce_handling]`
			`enabled = true`
			`webhook_url = "/webhooks/email/bounce"`
			`webhook_secret = "@encrypted_email_webhook_secret"`
			`max_bounce_rate = 0.02 # 2%`
			`auto_suppress_bounces = true`

			`[email.security]`
			`enable_dkim = true`
			`dkim_selector = "default"`
			`dkim_private_key_path = "certs/dkim_private.key"`
			`enable_spf = true`
			`enable_dmarc = true`

			`# Content Management Configuration`
			`[content]`
			`enabled = true`
			`content_dir = "content"`
			`cache_enabled = true`
			`cache_ttl = 7200 # 2 hours`
			`max_file_size = 10485760 # 10MB`
			`auto_save_interval = 30 # seconds`
			`enable_versioning = true`
			`max_versions = 25`

			`[content.types.article]`
			`enabled = true`
			`template = "article.hbs"`
			`slug_prefix = "articles"`
			`allow_comments = true`
			`enable_seo = true`
			`max_length = 100000`

			`[content.types.page]`
			`enabled = true`
			`template = "page.hbs"`
			`slug_prefix = "pages"`
			`allow_comments = false`
			`enable_seo = true`
			`max_length = 200000`

			`[content.types.blog_post]`
			`enabled = true`
			`template = "blog_post.hbs"`
			`slug_prefix = "blog"`
			`allow_comments = true`
			`enable_seo = true`
			`max_length = 50000`
			`enable_series = true`

			`[content.markdown]`
			`enable_syntax_highlighting = true`
			`theme = "github"`
			`enable_tables = true`
			`enable_strikethrough = true`
			`enable_autolinks = true`
			`enable_task_lists = true`
			`enable_footnotes = true`
			`enable_math = true`
			`heading_anchors = true`
			`code_block_line_numbers = true`

			`[content.seo]`
			`auto_generate_meta = true`
			`default_meta_description_length = 160`
			`auto_generate_og_tags = true`
			`enable_json_ld = true`
			`sitemap_enabled = true`
			`sitemap_path = "/sitemap.xml"`
			`robots_txt_enabled = true`

			`[content.publishing]`
			`auto_publish = false`
			`require_review = true`
			`enable_drafts = true`
			`enable_scheduling = true`
			`default_status = "draft"`

			`[content.taxonomy]`
			`enable_categories = true`
			`max_categories_per_content = 10`
			`enable_tags = true`
			`max_tags_per_content = 50`
			`enable_hierarchical_categories = true`

			`[content.media]`
			`enabled = true`
			`upload_dir = "uploads/content"`
			`allowed_extensions = ["jpg", "jpeg", "png", "gif", "webp", "svg", "pdf", "doc", "docx", "mp4", "webm"]`
			`max_file_size = 52428800 # 50MB`
			`enable_image_optimization = true`
			`generate_thumbnails = true`
			`thumbnail_sizes = [150, 300, 600, 1200, 1920]`

			`[content.media.images]`
			`auto_optimize = true`
			`quality = 90`
			`progressive_jpeg = true`
			`strip_metadata = true`
			`enable_webp_conversion = true`
			`enable_lazy_loading = true`

			`[content.search]`
			`enabled = true`
			`search_engine = "database"`
			`index_content = true`
			`index_metadata = true`
			`search_fields = ["title", "content", "excerpt", "tags", "categories", "author"]`
			`min_search_length = 2`
			`max_results = 100`

			`[content.search.fulltext]`
			`enable_stemming = true`
			`enable_fuzzy_search = true`
			`fuzzy_distance = 2`
			`boost_title = 3.0`
			`boost_tags = 2.0`
			`boost_categories = 1.5`

			`[content.cache]`
			`enable_redis = true`
			`redis_url = "redis://localhost:6379/1"`
			`redis_prefix = "content:"`
			`cache_rendered_content = true`
			`cache_search_results = true`
			`search_cache_ttl = 600 # 10 minutes`

			`[content.api]`
			`enabled = true`
			`enable_public_api = true`
			`enable_admin_api = true`
			`api_prefix = "/api/content"`
			`rate_limit_per_minute = 200`
			`require_auth_for_write = true`
			`enable_bulk_operations = true`

			`[content.backup]`
			`enabled = true`
			`backup_interval = 43200 # 12 hours`
			`backup_retention_days = 90`
			`backup_dir = "backups/content"`
			`include_media = true`
			`compress_backups = true`

			`[content.workflows]`
			`enabled = true`
			`require_approval = true`
			`approval_roles = ["editor", "admin"]`
			`notification_on_submission = true`
			`notification_on_approval = true`
			`auto_notify_authors = true`

			`[content.comments]`
			`enabled = true`
			`require_approval = true`
			`enable_replies = true`
			`max_nesting_level = 5`
			`enable_voting = true`
			`enable_email_notifications = true`
			`anti_spam_enabled = true`

			`[content.analytics]`
			`track_views = true`
			`track_reading_time = true`
			`track_popular_content = true`
			`analytics_retention_days = 365`
			`enable_heatmaps = true`

			`[content.feeds]`
			`enabled = true`
			`rss_enabled = true`
			`atom_enabled = true`
			`feed_title = "Rustelo Full Featured Content"`
			`feed_description = "Latest content from our full-featured Rustelo application"`
			`max_items = 50`
			`include_full_content = true`

			`[content.security]`
			`enable_content_sanitization = true`
			`allowed_html_tags = ["p", "br", "strong", "em", "ul", "ol", "li", "h1", "h2", "h3", "h4", "h5", "h6", "blockquote", "code", "pre", "a", "img", "table", "thead", "tbody", "tr", "th", "td"]`
			`enable_xss_protection = true`
			`enable_csrf_protection = true`
			`max_content_length = 5000000 # 5MB`

			`[content.i18n]`
			`enabled = true`
			`default_language = "en"`
			`supported_languages = ["en", "es", "fr", "de", "ja", "zh"]`
			`fallback_to_default = true`
			`auto_detect_language = true`

			`[content.performance]`
			`enable_lazy_loading = true`
			`enable_pagination = true`
			`default_page_size = 25`
			`max_page_size = 100`
			`enable_content_compression = true`
			`minify_html = true`

			`# Metrics Configuration`
			`[metrics]`
			`enabled = true`
			`endpoint = "/metrics"`
			`health_endpoint = "/metrics/health"`
			`collection_interval = 30 # seconds`
			`enable_process_metrics = true`
			`enable_runtime_metrics = true`

			`[metrics.prometheus]`
			`namespace = "rustelo_full"`
			`subsystem = ""`
			`registry_type = "default"`
			`enable_exemplars = true`
			`histogram_buckets = [0.0005, 0.001, 0.0025, 0.005, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 1.0, 2.5, 5.0, 10.0]`

			`[metrics.http]`
			`enabled = true`
			`track_request_count = true`
			`track_request_duration = true`
			`track_requests_in_flight = true`
			`track_response_size = true`
			`track_request_size = true`
			`include_user_agent = false`
			`include_ip_address = false`
			`slow_request_threshold = 0.5 # seconds`

			`[metrics.database]`
			`enabled = true`
			`track_connection_pool = true`
			`track_query_duration = true`
			`track_query_count = true`
			`track_connection_errors = true`
			`track_migration_status = true`
			`slow_query_threshold = 0.05 # seconds`
			`include_query_tags = false`

			`[metrics.auth]`
			`enabled = true`
			`track_login_attempts = true`
			`track_login_failures = true`
			`track_session_duration = true`
			`track_active_sessions = true`
			`track_token_generations = true`
			`track_password_resets = true`
			`track_registration_attempts = true`
			`include_failure_reasons = true`

			`[metrics.content]`
			`enabled = true`
			`track_content_requests = true`
			`track_cache_performance = true`
			`track_content_processing_time = true`
			`track_search_queries = true`
			`track_content_views = true`
			`track_popular_content = true`

			`[metrics.email]`
			`enabled = true`
			`track_emails_sent = true`
			`track_email_failures = true`
			`track_queue_size = true`
			`track_processing_time = true`
			`track_bounce_rate = true`
			`track_delivery_rate = true`
			`include_provider_metrics = true`

			`[metrics.system]`
			`enabled = true`
			`track_memory_usage = true`
			`track_cpu_usage = true`
			`track_disk_usage = true`
			`track_network_io = true`
			`track_file_descriptors = true`
			`track_uptime = true`
			`collection_interval = 15 # seconds`

			`[metrics.business]`
			`enabled = true`
			`track_user_registrations = true`
			`track_user_logins = true`
			`track_content_creation = true`
			`track_api_usage = true`
			`track_feature_usage = true`
			`track_error_rates = true`
			`track_conversion_metrics = true`

			`[metrics.custom]`
			`enabled = true`
			`allow_custom_counters = true`
			`allow_custom_gauges = true`
			`allow_custom_histograms = true`
			`max_custom_metrics = 500`
			`custom_metric_prefix = "custom_"`

			`[metrics.labels]`
			`include_environment = true`
			`include_version = true`
			`include_instance_id = true`
			`include_hostname = true`
			`custom_labels = {datacenter = "us-west-1", team = "platform"}`

			`[metrics.security]`
			`enable_authentication = true`
			`allowed_ips = ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16"]`
			`api_key_header = "X-Metrics-API-Key"`
			`api_key = "@encrypted_metrics_api_key"`

			`# TLS Configuration`
			`[tls]`
			`enabled = true`
			`port = 443`
			`bind_address = "0.0.0.0"`
			`protocols = ["TLSv1.2", "TLSv1.3"]`
			`prefer_server_cipher_order = true`
			`enable_http2 = true`
			`enable_ocsp_stapling = true`

			`[tls.certificates]`
			`cert_path = "certs/production.crt"`
			`key_path = "certs/production.key"`
			`chain_path = "certs/chain.pem"`
			`verify_client_certs = false`

			`[tls.letsencrypt]`
			`enabled = true`
			`email = "admin@yourdomain.com"`
			`domains = ["yourdomain.com", "www.yourdomain.com", "api.yourdomain.com"]`
			`acme_server = "https://acme-v02.api.letsencrypt.org/directory"`
			`challenge_type = "http-01"`
			`cert_path = "certs/letsencrypt"`
			`auto_renew = true`
			`renew_days_before = 30`

			`[tls.monitoring]`
			`check_expiry = true`
			`expiry_warning_days = 30`
			`expiry_critical_days = 7`
			`notify_on_expiry = true`
			`health_check_enabled = true`

			`[tls.ciphers]`
			`allowed_ciphers = [`
			`"TLS_AES_256_GCM_SHA384",`
			`"TLS_CHACHA20_POLY1305_SHA256",`
			`"TLS_AES_128_GCM_SHA256",`
			`"ECDHE-RSA-AES256-GCM-SHA384",`
			`"ECDHE-RSA-CHACHA20-POLY1305",`
			`"ECDHE-RSA-AES128-GCM-SHA256"`
			`]`
			`allow_legacy_ciphers = false`

			`[tls.hsts]`
			`enabled = true`
			`max_age = 31536000 # 1 year`
			`include_subdomains = true`
			`preload = true`

			`[tls.redirect]`
			`enable_http_redirect = true`
			`redirect_port = 80`
			`permanent_redirect = true`
			`redirect_status_code = 301`

			`# Redis Configuration`
			`[redis]`
			`enabled = true`
			`url = "redis://localhost:6379/0"`
			`pool_size = 20`
			`connection_timeout = 10`
			`command_timeout = 10`

			`# Feature Flags`
			`[features]`
			`auth = true`
			`tls = true`
			`content_db = true`
			`two_factor_auth = true`

			`# Build Configuration`
			`[build]`
			`features = ["auth", "content-db", "crypto", "email", "metrics", "tls"]`