# Base Configuration - Production Environment
# Core settings that apply to all features in production

# Root Path Configuration
root_path = "."

# Server Configuration - Production
[server]
protocol = "https"
host = "0.0.0.0"
port = 443
environment = "production"
log_level = "info"
workers = 4
max_connections = 1000
graceful_shutdown_timeout = 30
keepalive_timeout = 65

# Database Configuration - Production
[database]
url = "${DATABASE_URL}"
max_connections = 20
min_connections = 5
connect_timeout = 10
idle_timeout = 300
max_lifetime = 1800
enable_logging = false
log_slow_queries = true
slow_query_threshold = 1000  # milliseconds
ssl_mode = "require"
statement_timeout = 30000

# Session Configuration - Production
[session]
secret = "${SESSION_SECRET}"
cookie_name = "rustelo_session"
cookie_secure = true
cookie_http_only = true
cookie_same_site = "strict"
max_age = 1800  # 30 minutes
domain = "${DOMAIN}"
path = "/"

# CORS Configuration - Production
[cors]
allowed_origins = ["${FRONTEND_URL}", "https://${DOMAIN}"]
allowed_methods = ["GET", "POST", "PUT", "DELETE", "OPTIONS"]
allowed_headers = ["Content-Type", "Authorization", "X-Requested-With", "X-CSRF-Token"]
allow_credentials = true
max_age = 86400  # 24 hours
expose_headers = ["X-Total-Count", "X-Page-Count"]

# Static Files Configuration - Production
[static]
assets_dir = "public"
site_root = "target/site"
site_pkg_dir = "pkg"
enable_compression = true
enable_caching = true
cache_max_age = 2592000  # 30 days
compression_level = 6

# Server Directories Configuration - Production
[server_dirs]
public_dir = "/var/www/public"
uploads_dir = "/var/uploads"
logs_dir = "/var/log/rustelo"
temp_dir = "/tmp/rustelo"
cache_dir = "/var/cache/rustelo"
config_dir = "/etc/rustelo"
data_dir = "/var/lib/rustelo"
backup_dir = "/var/backups/rustelo"

# Security Configuration - Production
[security]
enable_csrf = true
csrf_token_name = "csrf_token"
rate_limit_requests = 100
rate_limit_window = 60
bcrypt_cost = 12
enable_request_id = true
request_id_header = "X-Request-ID"
enable_security_headers = true
content_security_policy = "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'"

# Application Settings - Production
[app]
name = "Rustelo-app"
version = "1.0.0"
debug = false
enable_metrics = true
enable_health_check = true
enable_compression = true
max_request_size = 10485760  # 10MB
enable_hot_reload = false
auto_migrate = false

# Logging Configuration - Production
[logging]
format = "json"
level = "info"
file_path = "/var/log/rustelo/app.log"
max_file_size = 104857600  # 100MB
max_files = 10
enable_console = false
enable_file = true
enable_structured_logging = true
log_request_body = false
log_response_body = false
enable_audit_log = true
audit_log_path = "/var/log/rustelo/audit.log"

# Redis Configuration - Production
[redis]
enabled = true
url = "${REDIS_URL}"
pool_size = 20
connection_timeout = 5
command_timeout = 5
database = 0
enable_cluster = false
ssl_enabled = true

# Metrics Configuration - Production
[metrics]
enabled = true
endpoint = "/metrics"
collect_system_metrics = true
collect_process_metrics = true
collect_http_metrics = true
collect_database_metrics = true
prometheus_enabled = true
statsd_enabled = false
scrape_interval = 15  # seconds

# Health Check Configuration - Production
[health]
enabled = true
endpoint = "/health"
detailed = false
check_database = true
check_redis = true
check_external_services = true
timeout = 5000  # milliseconds

# Monitoring Configuration - Production
[monitoring]
enabled = true
alert_manager_url = "${ALERT_MANAGER_URL}"
prometheus_url = "${PROMETHEUS_URL}"
grafana_url = "${GRAFANA_URL}"
enable_traces = true
trace_sampling_rate = 0.1

# Backup Configuration - Production
[backup]
enabled = true
schedule = "0 2 * * *"  # Daily at 2 AM
retention_days = 30
storage_path = "/var/backups/rustelo"
compress_backups = true
encryption_enabled = true

# SSL/TLS Configuration - Production
[ssl]
force_https = true
hsts_max_age = 31536000  # 1 year
hsts_include_subdomains = true
hsts_preload = true

# Production-specific settings
[production]
enable_maintenance_mode = false
maintenance_message = "System is under maintenance. Please try again later."
enable_graceful_shutdown = true
shutdown_timeout = 30
enable_crash_reporting = true
crash_reporting_endpoint = "${CRASH_REPORTING_URL}"