gatehouse-api/.env.example

# Flask Configuration
FLASK_APP=wsgi.py
FLASK_ENV=development
SECRET_KEY=your-secret-key-here-change-in-production

# Database
DATABASE_URL=postgresql://user:password@localhost:5432/authy2_dev
SQLALCHEMY_ECHO=False
SQLALCHEMY_LOG_LEVEL=WARNING

# Security
BCRYPT_LOG_ROUNDS=12
ENCRYPTION_KEY=your-encryption-key-here-change-in-production
SESSION_COOKIE_SECURE=False
SESSION_COOKIE_HTTPONLY=True
SESSION_COOKIE_SAMESITE=Lax
MAX_SESSION_DURATION=86400

# CORS
#CORS_ORIGINS=http://localhost:3000,http://localhost:5173,https://oidc-playpen.lovable.app/,http://localhost:8080/
CORS_ORIGINS=*


# JWT (if using JWT instead of sessions)
JWT_SECRET_KEY=your-jwt-secret-key-here
JWT_ACCESS_TOKEN_EXPIRES=3600
JWT_REFRESH_TOKEN_EXPIRES=2592000

# Redis (for session storage)
REDIS_URL=redis://localhost:6379/0

# OIDC
OIDC_ISSUER_URL=http://localhost:5000

# Logging
LOG_LEVEL=INFO
LOG_TO_STDOUT=True

# Rate Limiting
RATELIMIT_ENABLED=True
RATELIMIT_STORAGE_URL=redis://localhost:6379/1

# SSH CA
# Path to CA private key file (alternative to SSH_CA_PRIVATE_KEY env var)
SSH_CA_KEY_PATH=/path/to/ca-users
# Or set the key content directly (takes priority over SSH_CA_KEY_PATH):
# SSH_CA_PRIVATE_KEY=