# ──────────────────────────────────────
# Database
# ──────────────────────────────────────
POSTGRES_USER=umbra
POSTGRES_PASSWORD=changeme_in_production
POSTGRES_DB=umbra
DATABASE_URL=postgresql+asyncpg://umbra:changeme_in_production@db:5432/umbra

# ──────────────────────────────────────
# Application
# ──────────────────────────────────────
# Generate with: python3 -c "import secrets; print(secrets.token_hex(32))"
SECRET_KEY=your-secret-key-change-in-production

# development | production — controls Swagger/ReDoc visibility and cookie defaults
ENVIRONMENT=development

# Public URL — used for ntfy click links and auto-derives CORS_ORIGINS in production
# UMBRA_URL=https://umbra.example.com

# Timezone (applied to backend + db containers via env_file)
TZ=Australia/Perth

# ──────────────────────────────────────
# Integrations
# ──────────────────────────────────────
OPENWEATHERMAP_API_KEY=your-openweathermap-api-key

# ──────────────────────────────────────
# Overrides (rarely needed)
# ──────────────────────────────────────
# COOKIE_SECURE auto-derives from ENVIRONMENT (production → true).
# Only set explicitly to override, e.g. false for a non-TLS prod behind a proxy.
# COOKIE_SECURE=false

# CORS_ORIGINS auto-derives from UMBRA_URL in production, http://localhost:5173 in dev.
# Only set explicitly if you need a different origin or multiple origins.
# CORS_ORIGINS=https://custom-domain.example.com