# 🎨 MYP Frontend - Standalone Server Konfiguration
# Umgebungsvariablen ausschließlich für den Frontend-Server

# === NODE.JS KONFIGURATION ===
NODE_ENV=production
NEXT_TELEMETRY_DISABLED=1

# === FRONTEND SERVER ===
PORT=3000
HOSTNAME=0.0.0.0
FRONTEND_URL=http://localhost:3000

# === BACKEND API KONFIGURATION ===
# Backend-Server Verbindung (HTTP)
BACKEND_API_URL=http://localhost:5000/api
BACKEND_HOST=localhost:5000
NEXT_PUBLIC_API_URL=http://localhost:5000/api
NEXT_PUBLIC_BACKEND_HOST=localhost:5000

# === AUTHENTIFIZIERUNG ===
NEXTAUTH_URL=http://localhost:3000
NEXTAUTH_SECRET=frontend-auth-secret-2024
JWT_SECRET=frontend-jwt-secret-2024

# OAuth Provider (falls verwendet)
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
MICROSOFT_CLIENT_ID=
MICROSOFT_CLIENT_SECRET=

# === DATABASE (Frontend-spezifisch, falls Session Store) ===
# Hinweis: Frontend sollte normalerweise KEINE direkte DB-Verbindung haben
# Diese Werte sind nur für Session-Management relevant
FRONTEND_DB_PATH=db/frontend.db

# === CACHE KONFIGURATION ===
# Frontend-spezifischer Redis Cache (separater Port!)
FRONTEND_REDIS_PASSWORD=frontend_cache_password
FRONTEND_REDIS_HOST=localhost
FRONTEND_REDIS_PORT=6380
FRONTEND_REDIS_DB=1

# === CDN KONFIGURATION ===
CDN_URL=http://localhost:8080
ASSETS_URL=http://localhost:8080/static

# === SICHERHEIT ===
# CSP (Content Security Policy)
CSP_SCRIPT_SRC="'self' 'unsafe-inline' 'unsafe-eval'"
CSP_STYLE_SRC="'self' 'unsafe-inline'"
CSP_IMG_SRC="'self' data: https:"
CSP_CONNECT_SRC="'self' ws: wss: http://localhost:5000"

# === MONITORING ===
ANALYTICS_ENABLED=true
ERROR_REPORTING_ENABLED=true

# === ENTWICKLUNG ===
DEBUG=false
NEXT_DEBUG=false

# === BUILD KONFIGURATION ===
ANALYZE=false
BUNDLE_ANALYZER=false