# Server Configuration
PORT=5000
NODE_ENV=development

# JWT Secret (change this to something random!)
JWT_SECRET=your_super_secret_jwt_key_change_this

# Encryption key for secrets at rest (SMTP passwords, etc.)
# If not set, falls back to JWT_SECRET. Using a separate key is recommended
# so that a JWT_SECRET compromise does not also expose encrypted data.
ENCRYPTION_KEY=your_separate_encryption_key_change_this

# Database
DATABASE_PATH=../data/status.db

# CORS (whitelist frontend URL)
FRONTEND_URL=http://localhost:3000

# Monitoring defaults (in seconds)
DEFAULT_CHECK_INTERVAL=300
DEFAULT_TIMEOUT=10

# Trust reverse proxy headers (X-Forwarded-For) for correct client IPs.
# Set to 'false' if the app is NOT behind a reverse proxy (nginx, Cloudflare, etc.).
# Default: true
TRUST_PROXY=true