# ============================================================
# CVE MONITOR - CONFIGURATION FILE
# ============================================================
# Copy this file to .env and adjust values for your environment

# ============================================================
# APPLICATION SETTINGS
# ============================================================
APP_NAME=CVE Monitor
APP_VERSION=1.0.0
DEBUG=False
HOST=0.0.0.0
PORT=5000

# ============================================================
# DATABASE CONFIGURATION
# ============================================================
DATABASE_PATH=./cve_db/cve_cache.db
DATABASE_WAL_MODE=True
DATABASE_CACHE_SIZE=10000

# ============================================================
# LOGGING CONFIGURATION
# ============================================================
LOG_LEVEL=INFO
LOG_FORMAT=%(asctime)s - %(name)s - %(levelname)s - %(message)s
LOG_FILE=./logs/cve_monitor.log
LOG_MAX_BYTES=10485760
LOG_BACKUP_COUNT=5

# ============================================================
# AUTO-UPDATE CONFIGURATION
# ============================================================
ENABLE_AUTO_UPDATE=True
UPDATE_INTERVAL_HOURS=1
INITIAL_LOOKBACK_DAYS=365
CACHE_HOURS=24

# ============================================================
# EXTERNAL API KEYS (Optional but Recommended)
# ============================================================
# NVD API Key - Get yours at: https://nvd.nist.gov/developers/request-an-api-key
# Without API key: 5 requests per 30 seconds
# With API key: 50 requests per 30 seconds
NVD_API_KEY=

# GitHub Personal Access Token - Get yours at: https://github.com/settings/tokens
# Increases rate limit from 60 to 5000 requests per hour
GITHUB_TOKEN=

# ============================================================
# API ENDPOINTS (Advanced - Don't change unless necessary)
# ============================================================
NVD_API_URL=https://services.nvd.nist.gov/rest/json/cves/2.0
GITHUB_API_URL=https://api.github.com/advisories
NVD_TIMEOUT=30
GITHUB_TIMEOUT=15

# ============================================================
# GUNICORN CONFIGURATION (Production)
# ============================================================
WORKERS=4
WORKER_TIMEOUT=120

# ============================================================
# SECURITY SETTINGS
# ============================================================
ENABLE_SECURITY_HEADERS=True
ENABLE_RATE_LIMITING=True
ENABLE_COMPRESSION=True
ENABLE_ETAG=True

# Content Security Policy
CSP_DEFAULT_SRC='self'
CSP_SCRIPT_SRC='self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com
CSP_STYLE_SRC='self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com
CSP_FONT_SRC='self' cdnjs.cloudflare.com
CSP_IMG_SRC='self' data:
CSP_CONNECT_SRC='self' cdn.jsdelivr.net

# X-Frame-Options: DENY, SAMEORIGIN, or ALLOW-FROM uri
X_FRAME_OPTIONS=DENY

# HSTS max age in seconds (1 year = 31536000)
HSTS_MAX_AGE=31536000

# ============================================================
# FEATURE FLAGS
# ============================================================
ENABLE_CHARTS=True
ENABLE_SEARCH=True
ENABLE_EXPORT=True
ENABLE_DARK_MODE=True

# ============================================================
# UI CONFIGURATION
# ============================================================
ITEMS_PER_PAGE=50
MAX_ITEMS_PER_PAGE=200

# ============================================================
# EXPORT SETTINGS
# ============================================================
EXPORT_FORMATS=json,csv
EXPORT_MAX_ITEMS=1000

# ============================================================
# CDN URLS (for offline use, download and host locally)
# ============================================================
BOOTSTRAP_CSS_CDN=https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
BOOTSTRAP_JS_CDN=https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
FONTAWESOME_CDN=https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
CHARTJS_CDN=https://cdn.jsdelivr.net/npm/chart.js@4.4.1/dist/chart.umd.min.js

# ============================================================
# DISCORD BOT CONFIGURATION
# ============================================================
ENABLE_DISCORD_BOT=False
DISCORD_BOT_TOKEN=
DISCORD_CHANNEL_ID=
DISCORD_CHECK_INTERVAL_MINUTES=60
DISCORD_NOTIFY_CRITICAL=True
DISCORD_NOTIFY_HIGH=True
DISCORD_MIN_CVSS=7.0
DISCORD_MIN_SEVERITY=HIGH

# ============================================================
# MONITORED VENDORS
# ============================================================
# Vendors are configured in config.py VENDORS list, not via environment variables.
# Edit config.py to add/remove/modify vendors.

# ============================================================
# NOTES
# ============================================================
# 1. Boolean values: True/False (case-sensitive)
# 2. Empty values will use defaults from config.py
# 3. Paths can be absolute or relative to project root
# 4. For production, always set DEBUG=False
# 5. Get NVD API key to avoid rate limits
# 6. Use strong CSP in production
# 7. Enable HTTPS in production (handled by reverse proxy)