# ---------------------------------------------------------------------------
# OTel BI Backend — local development (without Docker)
# Copy to .env and fill in your values.
# Run services from the backend/ directory so pydantic-settings finds .env.
# ---------------------------------------------------------------------------

APP_ENV=dev
LOG_LEVEL=INFO

# ============================================================
# Go analytics service (same image, ROLE=analytics)
# Set this to wherever the analytics container is reachable.
# ============================================================
ANALYTICS_SERVICE_URL=http://localhost:8080

# MSSQL — required when ROLE=analytics
# go-mssqldb DSN: sqlserver://user:pass@host:port?database=name&...
AW_MSSQL_DSN=sqlserver://sa:YourStrongPassword123!@localhost:1433?database=AdventureWorksDW2022&TrustServerCertificate=true&ApplicationIntent=ReadOnly
WWI_MSSQL_DSN=sqlserver://sa:YourStrongPassword123!@localhost:1433?database=WideWorldImportersDW&TrustServerCertificate=true&ApplicationIntent=ReadOnly

# ============================================================
# PostgreSQL — write store for derived data
# ============================================================
POSTGRES_HOST=localhost
POSTGRES_PORT=5432
POSTGRES_DATABASE=otel_bi
POSTGRES_USERNAME=otel_bi
POSTGRES_PASSWORD=otel_bi_dev
# prefer for dev, require for production
POSTGRES_SSLMODE=prefer

# Optional: override the generated connection URL directly
# POSTGRES_CONNECTION_STRING=postgresql+psycopg://otel_bi:otel_bi_dev@localhost:5432/otel_bi?sslmode=prefer

# ============================================================
# Frontend JWT validation
# Validates the Bearer token the browser sends on every request.
# ============================================================
# Set false to disable auth entirely (dev only)
REQUIRE_FRONTEND_AUTH=false

# When REQUIRE_FRONTEND_AUTH=true, fill in your OIDC provider:
# FRONTEND_JWT_ISSUER_URL=https://your-idp.example.com/realms/your-realm
# FRONTEND_JWT_AUDIENCE=your-api-audience
# FRONTEND_JWT_JWKS_URL=https://your-idp.example.com/realms/your-realm/protocol/openid-connect/certs
# FRONTEND_REQUIRED_SCOPES=openid profile

# ============================================================
# Frontend OIDC runtime config (served to the SPA via GET /api/config
# — NOT baked into the JS bundle)
# ============================================================
# FRONTEND_OIDC_CLIENT_ID=otel-bi-frontend
# FRONTEND_OIDC_SCOPE=openid profile email

CORS_ORIGINS=http://localhost:5173

# ============================================================
# Reports — filesystem path for generated XLSX + PDF files
# Mount a K8s CSI / SMB PVC here in production.
# ============================================================
REPORT_OUTPUT_DIR=/tmp/otel-bi-reports

# ============================================================
# OpenTelemetry
# ============================================================
OTEL_SERVICE_NAME=otel-bi-backend
OTEL_SERVICE_NAMESPACE=final-thesis
OTEL_COLLECTOR_ENDPOINT=http://localhost:4318