# SchoolCompare Environment Configuration
# Copy this file to .env and update the values

# =============================================================================
# DATABASE
# =============================================================================
# PostgreSQL connection string
DATABASE_URL=postgresql://schoolcompare:CHANGE_THIS_PASSWORD@localhost:5432/schoolcompare

# =============================================================================
# SERVER
# =============================================================================
# Set to False in production
DEBUG=False

# Server host and port
HOST=0.0.0.0
PORT=80

# =============================================================================
# CORS
# =============================================================================
# Comma-separated list of allowed origins
# In production, only include your actual domain
ALLOWED_ORIGINS=["https://schoolcompare.co.uk"]

# =============================================================================
# SECURITY
# =============================================================================
# Admin API key for protected endpoints (e.g., /api/admin/reload)
# Generate a secure random key: python -c "import secrets; print(secrets.token_urlsafe(32))"
ADMIN_API_KEY=CHANGE_THIS_TO_A_SECURE_RANDOM_KEY

# Rate limiting (requests per minute per IP)
RATE_LIMIT_PER_MINUTE=60
RATE_LIMIT_BURST=10

# Maximum request body size in bytes (default 1MB)
MAX_REQUEST_SIZE=1048576

# =============================================================================
# API
# =============================================================================
DEFAULT_PAGE_SIZE=50
MAX_PAGE_SIZE=100