PyGuardian/.env.docker

################################################################################
# PyGuardian Docker Environment Configuration
# Copy this file to .env and customize for your deployment
################################################################################

# =============================================================================
# GENERAL CONFIGURATION
# =============================================================================

# PyGuardian version
PYGUARDIAN_VERSION=2.1.0

# Logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
LOG_LEVEL=INFO

# =============================================================================
# TELEGRAM CONFIGURATION
# =============================================================================

# Telegram Bot Token (required for notifications)
# Get token from @BotFather on Telegram
TELEGRAM_BOT_TOKEN=your_telegram_bot_token_here

# Telegram Chat ID for notifications (optional)
TELEGRAM_CHAT_ID=your_chat_id_here

# =============================================================================
# CLUSTER CONFIGURATION
# =============================================================================

# Cluster secret for agent authentication (generate with: openssl rand -hex 32)
CLUSTER_SECRET=your_cluster_secret_32_bytes_hex

# Controller configuration
CONTROLLER_HOST=localhost
CONTROLLER_PORT=8443

# Agent configuration
AGENT_HEARTBEAT_INTERVAL=30
AGENT_TIMEOUT=300

# =============================================================================
# SECURITY CONFIGURATION  
# =============================================================================

# JWT secret for API authentication (generate with: openssl rand -hex 32)
JWT_SECRET=your_jwt_secret_32_bytes_hex

# API rate limiting
API_RATE_LIMIT=100
API_RATE_WINDOW=60

# SSL/TLS configuration
SSL_CERT_PATH=/opt/pyguardian/ssl/cert.pem
SSL_KEY_PATH=/opt/pyguardian/ssl/key.pem
SSL_ENABLED=false

# =============================================================================
# DATABASE CONFIGURATION
# =============================================================================

# SQLite database path (default for containers)
DATABASE_PATH=/opt/pyguardian/data/pyguardian.db

# Database backup settings
DATABASE_BACKUP_ENABLED=true
DATABASE_BACKUP_INTERVAL=86400
DATABASE_BACKUP_RETENTION=30

# =============================================================================
# MONITORING CONFIGURATION
# =============================================================================

# Prometheus metrics
PROMETHEUS_ENABLED=true
PROMETHEUS_PORT=9090

# Health check intervals
HEALTH_CHECK_INTERVAL=30
HEALTH_CHECK_TIMEOUT=10

# System monitoring
MONITOR_CPU_THRESHOLD=80
MONITOR_MEMORY_THRESHOLD=85
MONITOR_DISK_THRESHOLD=90

# =============================================================================
# NETWORK CONFIGURATION
# =============================================================================

# Firewall settings
FIREWALL_ENABLED=true
FIREWALL_DEFAULT_POLICY=DROP

# Allowed SSH IPs (comma-separated)
ALLOWED_SSH_IPS=192.168.1.0/24,10.0.0.0/8

# Intrusion detection
IDS_ENABLED=true
IDS_SENSITIVITY=medium

# =============================================================================
# DEVELOPMENT CONFIGURATION (docker-compose.dev.yml)
# =============================================================================

# Development mode settings
DEV_MODE=false
DEV_HOT_RELOAD=true
DEV_DEBUG_MODE=true

# Test database
TEST_DATABASE_URL=postgresql://pyguardian:test_password@pyguardian-testdb:5432/pyguardian_test

# Redis cache
REDIS_URL=redis://pyguardian-redis:6379/0

# =============================================================================
# DOCKER CONFIGURATION
# =============================================================================

# Container resource limits
CONTAINER_MEMORY_LIMIT=512m
CONTAINER_CPU_LIMIT=1.0

# Container restart policy
RESTART_POLICY=unless-stopped

# Docker network
DOCKER_NETWORK=pyguardian

# =============================================================================
# BACKUP AND RECOVERY
# =============================================================================

# Backup configuration
BACKUP_ENABLED=true
BACKUP_SCHEDULE=0 2 * * *
BACKUP_RETENTION_DAYS=30
BACKUP_STORAGE_PATH=/opt/pyguardian/backups

# Recovery settings
RECOVERY_ENABLED=true
RECOVERY_AUTO_RESTORE=false

# =============================================================================
# PERFORMANCE TUNING
# =============================================================================

# Worker processes
WORKER_PROCESSES=auto
WORKER_CONNECTIONS=1024

# Connection pooling
DB_POOL_SIZE=10
DB_POOL_MAX_OVERFLOW=20

# Cache settings
CACHE_TTL=3600
CACHE_MAX_SIZE=100

# =============================================================================
# EXAMPLES FOR COMMON SCENARIOS
# =============================================================================

# Production single server:
# PYGUARDIAN_MODE=standalone
# LOG_LEVEL=INFO
# SSL_ENABLED=true

# Production cluster controller:
# PYGUARDIAN_MODE=controller
# LOG_LEVEL=INFO
# CLUSTER_SECRET=<generated_secret>

# Production cluster agent:
# PYGUARDIAN_MODE=agent
# CONTROLLER_HOST=controller.example.com
# CLUSTER_SECRET=<same_as_controller>

# Development:
# PYGUARDIAN_MODE=development
# LOG_LEVEL=DEBUG
# DEV_MODE=true