config.ini

[app]
SECRET_KEY = your_secret_key
APP_DEBUG = true
TIMEZONE = Europe/London

[server]
HOST = 0.0.0.0
PORT = 8000
SSL_CERTFILE = instance/certs/cert.pem
SSL_KEYFILE = instance/certs/key.pem
; Server configuration
; DEVELOPMENT_MODE: When true, enables development features (default: false)
DEVELOPMENT_MODE = true
; Watch for file changes and reload automatically (development only, default: false)
WATCH_FILES = true
; Number of worker processes for Uvicorn (default: 1)
; For production, set to 2-4 workers for most servers
; "auto" uses CPU count but may be excessive for some systems
WORKERS = 2
; Maximum number of seconds a worker can live (helps with memory leaks)
WORKER_LIFETIME = 86400
; Determines if server should stop gracefully or immediately on receiving SIGINT/SIGTERM
GRACEFUL_SHUTDOWN = true
; Timeout in seconds for graceful shutdown (default: 30)
SHUTDOWN_TIMEOUT = 30

[database]
; Current SQLite configuration
SQLALCHEMY_DATABASE_URI = sqlite:///database.db
SQLALCHEMY_TRACK_MODIFICATIONS = false

; ====== DATABASE CONNECTION EXAMPLES ======
; Uncomment one of these examples and comment out the SQLite connection above to switch databases

; === PostgreSQL Example ===
; Setup: 
;   1. Install PostgreSQL server
;   2. Create database and user with proper permissions
;   3. Install Python driver: pip install psycopg2-binary
; 
; SQLALCHEMY_DATABASE_URI = postgresql://username:password@localhost:5432/database_name
; For SSL connection:
; SQLALCHEMY_DATABASE_URI = postgresql://username:password@localhost:5432/database_name?sslmode=require

; === MySQL/MariaDB Example ===
; Setup:
;   1. Install MySQL/MariaDB server
;   2. Create database and user with proper permissions
;   3. Install Python driver: pip install pymysql
;
; SQLALCHEMY_DATABASE_URI = mysql+pymysql://username:password@localhost:3306/database_name
; For SSL connection:
; SQLALCHEMY_DATABASE_URI = mysql+pymysql://username:password@localhost:3306/database_name?ssl_ca=/path/to/ca.pem

; === MSSQL Server Example ===
; Setup:
;   1. Install MSSQL Server
;   2. Create database and user
;   3. Install Python driver: pip install pyodbc
;   4. Install ODBC Driver for SQL Server:
;      - On Ubuntu/Debian: 
;        sudo apt-get install -y unixodbc-dev
;        sudo curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
;        sudo curl https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/prod.list > /etc/apt/sources.list.d/mssql-release.list
;        sudo apt-get update
;        sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18  # Driver 18 (latest)
;        # Or for older driver: sudo ACCEPT_EULA=Y apt-get install -y msodbcsql17
;      - On RHEL/CentOS:
;        sudo curl https://packages.microsoft.com/config/rhel/8/prod.repo > /etc/yum.repos.d/mssql-release.repo
;        sudo ACCEPT_EULA=Y dnf install -y msodbcsql18  # Driver 18 (latest)
;        # Or for older driver: sudo ACCEPT_EULA=Y dnf install -y msodbcsql17
;      - On Windows: 
;        Download and install from https://go.microsoft.com/fwlink/?linkid=2249006  # Driver 18
;        # Or for older driver: https://go.microsoft.com/fwlink/?linkid=2187217  # Driver 17
;
; # Using ODBC Driver 18 (recommended)
; SQLALCHEMY_DATABASE_URI = mssql+pyodbc://username:password@server_name/database_name?driver=ODBC+Driver+18+for+SQL+Server
; # Using ODBC Driver 17
; SQLALCHEMY_DATABASE_URI = mssql+pyodbc://username:password@server_name/database_name?driver=ODBC+Driver+17+for+SQL+Server
; # For named instance:
; SQLALCHEMY_DATABASE_URI = mssql+pyodbc://username:password@server_name\\instance_name/database_name?driver=ODBC+Driver+18+for+SQL+Server

[session]
SESSION_COOKIE_SECURE = true
SESSION_COOKIE_HTTPONLY = true
SESSION_COOKIE_SAMESITE = Lax
REMEMBER_COOKIE_SECURE = true
REMEMBER_COOKIE_HTTPONLY = true
REMEMBER_COOKIE_DURATION = 7200
PERMANENT_SESSION_LIFETIME = 7200

[cache]
STATIC_MAX_AGE = 86400
IMAGE_MAX_AGE = 604800
JS_CSS_MAX_AGE = 43200
ENABLE_COMPRESSION = true
COMPRESSION_LEVEL = 6
COMPRESSION_MIN_SIZE = 500

[security]
; Security headers configuration
CONTENT_SECURITY_POLICY = default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'
ENABLE_HSTS = true
HSTS_MAX_AGE = 31536000
ENABLE_SECURITY_HEADERS = true

[rate_limiting]
; Rate limiting configuration
ENABLE_RATE_LIMITING = true
; Redis connection for rate limiting (leave empty to use in-memory storage)
; REDIS_URL = redis://localhost:6379/0
REDIS_URL = 
; Login endpoint limits
LOGIN_LIMIT = 10
LOGIN_PERIOD = 60
; Registration endpoint limits  
REGISTER_LIMIT = 5
REGISTER_PERIOD = 300
; API endpoint limits
API_LIMIT = 60
API_PERIOD = 60

[proxy]
; Reverse proxy configuration for Traefik
; Number of proxies between the client and your app (default: 1 for single proxy like Traefik)
PROXY_COUNT = 1
; Whether to trust X-Forwarded-For header (required for Traefik)
TRUST_X_FORWARDED_FOR = true
; Whether to trust X-Forwarded-Proto header (for HTTPS detection)
TRUST_X_FORWARDED_PROTO = true
; Whether to trust X-Forwarded-Host header 
TRUST_X_FORWARDED_HOST = true
; Whether to trust X-Forwarded-Port header
TRUST_X_FORWARDED_PORT = true
; Whether to trust X-Forwarded-Prefix header
TRUST_X_FORWARDED_PREFIX = false
; Trusted proxy IPs (leave empty to trust all, comma-separated for multiple)
; For production with Traefik, specify your Traefik container IP or Docker network CIDR
; Examples:
; TRUSTED_PROXIES = 172.16.0.0/12,10.0.0.0/8,192.168.0.0/16  # Docker default networks
; TRUSTED_PROXIES = 172.20.0.2,172.20.0.3                     # Specific Traefik IPs
; TRUSTED_PROXIES = 172.18.0.0/16                             # Custom Docker network
; For development/testing, leave empty to trust all proxies:
TRUSTED_PROXIES =

[logging]
; Database logging configuration
; Enable/disable database logging entirely
DB_LOGGING_ENABLED = true

; Loggers to exclude from database logging (comma-separated)
; These loggers often create feedback loops or excessive noise
DB_LOGGING_FILTERED_LOGGERS = watchfiles.main,watchfiles.watcher,watchdog,uvicorn.access,__mp_main__,__main__,app

; Message patterns to exclude from database logging (comma-separated)
; Messages containing these patterns will not be logged to database
DB_LOGGING_FILTERED_PATTERNS = database.db,instance/,file changed,reloading

; Enable filtering of file watcher logs (prevents feedback loops in debug mode)
FILTER_FILE_WATCHER_LOGS = true

; Minimum time between identical log entries (seconds) to prevent spam
DB_LOGGING_DEDUPE_INTERVAL = 1
first commit 2025-05-25 20:26:18 +01:00			`[app]`
			`SECRET_KEY = your_secret_key`
			`APP_DEBUG = true`
			`TIMEZONE = Europe/London`

			`[server]`
			`HOST = 0.0.0.0`
			`PORT = 8000`
			`SSL_CERTFILE = instance/certs/cert.pem`
			`SSL_KEYFILE = instance/certs/key.pem`
			`; Server configuration`
			`; DEVELOPMENT_MODE: When true, enables development features (default: false)`
			`DEVELOPMENT_MODE = true`
			`; Watch for file changes and reload automatically (development only, default: false)`
			`WATCH_FILES = true`
			`; Number of worker processes for Uvicorn (default: 1)`
			`; For production, set to 2-4 workers for most servers`
			`; "auto" uses CPU count but may be excessive for some systems`
			`WORKERS = 2`
			`; Maximum number of seconds a worker can live (helps with memory leaks)`
			`WORKER_LIFETIME = 86400`
			`; Determines if server should stop gracefully or immediately on receiving SIGINT/SIGTERM`
			`GRACEFUL_SHUTDOWN = true`
			`; Timeout in seconds for graceful shutdown (default: 30)`
			`SHUTDOWN_TIMEOUT = 30`

			`[database]`
			`; Current SQLite configuration`
			`SQLALCHEMY_DATABASE_URI = sqlite:///database.db`
			`SQLALCHEMY_TRACK_MODIFICATIONS = false`

			`; ====== DATABASE CONNECTION EXAMPLES ======`
			`; Uncomment one of these examples and comment out the SQLite connection above to switch databases`

			`; === PostgreSQL Example ===`
			`; Setup:`
			`; 1. Install PostgreSQL server`
			`; 2. Create database and user with proper permissions`
			`; 3. Install Python driver: pip install psycopg2-binary`
			`;`
			`; SQLALCHEMY_DATABASE_URI = postgresql://username:password@localhost:5432/database_name`
			`; For SSL connection:`
			`; SQLALCHEMY_DATABASE_URI = postgresql://username:password@localhost:5432/database_name?sslmode=require`

			`; === MySQL/MariaDB Example ===`
			`; Setup:`
			`; 1. Install MySQL/MariaDB server`
			`; 2. Create database and user with proper permissions`
			`; 3. Install Python driver: pip install pymysql`
			`;`
			`; SQLALCHEMY_DATABASE_URI = mysql+pymysql://username:password@localhost:3306/database_name`
			`; For SSL connection:`
			`; SQLALCHEMY_DATABASE_URI = mysql+pymysql://username:password@localhost:3306/database_name?ssl_ca=/path/to/ca.pem`

			`; === MSSQL Server Example ===`
			`; Setup:`
			`; 1. Install MSSQL Server`
			`; 2. Create database and user`
			`; 3. Install Python driver: pip install pyodbc`
			`; 4. Install ODBC Driver for SQL Server:`
			`; - On Ubuntu/Debian:`
			`; sudo apt-get install -y unixodbc-dev`
			`; sudo curl https://packages.microsoft.com/keys/microsoft.asc \| apt-key add -`
			`; sudo curl https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/prod.list > /etc/apt/sources.list.d/mssql-release.list`
			`; sudo apt-get update`
			`; sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18 # Driver 18 (latest)`
			`; # Or for older driver: sudo ACCEPT_EULA=Y apt-get install -y msodbcsql17`
			`; - On RHEL/CentOS:`
			`; sudo curl https://packages.microsoft.com/config/rhel/8/prod.repo > /etc/yum.repos.d/mssql-release.repo`
			`; sudo ACCEPT_EULA=Y dnf install -y msodbcsql18 # Driver 18 (latest)`
			`; # Or for older driver: sudo ACCEPT_EULA=Y dnf install -y msodbcsql17`
			`; - On Windows:`
			`; Download and install from https://go.microsoft.com/fwlink/?linkid=2249006 # Driver 18`
			`; # Or for older driver: https://go.microsoft.com/fwlink/?linkid=2187217 # Driver 17`
			`;`
			`; # Using ODBC Driver 18 (recommended)`
			`; SQLALCHEMY_DATABASE_URI = mssql+pyodbc://username:password@server_name/database_name?driver=ODBC+Driver+18+for+SQL+Server`
			`; # Using ODBC Driver 17`
			`; SQLALCHEMY_DATABASE_URI = mssql+pyodbc://username:password@server_name/database_name?driver=ODBC+Driver+17+for+SQL+Server`
			`; # For named instance:`
			`; SQLALCHEMY_DATABASE_URI = mssql+pyodbc://username:password@server_name\\instance_name/database_name?driver=ODBC+Driver+18+for+SQL+Server`

			`[session]`
			`SESSION_COOKIE_SECURE = true`
			`SESSION_COOKIE_HTTPONLY = true`
			`SESSION_COOKIE_SAMESITE = Lax`
			`REMEMBER_COOKIE_SECURE = true`
			`REMEMBER_COOKIE_HTTPONLY = true`
			`REMEMBER_COOKIE_DURATION = 7200`
			`PERMANENT_SESSION_LIFETIME = 7200`

			`[cache]`
			`STATIC_MAX_AGE = 86400`
			`IMAGE_MAX_AGE = 604800`
			`JS_CSS_MAX_AGE = 43200`
			`ENABLE_COMPRESSION = true`
			`COMPRESSION_LEVEL = 6`
			`COMPRESSION_MIN_SIZE = 500`

			`[security]`
			`; Security headers configuration`
			`CONTENT_SECURITY_POLICY = default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-ancestors 'self'; form-action 'self'; base-uri 'self'`
			`ENABLE_HSTS = true`
			`HSTS_MAX_AGE = 31536000`
			`ENABLE_SECURITY_HEADERS = true`

			`[rate_limiting]`
			`; Rate limiting configuration`
			`ENABLE_RATE_LIMITING = true`
			`; Redis connection for rate limiting (leave empty to use in-memory storage)`
			`; REDIS_URL = redis://localhost:6379/0`
			`REDIS_URL =`
			`; Login endpoint limits`
			`LOGIN_LIMIT = 10`
			`LOGIN_PERIOD = 60`
			`; Registration endpoint limits`
			`REGISTER_LIMIT = 5`
			`REGISTER_PERIOD = 300`
			`; API endpoint limits`
			`API_LIMIT = 60`
			`API_PERIOD = 60`

			`[proxy]`
			`; Reverse proxy configuration for Traefik`
			`; Number of proxies between the client and your app (default: 1 for single proxy like Traefik)`
			`PROXY_COUNT = 1`
			`; Whether to trust X-Forwarded-For header (required for Traefik)`
			`TRUST_X_FORWARDED_FOR = true`
			`; Whether to trust X-Forwarded-Proto header (for HTTPS detection)`
			`TRUST_X_FORWARDED_PROTO = true`
			`; Whether to trust X-Forwarded-Host header`
			`TRUST_X_FORWARDED_HOST = true`
			`; Whether to trust X-Forwarded-Port header`
			`TRUST_X_FORWARDED_PORT = true`
			`; Whether to trust X-Forwarded-Prefix header`
			`TRUST_X_FORWARDED_PREFIX = false`
			`; Trusted proxy IPs (leave empty to trust all, comma-separated for multiple)`
			`; For production with Traefik, specify your Traefik container IP or Docker network CIDR`
			`; Examples:`
			`; TRUSTED_PROXIES = 172.16.0.0/12,10.0.0.0/8,192.168.0.0/16 # Docker default networks`
			`; TRUSTED_PROXIES = 172.20.0.2,172.20.0.3 # Specific Traefik IPs`
			`; TRUSTED_PROXIES = 172.18.0.0/16 # Custom Docker network`
			`; For development/testing, leave empty to trust all proxies:`
			`TRUSTED_PROXIES =`

			`[logging]`
			`; Database logging configuration`
			`; Enable/disable database logging entirely`
			`DB_LOGGING_ENABLED = true`

			`; Loggers to exclude from database logging (comma-separated)`
			`; These loggers often create feedback loops or excessive noise`
			`DB_LOGGING_FILTERED_LOGGERS = watchfiles.main,watchfiles.watcher,watchdog,uvicorn.access,__mp_main__,__main__,app`

			`; Message patterns to exclude from database logging (comma-separated)`
			`; Messages containing these patterns will not be logged to database`
			`DB_LOGGING_FILTERED_PATTERNS = database.db,instance/,file changed,reloading`

			`; Enable filtering of file watcher logs (prevents feedback loops in debug mode)`
			`FILTER_FILE_WATCHER_LOGS = true`

			`; Minimum time between identical log entries (seconds) to prevent spam`
			`DB_LOGGING_DEDUPE_INTERVAL = 1`