# Production Configuration for Code of Conquest

app:
  name: "Code of Conquest"
  version: "0.1.0"
  environment: "production"
  debug: false

server:
  host: "0.0.0.0"
  port: 5000
  workers: 4

redis:
  host: "redis"  # Docker service name or production host
  port: 6379
  db: 0
  max_connections: 100

rq:
  queues:
    - "ai_tasks"
    - "combat_tasks"
    - "marketplace_tasks"
  worker_timeout: 600
  job_timeout: 300

ai:
  timeout: 30
  max_retries: 3
  cost_alert_threshold: 500.00

  models:
    free:
      provider: "replicate"
      model: "meta/meta-llama-3-70b-instruct"
      max_tokens: 256
      temperature: 0.7

    standard:
      provider: "anthropic"
      model: "claude-3-5-haiku-20241022"
      max_tokens: 512
      temperature: 0.8

    premium:
      provider: "anthropic"
      model: "claude-3-5-sonnet-20241022"
      max_tokens: 1024
      temperature: 0.9

rate_limiting:
  enabled: true
  storage_url: "redis://redis:6379/1"

  tiers:
    free:
      requests_per_minute: 30
      ai_calls_per_day: 50
      custom_actions_per_day: 10
      custom_action_char_limit: 150
    basic:
      requests_per_minute: 60
      ai_calls_per_day: 200
      custom_actions_per_day: 50
      custom_action_char_limit: 300
    premium:
      requests_per_minute: 120
      ai_calls_per_day: 1000
      custom_actions_per_day: -1  # Unlimited
      custom_action_char_limit: 500
    elite:
      requests_per_minute: 300
      ai_calls_per_day: -1  # Unlimited
      custom_actions_per_day: -1  # Unlimited
      custom_action_char_limit: 500

session:
  timeout_minutes: 30
  auto_save_interval: 5
  min_players: 1
  max_players_by_tier:
    free: 1
    basic: 2
    premium: 6
    elite: 10

auth:
  # Authentication cookie settings
  cookie_name: "coc_session"
  duration_normal: 86400        # 24 hours (seconds)
  duration_remember_me: 2592000 # 30 days (seconds)
  http_only: true
  secure: true                  # HTTPS only in production
  same_site: "Lax"
  path: "/"

  # Password requirements
  password_min_length: 8
  password_require_uppercase: true
  password_require_lowercase: true
  password_require_number: true
  password_require_special: true

  # User input validation
  name_min_length: 3
  name_max_length: 50
  email_max_length: 255

  # Session cache settings (Redis-based, reduces Appwrite API calls)
  session_cache:
    enabled: true
    ttl_seconds: 300       # 5 minutes
    redis_db: 2            # Separate from RQ (db 0) and rate limiting (db 1)

marketplace:
  auction_check_interval: 300  # 5 minutes
  max_listings_by_tier:
    premium: 10
    elite: 25

cors:
  origins:
    - "https://yourdomain.com"  # Replace with actual production domain

logging:
  level: "INFO"
  format: "json"
  handlers:
    - "console"
    - "file"
  file_path: "/var/log/coc/app.log"