# --- REQUIRED ---
# OpenAI API Key (Variante B: NUR serverseitig, NIEMALS in Desktop-App)
OPENAI_API_KEY=sk-CHANGE_ME

# Token rotation (preferred): comma-separated, e.g. NEW,OLD
MEDWORK_API_TOKENS=CHANGE_ME_TO_A_LONG_RANDOM_TOKEN_NEW,CHANGE_ME_TO_A_LONG_RANDOM_TOKEN_OLD

# Legacy (optional): single token
# MEDWORK_API_TOKEN=CHANGE_ME_TO_A_LONG_RANDOM_TOKEN

STRIPE_WEBHOOK_SECRET=whsec_CHANGE_ME

# Stripe API key for server-side portal session creation (required for billing portal)
STRIPE_SECRET_KEY=sk_live_CHANGE_ME

# --- OPTIONAL (recommended) ---
AZA_ADMIN_TOKEN=CHANGE_ME_TO_A_LONG_RANDOM_ADMIN_TOKEN
AZA_LOG_LEVEL=INFO
AZA_GRACE_DAYS=0

# Stripe redirect URLs
STRIPE_SUCCESS_URL=https://aza-medwork.ch/billing/success?session_id={CHECKOUT_SESSION_ID}
STRIPE_CANCEL_URL=https://aza-medwork.ch/billing/cancel
STRIPE_PORTAL_RETURN_URL=https://aza-medwork.ch/

# Caddy / ACME
ACME_EMAIL=info@aza-medwork.ch
AZA_DOMAIN=api.aza-medwork.ch
# Dev Status companion window (set to 0 to disable)
DEV_STATUS_WINDOW=1

WEBSEARCH_PROVIDER=google_cse
GOOGLE_CSE_API_KEY=AIzaSyB1Jbb32vsZBZLcaKbRpe6Zo3bqt2KeCjc
GOOGLE_CSE_CX=d47b52ea614b94c02

# WooCommerce License Bridge (WordPress → Hetzner)
WC_PROVISION_SECRET=HIER_EIN_SICHERES_SECRET

# Mail-Versand fuer Lizenzschluessel (Resend bevorzugt, SMTP als Fallback)
RESEND_API_KEY=re_HIER_DEN_KEY_EINTRAGEN
MAIL_FROM=AZA MedWork <noreply@aza-medwork.ch>

# SMTP Fallback (aktuell von Hetzner nicht erreichbar)
SMTP_HOST=asmtp.mail.hostpoint.ch
SMTP_PORT=465
SMTP_USER=noreply@aza-medwork.ch
SMTP_PASS=HIER_DAS_PASSWORT
SMTP_FROM=noreply@aza-medwork.ch