# ZCLAW SaaS 配置文件
# 生产环境请通过环境变量覆盖敏感配置:
#   ZCLAW_DATABASE_URL - 数据库连接字符串 (含密码)
#   ZCLAW_SAAS_JWT_SECRET - JWT 签名密钥
#   ZCLAW_TOTP_ENCRYPTION_KEY - TOTP 加密密钥 (64 字符 hex)
#   ZCLAW_ADMIN_USERNAME / ZCLAW_ADMIN_PASSWORD - 初始管理员账号

[server]
host = "0.0.0.0"
port = 8080
# CORS 允许的来源; 开发环境使用 localhost, 生产环境改为实际域名
cors_origins = ["http://localhost:1420", "http://localhost:5173", "http://localhost:3000"]

[database]
# 开发环境默认值; 生产环境务必设置 ZCLAW_DATABASE_URL 环境变量
url = "postgres://postgres:postgres@localhost:5432/zclaw"

[auth]
jwt_expiration_hours = 24
totp_issuer = "ZCLAW SaaS"

[relay]
max_queue_size = 1000
max_concurrent_per_provider = 5
batch_window_ms = 50
retry_delay_ms = 1000
max_attempts = 3

[rate_limit]
requests_per_minute = 60
burst = 10

[scheduler]
# 定时任务配置 (可选)
# jobs = [
#   { name = "cleanup-expired-tokens", interval = "1h", task = "token_cleanup", run_on_start = false },
#   { name = "aggregate-usage-stats", interval = "24h", task = "usage_aggregation", run_on_start = true },
# ]