# In all environments, the following files are loaded if they exist,
# the later taking precedence over the former:
#
#  * .env                contains default values for the environment variables needed by the app
#  * .env.local          uncommitted file with local overrides
#  * .env.$APP_ENV       committed environment-specific defaults
#  * .env.$APP_ENV.local uncommitted environment-specific overrides
#
# Real environment variables win over .env files.
#
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
#
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
# https://symfony.com/doc/current/best_practices/configuration.html#infrastructure-related-configuration

APP_ENV=dev
APP_SECRET=

# KEYCLOAK
KEYCLOAK_SERVER_URL=https://auth.your-server/auth
KEYCLOAK_REALM=your-realm
KEYCLOAK_FRONTEND_CLIENT_ID=your-client-id
# If not empty gets used to check if the access token got issued
# for this audience ('api-gw' for example)
KEYCLOAK_AUDIENCE=api-gw
# Set to true to enable remote access token validation
KEYCLOAK_REMOTE_VALIDATION=false
KEYCLOAK_CLIENT_ID=
KEYCLOAK_CLIENT_SECRET=

# Deployment related
API_BUILDINFO=unknown  # a git hash or something identifying the build
API_BUILDINFO_URL='#'