SECRET_KEY=change-me-to-a-long-random-string
# Set in production behind HTTPS:
# SESSION_COOKIE_SECURE=true
# SESSION_PERMANENT=true
# SESSION_DAYS=14

# Web operator login (single user)
WEBAPP_USERNAME=admin
# Plain password
WEBAPP_PASSWORD=change-me
# Or use a Werkzeug hash instead of plain WEBAPP_PASSWORD:
# WEBAPP_PASSWORD_HASH=pbkdf2:sha256:600000$...

# Encrypts SSH passwords and keys at rest (any string; hashed to Fernet key internally)
CREDENTIALS_ENCRYPTION_KEY=change-me-to-a-long-secret

# MariaDB / MySQL
MYSQL_HOST=127.0.0.1
MYSQL_PORT=3306
MYSQL_USER=sshweb
MYSQL_PASSWORD=change-me
MYSQL_DATABASE=ssh_web
MYSQL_POOL_SIZE=5

# Max simultaneous SSH sessions from this app instance
MAX_CONCURRENT_SSH=32

# Paramiko SSH keepalive interval (seconds); set 0 to disable.
SSH_KEEPALIVE_INTERVAL=15

# WebSocket keepalive interval (seconds); server sends traffic to avoid proxy idle timeouts.
WS_KEEPALIVE_INTERVAL=25