# 认证配置（按优先级选择其一）

# 方式1：使用固定API密钥（推荐生产环境，最高优先级）
FACTORY_API_KEY=your_factory_api_key_here

# 方式2：使用refresh token自动刷新（次优先级）
DROID_REFRESH_KEY=your_refresh_token_here

# refresh token 请求超时与重试（可选）
DROID_REFRESH_TIMEOUT_MS=15000
DROID_REFRESH_RETRIES=2
DROID_REFRESH_RETRY_BASE_MS=500

# 阿里云日志服务配置
SLS_ENABLED=false
ALIYUN_ACCESS_KEY_ID=your_access_key_id
ALIYUN_ACCESS_KEY_SECRET=your_access_key_secret
ALIYUN_SLS_ENDPOINT=cn-hangzhou.log.aliyuncs.com
ALIYUN_SLS_PROJECT=your_project_name
ALIYUN_SLS_LOGSTORE=your_logstore_name

# Deploy Configuration (sync-accounts.sh)
SYNC_SERVER=user@your-server.com
SYNC_REMOTE_PATH=/opt/droid2api
DEPLOY_TYPE=docker-compose
DOCKER_SERVICE_NAME=droid2api
PM2_APP_NAME=droid2api

# Cloudflare Tunnel Configuration (Optional)
# Get token from: https://one.dash.cloudflare.com/ -> Networks -> Tunnels
TUNNEL_TOKEN=

# CORS Configuration (Optional, overrides config.json)
# CORS_ENABLED=true
# CORS_ALLOW_ALL=false
# CORS_ORIGINS=https://app1.com,https://app2.com

# API Authentication - Protect your API endpoints
# Recommended for production or when used as backend for new-api/one-api
#
# Security flow: User -> [new-api验证] -> [droid2api验证] -> Factory API
#
AUTH_ENABLED=false                     # Set to true to enable authentication
API_KEYS=sk-internal-secret-key        # Internal key shared with new-api (comma-separated for multiple)
AUTH_PUBLIC_MODELS=true                # Allow /v1/models without auth