APP_NAME=Laravel
APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost

APP_LOCALE=en
APP_FALLBACK_LOCALE=en
APP_FAKER_LOCALE=en_US

APP_MAINTENANCE_DRIVER=file
# APP_MAINTENANCE_STORE=database

PHP_CLI_SERVER_WORKERS=4

BCRYPT_ROUNDS=12

LOG_CHANNEL=stack
LOG_STACK=single
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug

DB_CONNECTION=sqlite
# DB_HOST=127.0.0.1
# DB_PORT=3306
# DB_DATABASE=laravel
# DB_USERNAME=root
# DB_PASSWORD=

SESSION_DRIVER=database
SESSION_LIFETIME=120
SESSION_ENCRYPT=false
SESSION_PATH=/
SESSION_DOMAIN=null

BROADCAST_CONNECTION=log
FILESYSTEM_DISK=local
QUEUE_CONNECTION=database

CACHE_STORE=database
# CACHE_PREFIX=

MEMCACHED_HOST=127.0.0.1

REDIS_CLIENT=phpredis
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379

MAIL_MAILER=log
MAIL_SCHEME=null
MAIL_HOST=127.0.0.1
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_FROM_ADDRESS="hello@example.com"
MAIL_FROM_NAME="${APP_NAME}"

MAILGUN_DOMAIN=
MAILGUN_SECRET=
MAILGUN_ENDPOINT=api.mailgun.net

AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=
AWS_USE_PATH_STYLE_ENDPOINT=false

VITE_APP_NAME="${APP_NAME}"

# ============================================
# SECURITY SETTINGS (Added: 2026-01-05)
# ============================================

# Admin Panel Security
# --------------------
# Custom admin path (avoid using 'admin', 'backend', 'panel')
# Suggestions: mgmt-xk9j2p, console-8h3m4n, secure-ctrl-2026
ADMIN_PATH=admin

# IP Whitelist for Admin Access
# Format: IP1,IP2,CIDR1,CIDR2
# Get your IP: curl ifconfig.me
# Example: ADMIN_ALLOWED_IPS=203.0.113.5,192.168.1.0/24,10.0.0.0/8
ADMIN_ALLOWED_IPS=

# Session Security (Production recommended settings)
# --------------------------------------------------
SESSION_SECURE_COOKIE=true
SESSION_SAME_SITE=strict

# For Playwright Testing
PLAYWRIGHT_TEST_DOMAIN="http://playwright.testing.domain"