import Config

# Runtime secrets — each release only requires its own secret key
if config_env() == :prod do
  config :centralcloud_my, CentralcloudMy.Endpoint,
    secret_key_base: System.get_env("MY_SECRET_KEY_BASE") || System.fetch_env!("MY_SECRET_KEY_BASE")

  # OPS_SECRET_KEY_BASE only required when running the centralcloud_ops release
  if ops_key = System.get_env("OPS_SECRET_KEY_BASE") do
    config :centralcloud_ops, CentralcloudOps.Endpoint, secret_key_base: ops_key
  end
end

config :centralcloud_core, :hostbill,
  base_url: System.get_env("HOSTBILL_URL", "https://portal.centralcloud.com"),
  api_id:   System.get_env("HOSTBILL_API_ID"),
  api_key:  System.get_env("HOSTBILL_API_KEY")

config :centralcloud_core, :dr_portal,
  base_url: System.get_env("DR_PORTAL_URL", "https://dr.centralcloud.com"),
  api_key:  System.get_env("DR_PORTAL_API_KEY")

config :centralcloud_core, :oncall,
  base_url: System.get_env("ONCALL_URL", "https://oncall.centralcloud.com"),
  token:    System.get_env("ONCALL_API_TOKEN")

config :centralcloud_core, :oidc,
  issuer:        System.get_env("AUTHENTIK_ISSUER", "https://sso.centralcloud.com/application/o/centralcloud/"),
  client_id:     System.get_env("OIDC_CLIENT_ID"),
  client_secret: System.get_env("OIDC_CLIENT_SECRET")