# ============================================================================
# AGENTQL API MCP SERVER CONFIGURATION
# ============================================================================
# Generated: 2026-03-24 21:49:35 UTC
#
# This file contains all configuration for the MCP server.
# Copy to .env and configure for your environment.
#
# IMPORTANT: Never commit .env to version control
# ============================================================================

# ============================================================================
# Authentication Credentials
# ============================================================================
# APIKeyHeader: API Key Authentication
# Type: API Key (header: X-API-Key)
API_KEY=

# ============================================================================
# API Base URL
# ============================================================================
# Change to http://localhost:PORT if testing against a local API instance
BASE_URL=https://api.agentql.com

# ============================================================================
# Timeouts and Connection Pool
# ============================================================================

# HTTPX client granular timeout configuration (seconds)
# These control different phases of the HTTP request lifecycle:

# Connection establishment timeout
HTTPX_CONNECT_TIMEOUT=10.0

# Response read timeout (main bottleneck for slow APIs)
HTTPX_READ_TIMEOUT=60.0

# Request body write timeout
HTTPX_WRITE_TIMEOUT=30.0

# Connection pool acquisition timeout
HTTPX_POOL_TIMEOUT=5.0

# Overall tool execution timeout (wraps entire operation + retries)
# Should be higher than HTTPX_READ_TIMEOUT to allow completion
TOOL_EXECUTION_TIMEOUT=90.0

# Connection pool configuration
CONNECTION_POOL_SIZE=100
MAX_KEEPALIVE_CONNECTIONS=20

# ============================================================================
# Response Sanitization
# ============================================================================

# Sanitization level (controls which fields are redacted from responses)
# Values:
#   DISABLED - No sanitization (fastest, shows all data including secrets) [DEFAULT]
#   LOW      - Basic secrets (password, token, secret, private_key)
#   MEDIUM   - LOW + Auth fields (auth_token, access_token, credentials, authorization)
#   HIGH     - MEDIUM + Session/IDs (session_id, cookie, api_key, user_id, account_id, ip_address, hostname)
SANITIZATION_LEVEL=DISABLED

# ============================================================================
# Logging Configuration
# ============================================================================

# Log level (controls verbosity)
# Values: DEBUG, INFO, WARNING, ERROR
# - DEBUG: Very verbose (shows all requests, responses, internal state)
# - INFO: Standard logging (shows requests and important events) [DEFAULT]
# - WARNING: Only warnings and errors
# - ERROR: Only errors
LOG_LEVEL=INFO

# Log format (controls output structure)
# Values:
#   simple   - "INFO: Message" [DEFAULT]
#   detailed - "2025-12-22 10:30:45 INFO [request_id=abc123] Message"
LOG_FORMAT=simple

# ============================================================================
# Retry Logic Configuration
# ============================================================================
# Automatic retry for failed requests with exponential backoff

# Maximum number of retry attempts
# Recommendation: 3-5 retries for most APIs
MAX_RETRIES=3

# Exponential backoff multiplier
# Calculation: delay = base_delay * (backoff_factor ^ retry_number)
# Example with backoff_factor=2.0:
#   Retry 1: 1 second
#   Retry 2: 2 seconds
#   Retry 3: 4 seconds
#   Retry 4: 8 seconds
RETRY_BACKOFF_FACTOR=2

# ============================================================================
# Circuit Breaker Configuration
# ============================================================================
# Prevents cascading failures when upstream API is down

# Number of consecutive failures before opening circuit
# Once open, circuit breaker blocks all requests for timeout period
# Recommendation: 5-10 failures for most APIs
CIRCUIT_BREAKER_FAILURE_THRESHOLD=5

# Seconds to wait before attempting half-open state
# In half-open state, one request is allowed through to test recovery
# Recommendation: 60-300 seconds depending on API recovery time
CIRCUIT_BREAKER_TIMEOUT_SECONDS=60

# ============================================================================
# Rate Limiting Configuration
# ============================================================================
# Local in-memory rate limiting (single process only)

# Maximum requests per second
# Prevents overwhelming upstream API with burst traffic
# Recommendation: Match or slightly below API's rate limit
RATE_LIMIT_REQUESTS_PER_SECOND=10

# ============================================================================
# End of Configuration
# ============================================================================
