# Example slskr app config. Environment variables override these values.

[app]
http_bind = "127.0.0.1:5030"
state_dir = "/var/lib/slskr"
auto_connect = false
reconnect = true
reconnect_seconds = 30
ping_seconds = 300
# Logging levels: trace, debug, info, warn, error.
# Can also be overridden with SLSKR_LOG_LEVEL or RUST_LOG.
log_level = "info"

[network]
server_address = "server.slsknet.org:2242"
listen_port = 2234
# Prefer the Web UI "OS credential store" option for desktop/user installs.
# For Linux system services, prefer credential_store = "systemd" with
# LoadCredential= or LoadCredentialEncrypted= in the unit. systemd mode is
# read-only at runtime; update unit credentials and restart the service.
# Alternatives: set credential_store = "memory" for runtime-only entry,
# credential_store = "file" for a restricted local fallback, or keep using
# explicit username/password from env/config for container secret managers.
# credential_store = "os"
# credential_file = "/var/lib/slskr/soulseek-credentials.json"
# username = "user"
# password = "pass"

[listeners]
regular_bind = "0.0.0.0:2234"
advertised_port = 2234
# obfuscated_bind = "0.0.0.0:2235"
# obfuscated_advertised_port = 2235

[profile]
user_info_description = "slskr daemon"

[timeouts]
peer_response_seconds = 5

[shares]
dirs = ["/srv/slskr/shares/music"]
follow_symlinks = false
include_hidden = false
scan_max_files = 50000
# Emit share-index.tsv for compatibility/debug inspection. SQLite share_files is
# the durable share index when [persistence].enabled = true.
cache_tsv_enabled = true
# fixture = "Virtual/Example.flac=12345"

[transfers]
history_limit = 500
max_active = 3
allow_inbound = true
allow_outbound = true

[auth]
# Loopback-only binds default to no API auth unless api_token is configured.
# Non-loopback binds require an API token unless auth is explicitly disabled.
disabled = false
api_token = "replace-with-a-random-token"
cookie_auth_enabled = false
rate_limit_anonymous = 1000
rate_limit_authenticated = 5000
# Trust forwarded client IP headers only from these proxy CIDRs.
trusted_proxy_cidrs = ["127.0.0.1/32"]

[persistence]
enabled = false

[integrations.spotify]
# Spotify is the only current third-party surface here with a real OAuth clickthrough.
# Configure a Spotify app client ID and redirect URI, then the WebUI can open the
# returned authorization_url from /api/integrations/spotify/authorize.
enabled = false
# client_id = "spotify-app-client-id"
# client_secret = "optional-server-side-secret"
# redirect_uri = "http://127.0.0.1:5030/api/integrations/spotify/callback"
market = "US"
scopes = "playlist-read-private playlist-read-collaborative user-library-read"

[integrations.lidarr]
# Lidarr does not provide OAuth; closest one-click UX is URL/API-key setup plus
# a Test/Sync button in the WebUI.
enabled = false
# url = "http://127.0.0.1:8686"
# api_key = "lidarr-api-key"
timeout_seconds = 20

[integrations.bridge]
enabled = false
host = "localhost"
port = 3000

[integrations.external_visualizer]
# Optional local command launched by the daemon. Launching is disabled unless
# launch_enabled is explicitly set.
# command = "projectm"
launch_enabled = false