# trx-client Configuration File
#
# Copy this file to one of:
#   ./trx-client.toml                   (current directory)
#   ~/.config/trx-rs/client.toml        (user config)
#   /etc/trx-rs/client.toml             (system-wide)
#
# Or specify a custom path with: trx-client --config /path/to/config.toml
#
# CLI arguments override config file values.

[general]
# Callsign or station identifier displayed in frontends
callsign = "N0CALL"

# Log level: trace, debug, info, warn, error
# log_level = "info"

[remote]
# Remote trx-server URL (host:port)
url = "192.168.1.100:9000"

# Poll interval in milliseconds
poll_interval_ms = 750

[remote.auth]
# Bearer token for authenticating with the remote server
token = "my-token"

[frontends.http]
# Enable HTTP/REST frontend with SSE for real-time updates
enabled = true
listen = "127.0.0.1"
port = 8080

[frontends.http.auth]
# Optional passphrase-based authentication for the HTTP frontend
# Disabled by default to preserve backward compatibility

# Enable authentication (default: false)
enabled = false

# Read-only passphrase: grants access to status/events/audio (rx role)
# Leave unset to disable rx access
# rx_passphrase = "rx-only-passphrase"

# Full control passphrase: grants access to all endpoints including TX/PTT (control role)
# Leave unset to disable control access
# control_passphrase = "full-control-passphrase"

# Enforce TX/PTT access control (default: true)
# When true, TX/PTT endpoints return 404 to authenticated users without control role
tx_access_control_enabled = true

# Session time-to-live in minutes (default: 480 = 8 hours)
session_ttl_min = 480

# Set Secure flag on session cookie (default: false)
# Should be true if served over HTTPS; false for HTTP/localhost
cookie_secure = false

# Cookie SameSite attribute: Strict, Lax (default), or None
# Lax is a good balance between security and usability
cookie_same_site = "Lax"

[frontends.rigctl]
# Enable rigctl-compatible TCP interface (hamlib compatible)
enabled = false
listen = "127.0.0.1"
port = 4532

[frontends.http_json]
# Enable JSON-over-TCP control interface
enabled = true
listen = "127.0.0.1"
# Set to 0 to bind an ephemeral port
port = 0
# List of accepted bearer tokens (empty = no auth)
# auth.tokens = ["example-token"]

[frontends.audio]
# Enable remote audio stream and decode transport
enabled = true
# Remote trx-server audio port
server_port = 4533

[frontends.audio.bridge]
# Enable local cpal bridge for WSJT-X virtual audio routing
enabled = false
# Optional exact output device name for RX playback
# rx_output_device = "BlackHole 2ch"
# Optional exact input device name for TX capture
# tx_input_device = "BlackHole 2ch"
# Playback/capture gain multipliers
rx_gain = 1.0
tx_gain = 1.0