// Nuxt 4 config for the dezky public booking app (booking.dezky.eu).
//
// Fully public — NO OIDC, no sessions. It only ever calls the unauthenticated
// /api/v1/public/* endpoints on platform-api, proxied through this app's own
// nitro server routes so the internal API hostname never reaches the browser.
// Whitelabel: every page renders the tenant's branding (name + brandColor),
// fetched per request — there is no dezky-fixed accent.

export default defineNuxtConfig({
  compatibilityDate: '2026-01-01',
  devtools: { enabled: true },

  css: ['~/assets/styles/base.css'],

  runtimeConfig: {
    // Server-only: how nitro reaches platform-api inside the docker network.
    platformApiUrl: process.env.PLATFORM_API_INTERNAL_URL || 'http://platform-api:3001',
    public: {
      siteUrl: process.env.NUXT_PUBLIC_SITE_URL
        || (process.env.NODE_ENV === 'production' ? 'https://booking.dezky.eu' : 'http://localhost:3000'),
      // Cloudflare Turnstile site-key. When set, the booking form renders a
      // captcha widget and sends its token with the booking POST. Server-side
      // enforcement is gated independently by TURNSTILE_SECRET on platform-api.
      turnstileSiteKey: process.env.NUXT_PUBLIC_TURNSTILE_SITE_KEY || '',
    },
  },

  app: {
    head: {
      htmlAttrs: { lang: 'en' },
      link: [{ rel: 'icon', type: 'image/svg+xml', href: '/favicon.svg' }],
      meta: [
        { name: 'viewport', content: 'width=device-width, initial-scale=1' },
        { name: 'robots', content: 'noindex' }, // booking pages aren't for search indexing
      ],
    },
  },

  vite: {
    server: {
      allowedHosts: ['booking.dezky.local'],
      hmr: process.env.DEZKY_TRAEFIK === '1' ? { protocol: 'wss', clientPort: 443 } : undefined,
    },
  },
})