# Copy this file to .env and fill in your values
# cp .env.example .env

# =============================================================
# T-Pot Remote Connection
# =============================================================

# Full URL to your remote T-Pot's Elasticsearch
# T-Pot typically exposes ES on port 64298 locally.
#
# OPTION A: Direct connection (if your T-Pot ES is network-reachable)
# ELASTICSEARCH_URL=http://your-tpot-ip:64298
#
# OPTION B: SSH tunnel (recommended for security)
# 1. On your host machine, create an SSH tunnel:
#    ssh -N -L 64298:localhost:9200 user@your-tpot-host -i /path/to/key
# 2. Then use host.docker.internal to reach your host from the container:
# ELASTICSEARCH_URL=http://host.docker.internal:64298
#
ELASTICSEARCH_URL=http://your-tpot-host:64298

# Port to expose the attack map web UI (default: 8080)
WEB_PORT=8080

# Set to DISABLED to suppress console attack log output
TPOT_ATTACKMAP_TEXT=ENABLED