blob: e966bdabe031e7b94dd022ebb2d09f90bc3b771a [file] [log] [blame]
quarkus.log.console.color = true
quarkus.log.level = INFO
#quarkus.log.category."org.hibernate".level = INFO
#quarkus.log.category."io.quarkus.oidc".level = FINEST
#quarkus.log.category."io.quarkus.vertx".level = FINEST
#quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST
#quarkus.log.category."io.vertx.ext.jwt".level = FINEST
mulkcms.tag-base = hub.benkard.de
mulkcms.posts.default-max-results = 25
quarkus.datasource.db-kind = postgresql
quarkus.datasource.jdbc.driver = org.postgresql.Driver
quarkus.datasource.jdbc.max-size = 8
quarkus.datasource.jdbc.min-size = 0
quarkus.liquibase.migrate-at-start = true
%dev.quarkus.datasource.jdbc.url = jdbc:postgresql://localhost:5432/mulkcms
%dev.quarkus.datasource.username = mulk
%dev.quarkus.datasource.password =
%dev.quarkus.hibernate-orm.log.sql = true
%prod.quarkus.datasource.jdbc.url = jdbc:postgresql://postgresql.system:5432/mulkcms
%prod.quarkus.datasource.username = mulkcms
%prod.quarkus.datasource.password =
%prod.quarkus.hibernate-orm.log.sql = false
# Authentication
quarkus.http.auth.proactive = true
quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
quarkus.oidc.client-id = mulkcms
quarkus.oidc.application-type = web-app
quarkus.oidc.token.principal-claim = preferred_username
quarkus.oidc.authentication.cookie-path = /
#quarkus.oidc.authentication.redirect-path = /oidc/login
quarkus.security.users.file.enabled = false
quarkus.security.users.embedded.enabled = false
# Authentication (dev)
%dev.quarkus.oidc.enabled = false
%dev.quarkus.security.users.embedded.enabled = true
%dev.quarkus.security.users.embedded.plain-text = true
%dev.quarkus.security.users.embedded.users.mulk = mulk
%dev.quarkus.security.users.embedded.roles.mulk = Admin
# Session cookies
quarkus.smallrye-jwt.enabled = false
mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem
mp.jwt.verify.issuer = https://matthias.benkard.de
smallrye.jwt.token.header = Cookie
smallrye.jwt.token.cookie = Bearer
smallrye.jwt.require.named-principal = true
%dev.mulkcms.jwt.keystore.file = example-keys.p12
%prod.mulkcms.jwt.keystore.file = /secrets/keys.p12
mulkcms.jwt.keystore.passphrase = 123456
mulkcms.jwt.signing-key = MulkCMS-IdP
mulkcms.jwt.issuer = https://matthias.benkard.de
mulkcms.jwt.validity = P1D
# Deployment
docker.registry = docker.benkard.de
quarkus.container-image.build = false
quarkus.container-image.push = false
quarkus.container-image.group = mulk
quarkus.container-image.name = mulkcms2
quarkus.container-image.registry = docker.benkard.de
quarkus.jib.base-jvm-image = openjdk:14
#quarkus.jib.jvm-arguments = -XX:+UnlockExperimentalVMOptions,-XX:+UseShenandoahGC,-XX:ShenandoahGCHeuristics=compact
quarkus.native.container-runtime = docker
kubernetes.deployment.target = kubernetes
kubernetes.group = mulk
kubernetes.name = mulkcms2
kubernetes.namespace = mulk
kubernetes.service-type = ClusterIP
kubernetes.image-pull-policy = Always
kubernetes.headless = true
kubernetes.service-account = default
kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD
kubernetes.env-vars[0].secret = mulkcms2-secrets
kubernetes.env-vars[0].value = database-password
kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET
kubernetes.env-vars[1].secret = mulkcms2-secrets
kubernetes.env-vars[1].value = keycloak-secret
kubernetes.secret-volumes[0].volume-name = secrets
kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets
kubernetes.secret-volumes[0].default-mode = 0444
kubernetes.mounts[0].name = secrets
kubernetes.mounts[0].path = /secrets
kubernetes.mounts[0].read-only = true