src/main/resources/application.properties - mulkcms2 - Gitiles

 quarkus.log.level = INFO
 #quarkus.log.category."org.hibernate".level = INFO
 #quarkus.log.category."io.quarkus.oidc".level = FINEST
 #quarkus.log.category."io.quarkus.vertx".level = FINEST
 #quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST
 #quarkus.log.category."io.vertx.ext.jwt".level = FINEST

 mulkcms.tag-base = hub.benkard.de
 mulkcms.posts.default-max-results = 25
 mulkcms.newsletter.time-zone = Europe/Vienna

 quarkus.datasource.db-kind = postgresql
 quarkus.datasource.jdbc.driver = org.postgresql.Driver
 quarkus.datasource.jdbc.max-size = 8
 quarkus.datasource.jdbc.min-size = 0

 quarkus.hibernate-orm.validate-in-dev-mode = false

 quarkus.liquibase.migrate-at-start = true

 %dev.quarkus.datasource.jdbc.url = jdbc:postgresql://localhost:5432/mulkcms
 %dev.quarkus.datasource.username = mulk
 %dev.quarkus.datasource.password =
 %dev.quarkus.hibernate-orm.log.sql = true

 %prod.quarkus.datasource.jdbc.url = jdbc:postgresql://postgresql.system:5432/mulkcms
 %prod.quarkus.datasource.username = mulkcms
 %prod.quarkus.datasource.password =
 %prod.quarkus.hibernate-orm.log.sql = false

 # Authentication
 quarkus.http.auth.proactive = true

 quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
 quarkus.oidc.authentication.force-redirect-https-scheme = true
 quarkus.oidc.client-id = mulkcms
 quarkus.oidc.application-type = web-app
 quarkus.oidc.token.principal-claim = preferred_username
 quarkus.oidc.authentication.cookie-path = /
 quarkus.oidc.authentication.redirect-path = /posts
 quarkus.oidc.authentication.restore-path-after-redirect = true

 quarkus.security.users.file.enabled = false
 quarkus.security.users.embedded.enabled = false

 # Authentication (dev)
 %dev.quarkus.oidc.enabled = false
 %dev.quarkus.security.users.embedded.enabled = true
 %dev.quarkus.security.users.embedded.plain-text = true
 %dev.quarkus.security.users.embedded.users.mulk = mulk
 %dev.quarkus.security.users.embedded.roles.mulk = Admin

 # Session cookies
 quarkus.smallrye-jwt.enabled = false
 mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem
 mp.jwt.verify.issuer = https://matthias.benkard.de
 smallrye.jwt.token.header = Cookie
 smallrye.jwt.token.cookie = Bearer
 smallrye.jwt.require.named-principal = true
 %dev.mulkcms.jwt.keystore.file = example-keys.p12
 %prod.mulkcms.jwt.keystore.file = /secrets/keys.p12
 mulkcms.jwt.keystore.passphrase = 123456
 mulkcms.jwt.signing-key = MulkCMS-IdP
 mulkcms.jwt.issuer = https://matthias.benkard.de
 mulkcms.jwt.validity = P1D

 # E-mail settings
 quarkus.mailer.from = MulkCMS <mulkcms@benkard.de>
 quarkus.mailer.host = mail.benkard.de
 quarkus.mailer.port = 587
 quarkus.mailer.start-tls = REQUIRED
 quarkus.mailer.username = mulkcms@benkard.de
 mulkcms.imap.port = 993

 %dev.quarkus.mailer.host = mail.benkard.de
 %dev.quarkus.mailer.from = MulkCMS <test@benkard.de>
 %dev.quarkus.mailer.username = test@benkard.de
 %dev.quarkus.mailer.password = test

 # Deployment
 docker.registry = docker.benkard.de

 quarkus.container-image.build = false
 quarkus.container-image.push = false
 quarkus.container-image.group = mulk
 quarkus.container-image.name = mulkcms2
 quarkus.container-image.registry = docker.benkard.de

 quarkus.jib.base-jvm-image = docker.benkard.de/mulk/openjdk-runtime:latest
 quarkus.jib.jvm-arguments = -XX:G1PeriodicGCInterval=300000,-XX:G1PeriodicGCSystemLoadThreshold=0

 quarkus.native.container-runtime = docker

 kubernetes.deployment.target = kubernetes
 kubernetes.group = mulk
 kubernetes.name = mulkcms2
 kubernetes.namespace = mulk
 kubernetes.service-type = ClusterIP
 kubernetes.image-pull-policy = Always
 kubernetes.headless = true
 kubernetes.service-account = default
 kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD
 kubernetes.env-vars[0].secret = mulkcms2-secrets
 kubernetes.env-vars[0].value = database-password
 kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET
 kubernetes.env-vars[1].secret = mulkcms2-secrets
 kubernetes.env-vars[1].value = keycloak-secret
 kubernetes.env-vars[2].name = QUARKUS_MAILER_PASSWORD
 kubernetes.env-vars[2].secret = mulkcms2-secrets
 kubernetes.env-vars[2].value = email-password
 kubernetes.secret-volumes[0].volume-name = secrets
 kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets
 kubernetes.secret-volumes[0].default-mode = 0444
 kubernetes.mounts[0].name = secrets
 kubernetes.mounts[0].path = /secrets
 kubernetes.mounts[0].read-only = true
	quarkus.log.level = INFO
	#quarkus.log.category."org.hibernate".level = INFO
	#quarkus.log.category."io.quarkus.oidc".level = FINEST
	#quarkus.log.category."io.quarkus.vertx".level = FINEST
	#quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST
	#quarkus.log.category."io.vertx.ext.jwt".level = FINEST

	mulkcms.tag-base = hub.benkard.de
	mulkcms.posts.default-max-results = 25
	mulkcms.newsletter.time-zone = Europe/Vienna

	quarkus.datasource.db-kind = postgresql
	quarkus.datasource.jdbc.driver = org.postgresql.Driver
	quarkus.datasource.jdbc.max-size = 8
	quarkus.datasource.jdbc.min-size = 0

	quarkus.hibernate-orm.validate-in-dev-mode = false

	quarkus.liquibase.migrate-at-start = true

	%dev.quarkus.datasource.jdbc.url = jdbc:postgresql://localhost:5432/mulkcms
	%dev.quarkus.datasource.username = mulk
	%dev.quarkus.datasource.password =
	%dev.quarkus.hibernate-orm.log.sql = true

	%prod.quarkus.datasource.jdbc.url = jdbc:postgresql://postgresql.system:5432/mulkcms
	%prod.quarkus.datasource.username = mulkcms
	%prod.quarkus.datasource.password =
	%prod.quarkus.hibernate-orm.log.sql = false

	# Authentication
	quarkus.http.auth.proactive = true

	quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
	quarkus.oidc.authentication.force-redirect-https-scheme = true
	quarkus.oidc.client-id = mulkcms
	quarkus.oidc.application-type = web-app
	quarkus.oidc.token.principal-claim = preferred_username
	quarkus.oidc.authentication.cookie-path = /
	quarkus.oidc.authentication.redirect-path = /posts
	quarkus.oidc.authentication.restore-path-after-redirect = true

	quarkus.security.users.file.enabled = false
	quarkus.security.users.embedded.enabled = false

	# Authentication (dev)
	%dev.quarkus.oidc.enabled = false
	%dev.quarkus.security.users.embedded.enabled = true
	%dev.quarkus.security.users.embedded.plain-text = true
	%dev.quarkus.security.users.embedded.users.mulk = mulk
	%dev.quarkus.security.users.embedded.roles.mulk = Admin

	# Session cookies
	quarkus.smallrye-jwt.enabled = false
	mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem
	mp.jwt.verify.issuer = https://matthias.benkard.de
	smallrye.jwt.token.header = Cookie
	smallrye.jwt.token.cookie = Bearer
	smallrye.jwt.require.named-principal = true
	%dev.mulkcms.jwt.keystore.file = example-keys.p12
	%prod.mulkcms.jwt.keystore.file = /secrets/keys.p12
	mulkcms.jwt.keystore.passphrase = 123456
	mulkcms.jwt.signing-key = MulkCMS-IdP
	mulkcms.jwt.issuer = https://matthias.benkard.de
	mulkcms.jwt.validity = P1D

	# E-mail settings
	quarkus.mailer.from = MulkCMS <mulkcms@benkard.de>
	quarkus.mailer.host = mail.benkard.de
	quarkus.mailer.port = 587
	quarkus.mailer.start-tls = REQUIRED
	quarkus.mailer.username = mulkcms@benkard.de
	mulkcms.imap.port = 993

	%dev.quarkus.mailer.host = mail.benkard.de
	%dev.quarkus.mailer.from = MulkCMS <test@benkard.de>
	%dev.quarkus.mailer.username = test@benkard.de
	%dev.quarkus.mailer.password = test

	# Deployment
	docker.registry = docker.benkard.de

	quarkus.container-image.build = false
	quarkus.container-image.push = false
	quarkus.container-image.group = mulk
	quarkus.container-image.name = mulkcms2
	quarkus.container-image.registry = docker.benkard.de

	quarkus.jib.base-jvm-image = docker.benkard.de/mulk/openjdk-runtime:latest
	quarkus.jib.jvm-arguments = -XX:G1PeriodicGCInterval=300000,-XX:G1PeriodicGCSystemLoadThreshold=0

	quarkus.native.container-runtime = docker

	kubernetes.deployment.target = kubernetes
	kubernetes.group = mulk
	kubernetes.name = mulkcms2
	kubernetes.namespace = mulk
	kubernetes.service-type = ClusterIP
	kubernetes.image-pull-policy = Always
	kubernetes.headless = true
	kubernetes.service-account = default
	kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD
	kubernetes.env-vars[0].secret = mulkcms2-secrets
	kubernetes.env-vars[0].value = database-password
	kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET
	kubernetes.env-vars[1].secret = mulkcms2-secrets
	kubernetes.env-vars[1].value = keycloak-secret
	kubernetes.env-vars[2].name = QUARKUS_MAILER_PASSWORD
	kubernetes.env-vars[2].secret = mulkcms2-secrets
	kubernetes.env-vars[2].value = email-password
	kubernetes.secret-volumes[0].volume-name = secrets
	kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets
	kubernetes.secret-volumes[0].default-mode = 0444
	kubernetes.mounts[0].name = secrets
	kubernetes.mounts[0].path = /secrets
	kubernetes.mounts[0].read-only = true