| quarkus.log.console.color = true |
| |
| quarkus.log.level = INFO |
| #quarkus.log.category."org.hibernate".level = INFO |
| #quarkus.log.category."io.quarkus.oidc".level = FINEST |
| #quarkus.log.category."io.quarkus.vertx".level = FINEST |
| #quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST |
| #quarkus.log.category."io.vertx.ext.jwt".level = FINEST |
| |
| mulkcms.tag-base = hub.benkard.de |
| mulkcms.posts.default-max-results = 25 |
| |
| quarkus.datasource.db-kind = postgresql |
| quarkus.datasource.jdbc.driver = org.postgresql.Driver |
| quarkus.datasource.jdbc.max-size = 8 |
| quarkus.datasource.jdbc.min-size = 0 |
| |
| quarkus.liquibase.migrate-at-start = true |
| |
| %dev.quarkus.datasource.jdbc.url = jdbc:postgresql://localhost:5432/mulkcms |
| %dev.quarkus.datasource.username = mulk |
| %dev.quarkus.datasource.password = |
| %dev.quarkus.hibernate-orm.log.sql = true |
| |
| %prod.quarkus.datasource.jdbc.url = jdbc:postgresql://postgresql.system:5432/mulkcms |
| %prod.quarkus.datasource.username = mulkcms |
| %prod.quarkus.datasource.password = |
| %prod.quarkus.hibernate-orm.log.sql = false |
| |
| # Authentication |
| quarkus.http.auth.proactive = true |
| |
| quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master |
| quarkus.oidc.client-id = mulkcms |
| quarkus.oidc.application-type = web-app |
| quarkus.oidc.token.principal-claim = preferred_username |
| quarkus.oidc.authentication.cookie-path = / |
| #quarkus.oidc.authentication.redirect-path = /oidc/login |
| |
| quarkus.security.users.file.enabled = false |
| quarkus.security.users.embedded.enabled = false |
| |
| # Authentication (dev) |
| %dev.quarkus.oidc.enabled = false |
| %dev.quarkus.security.users.embedded.enabled = true |
| %dev.quarkus.security.users.embedded.plain-text = true |
| %dev.quarkus.security.users.embedded.users.mulk = mulk |
| %dev.quarkus.security.users.embedded.roles.mulk = Admin |
| |
| # Session cookies |
| quarkus.smallrye-jwt.enabled = false |
| mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem |
| mp.jwt.verify.issuer = https://matthias.benkard.de |
| smallrye.jwt.token.header = Cookie |
| smallrye.jwt.token.cookie = Bearer |
| smallrye.jwt.require.named-principal = true |
| %dev.mulkcms.jwt.keystore.file = example-keys.p12 |
| %prod.mulkcms.jwt.keystore.file = /secrets/keys.p12 |
| mulkcms.jwt.keystore.passphrase = 123456 |
| mulkcms.jwt.signing-key = MulkCMS-IdP |
| mulkcms.jwt.issuer = https://matthias.benkard.de |
| mulkcms.jwt.validity = P1D |
| |
| # Deployment |
| docker.registry = docker.benkard.de |
| |
| quarkus.container-image.build = false |
| quarkus.container-image.push = false |
| quarkus.container-image.group = mulk |
| quarkus.container-image.name = mulkcms2 |
| quarkus.container-image.registry = docker.benkard.de |
| |
| quarkus.jib.base-jvm-image = openjdk:14 |
| #quarkus.jib.jvm-arguments = -XX:+UnlockExperimentalVMOptions,-XX:+UseShenandoahGC,-XX:ShenandoahGCHeuristics=compact |
| |
| quarkus.native.container-runtime = docker |
| |
| kubernetes.deployment.target = kubernetes |
| kubernetes.group = mulk |
| kubernetes.name = mulkcms2 |
| kubernetes.namespace = mulk |
| kubernetes.service-type = ClusterIP |
| kubernetes.image-pull-policy = Always |
| kubernetes.headless = true |
| kubernetes.service-account = default |
| kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD |
| kubernetes.env-vars[0].secret = mulkcms2-secrets |
| kubernetes.env-vars[0].value = database-password |
| kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET |
| kubernetes.env-vars[1].secret = mulkcms2-secrets |
| kubernetes.env-vars[1].value = keycloak-secret |
| kubernetes.secret-volumes[0].volume-name = secrets |
| kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets |
| kubernetes.secret-volumes[0].default-mode = 0444 |
| kubernetes.mounts[0].name = secrets |
| kubernetes.mounts[0].path = /secrets |
| kubernetes.mounts[0].read-only = true |