blob: c877473eedb8a9348d76561049a747a8930c24f5 [file] [log] [blame]
quarkus.log.console.color = true
quarkus.datasource.driver = org.postgresql.Driver
quarkus.datasource.max-size = 8
quarkus.datasource.min-size = 0
#quarkus.flyway.migrate-at-start = true
#quarkus.flyway.baseline-on-migrate = true
#quarkus.flyway.baseline-version = 1
#quarkus.flyway.schemas = public
%dev.quarkus.datasource.url = jdbc:postgresql://localhost:5432/mulkcms
%dev.quarkus.datasource.username = mulk
%dev.quarkus.datasource.password =
%dev.quarkus.hibernate-orm.log.sql = true
%prod.quarkus.datasource.url = jdbc:postgresql://postgresql.system:5432/mulkcms
%prod.quarkus.datasource.username = mulkcms
%prod.quarkus.datasource.password =
%prod.quarkus.hibernate-orm.log.sql = false
# Authentication
quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
quarkus.oidc.client-id = mulkcms
quarkus.oidc.application-type = web-app
quarkus.oidc.token.principal-claim = preferred_username
quarkus.oidc.authentication.redirect-path = /oidc/login
quarkus.security.users.file.enabled = false
quarkus.security.users.embedded.enabled = false
# Authentication (dev)
%dev.quarkus.oidc.enabled = false
%dev.quarkus.security.users.embedded.enabled = true
%dev.quarkus.security.users.embedded.plain-text = true
%dev.quarkus.security.users.embedded.users.mulk = mulk
%dev.quarkus.security.users.embedded.roles.mulk = Admin
# Session cookies
quarkus.smallrye-jwt.enabled = false
mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem
mp.jwt.verify.issuer = https://matthias.benkard.de
smallrye.jwt.token.header = Cookie
smallrye.jwt.token.cookie = Bearer
smallrye.jwt.require.named-principal = true
%dev.mulkcms.jwt.keystore.file = example-keys.p12
%prod.mulkcms.jwt.keystore.file = /secrets/keys.p12
mulkcms.jwt.keystore.passphrase = 123456
mulkcms.jwt.signing-key = MulkCMS-IdP
mulkcms.jwt.issuer = https://matthias.benkard.de
mulkcms.jwt.validity = P1D
# Deployment
docker.registry = docker.benkard.de
kubernetes.deployment.target = kubernetes
kubernetes.group = mulk
kubernetes.name = mulkcms2
kubernetes.namespace = mulk
kubernetes.service-type = ClusterIP
kubernetes.image-pull-policy = Always
kubernetes.headless = true
kubernetes.service-account = default
kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD
kubernetes.env-vars[0].secret = mulkcms2-secrets
kubernetes.env-vars[0].value = database-password
kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET
kubernetes.env-vars[1].secret = mulkcms2-secrets
kubernetes.env-vars[1].value = keycloak-secret
kubernetes.secret-volumes[0].volume-name = secrets
kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets
kubernetes.secret-volumes[0].default-mode = 0444
kubernetes.mounts[0].name = secrets
kubernetes.mounts[0].path = /secrets
kubernetes.mounts[0].read-only = true