Matthias Andreas Benkard | 761cb73 | 2020-01-25 05:52:34 +0100 | [diff] [blame] | 1 | quarkus.log.console.color = true |
| 2 | |
Matthias Andreas Benkard | f5a24e4 | 2020-02-15 18:40:36 +0100 | [diff] [blame] | 3 | quarkus.log.level = INFO |
| 4 | #quarkus.log.category."org.hibernate".level = INFO |
| 5 | #quarkus.log.category."io.quarkus.oidc".level = FINEST |
| 6 | #quarkus.log.category."io.quarkus.vertx".level = FINEST |
| 7 | #quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST |
| 8 | #quarkus.log.category."io.vertx.ext.jwt".level = FINEST |
| 9 | |
Matthias Andreas Benkard | 04a50e6 | 2020-02-16 19:08:38 +0100 | [diff] [blame] | 10 | mulkcms.tag-base = hub.benkard.de |
Matthias Andreas Benkard | 4940b29 | 2020-03-29 18:41:07 +0200 | [diff] [blame] | 11 | mulkcms.posts.default-max-results = 25 |
Matthias Andreas Benkard | 04a50e6 | 2020-02-16 19:08:38 +0100 | [diff] [blame] | 12 | |
Matthias Andreas Benkard | 2f0b370 | 2020-01-12 15:46:34 +0100 | [diff] [blame] | 13 | quarkus.datasource.driver = org.postgresql.Driver |
| 14 | quarkus.datasource.max-size = 8 |
| 15 | quarkus.datasource.min-size = 0 |
| 16 | |
| 17 | #quarkus.flyway.migrate-at-start = true |
| 18 | #quarkus.flyway.baseline-on-migrate = true |
| 19 | #quarkus.flyway.baseline-version = 1 |
| 20 | #quarkus.flyway.schemas = public |
| 21 | |
Matthias Andreas Benkard | 9222efa | 2020-01-24 19:11:24 +0100 | [diff] [blame] | 22 | %dev.quarkus.datasource.url = jdbc:postgresql://localhost:5432/mulkcms |
Matthias Andreas Benkard | 2f0b370 | 2020-01-12 15:46:34 +0100 | [diff] [blame] | 23 | %dev.quarkus.datasource.username = mulk |
| 24 | %dev.quarkus.datasource.password = |
Matthias Andreas Benkard | 9222efa | 2020-01-24 19:11:24 +0100 | [diff] [blame] | 25 | %dev.quarkus.hibernate-orm.log.sql = true |
Matthias Andreas Benkard | 24a2514 | 2020-01-24 13:25:54 +0100 | [diff] [blame] | 26 | |
Matthias Andreas Benkard | 8b35def | 2020-01-31 19:13:01 +0100 | [diff] [blame] | 27 | %prod.quarkus.datasource.url = jdbc:postgresql://postgresql.system:5432/mulkcms |
| 28 | %prod.quarkus.datasource.username = mulkcms |
| 29 | %prod.quarkus.datasource.password = |
| 30 | %prod.quarkus.hibernate-orm.log.sql = false |
| 31 | |
Matthias Andreas Benkard | c27d1cb | 2020-01-26 11:11:24 +0100 | [diff] [blame] | 32 | # Authentication |
Matthias Andreas Benkard | 24a2514 | 2020-01-24 13:25:54 +0100 | [diff] [blame] | 33 | quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master |
| 34 | quarkus.oidc.client-id = mulkcms |
| 35 | quarkus.oidc.application-type = web-app |
Matthias Andreas Benkard | 984a77b | 2020-02-02 15:41:51 +0100 | [diff] [blame] | 36 | quarkus.oidc.token.principal-claim = preferred_username |
Matthias Andreas Benkard | 85b5e26 | 2020-03-28 19:50:44 +0100 | [diff] [blame] | 37 | quarkus.oidc.authentication.cookie-path = / |
Matthias Andreas Benkard | 551f50c | 2020-03-15 12:34:07 +0100 | [diff] [blame] | 38 | #quarkus.oidc.authentication.redirect-path = /oidc/login |
Matthias Andreas Benkard | c27d1cb | 2020-01-26 11:11:24 +0100 | [diff] [blame] | 39 | |
| 40 | quarkus.security.users.file.enabled = false |
| 41 | quarkus.security.users.embedded.enabled = false |
| 42 | |
| 43 | # Authentication (dev) |
| 44 | %dev.quarkus.oidc.enabled = false |
| 45 | %dev.quarkus.security.users.embedded.enabled = true |
| 46 | %dev.quarkus.security.users.embedded.plain-text = true |
| 47 | %dev.quarkus.security.users.embedded.users.mulk = mulk |
| 48 | %dev.quarkus.security.users.embedded.roles.mulk = Admin |
Matthias Andreas Benkard | 8b35def | 2020-01-31 19:13:01 +0100 | [diff] [blame] | 49 | |
Matthias Andreas Benkard | 2a1383f | 2020-02-01 23:53:17 +0100 | [diff] [blame] | 50 | # Session cookies |
| 51 | quarkus.smallrye-jwt.enabled = false |
| 52 | mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem |
| 53 | mp.jwt.verify.issuer = https://matthias.benkard.de |
| 54 | smallrye.jwt.token.header = Cookie |
| 55 | smallrye.jwt.token.cookie = Bearer |
| 56 | smallrye.jwt.require.named-principal = true |
| 57 | %dev.mulkcms.jwt.keystore.file = example-keys.p12 |
| 58 | %prod.mulkcms.jwt.keystore.file = /secrets/keys.p12 |
| 59 | mulkcms.jwt.keystore.passphrase = 123456 |
| 60 | mulkcms.jwt.signing-key = MulkCMS-IdP |
| 61 | mulkcms.jwt.issuer = https://matthias.benkard.de |
| 62 | mulkcms.jwt.validity = P1D |
| 63 | |
Matthias Andreas Benkard | 8b35def | 2020-01-31 19:13:01 +0100 | [diff] [blame] | 64 | # Deployment |
| 65 | docker.registry = docker.benkard.de |
| 66 | |
Matthias Andreas Benkard | db48be4 | 2020-04-17 21:44:59 +0200 | [diff] [blame^] | 67 | quarkus.container-image.build = true |
| 68 | quarkus.container-image.push = true |
| 69 | quarkus.container-image.group = mulk |
| 70 | quarkus.container-image.name = mulkcms2 |
| 71 | quarkus.container-image.registry = docker.benkard.de |
| 72 | |
| 73 | quarkus.jib.base-jvm-image = adoptopenjdk:14-jre-hotspot |
| 74 | quarkus.jib.jvm-arguments = -XX:+UnlockExperimentalVMOptions,-XX:+UseShenandoahGC,-XX:ShenandoahGCHeuristics=compact |
| 75 | |
Matthias Andreas Benkard | 8b35def | 2020-01-31 19:13:01 +0100 | [diff] [blame] | 76 | kubernetes.deployment.target = kubernetes |
| 77 | kubernetes.group = mulk |
| 78 | kubernetes.name = mulkcms2 |
| 79 | kubernetes.namespace = mulk |
| 80 | kubernetes.service-type = ClusterIP |
| 81 | kubernetes.image-pull-policy = Always |
| 82 | kubernetes.headless = true |
| 83 | kubernetes.service-account = default |
| 84 | kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD |
| 85 | kubernetes.env-vars[0].secret = mulkcms2-secrets |
| 86 | kubernetes.env-vars[0].value = database-password |
Matthias Andreas Benkard | 2a1383f | 2020-02-01 23:53:17 +0100 | [diff] [blame] | 87 | kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET |
| 88 | kubernetes.env-vars[1].secret = mulkcms2-secrets |
| 89 | kubernetes.env-vars[1].value = keycloak-secret |
| 90 | kubernetes.secret-volumes[0].volume-name = secrets |
| 91 | kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets |
| 92 | kubernetes.secret-volumes[0].default-mode = 0444 |
| 93 | kubernetes.mounts[0].name = secrets |
| 94 | kubernetes.mounts[0].path = /secrets |
| 95 | kubernetes.mounts[0].read-only = true |