blob: 886db804bf0343ece41e7b485f5229aa9f010bf8 [file] [log] [blame]
Matthias Andreas Benkard761cb732020-01-25 05:52:34 +01001quarkus.log.console.color = true
2
Matthias Andreas Benkardf5a24e42020-02-15 18:40:36 +01003quarkus.log.level = INFO
4#quarkus.log.category."org.hibernate".level = INFO
5#quarkus.log.category."io.quarkus.oidc".level = FINEST
6#quarkus.log.category."io.quarkus.vertx".level = FINEST
7#quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST
8#quarkus.log.category."io.vertx.ext.jwt".level = FINEST
9
Matthias Andreas Benkard2f0b3702020-01-12 15:46:34 +010010quarkus.datasource.driver = org.postgresql.Driver
11quarkus.datasource.max-size = 8
12quarkus.datasource.min-size = 0
13
14#quarkus.flyway.migrate-at-start = true
15#quarkus.flyway.baseline-on-migrate = true
16#quarkus.flyway.baseline-version = 1
17#quarkus.flyway.schemas = public
18
Matthias Andreas Benkard9222efa2020-01-24 19:11:24 +010019%dev.quarkus.datasource.url = jdbc:postgresql://localhost:5432/mulkcms
Matthias Andreas Benkard2f0b3702020-01-12 15:46:34 +010020%dev.quarkus.datasource.username = mulk
21%dev.quarkus.datasource.password =
Matthias Andreas Benkard9222efa2020-01-24 19:11:24 +010022%dev.quarkus.hibernate-orm.log.sql = true
Matthias Andreas Benkard24a25142020-01-24 13:25:54 +010023
Matthias Andreas Benkard8b35def2020-01-31 19:13:01 +010024%prod.quarkus.datasource.url = jdbc:postgresql://postgresql.system:5432/mulkcms
25%prod.quarkus.datasource.username = mulkcms
26%prod.quarkus.datasource.password =
27%prod.quarkus.hibernate-orm.log.sql = false
28
Matthias Andreas Benkardc27d1cb2020-01-26 11:11:24 +010029# Authentication
Matthias Andreas Benkard24a25142020-01-24 13:25:54 +010030quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
31quarkus.oidc.client-id = mulkcms
32quarkus.oidc.application-type = web-app
Matthias Andreas Benkard984a77b2020-02-02 15:41:51 +010033quarkus.oidc.token.principal-claim = preferred_username
Matthias Andreas Benkarda6ac2a32020-02-15 18:40:20 +010034quarkus.oidc.authentication.redirect-path = /oidc/login
Matthias Andreas Benkardc27d1cb2020-01-26 11:11:24 +010035
36quarkus.security.users.file.enabled = false
37quarkus.security.users.embedded.enabled = false
38
39# Authentication (dev)
40%dev.quarkus.oidc.enabled = false
41%dev.quarkus.security.users.embedded.enabled = true
42%dev.quarkus.security.users.embedded.plain-text = true
43%dev.quarkus.security.users.embedded.users.mulk = mulk
44%dev.quarkus.security.users.embedded.roles.mulk = Admin
Matthias Andreas Benkard8b35def2020-01-31 19:13:01 +010045
Matthias Andreas Benkard2a1383f2020-02-01 23:53:17 +010046# Session cookies
47quarkus.smallrye-jwt.enabled = false
48mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem
49mp.jwt.verify.issuer = https://matthias.benkard.de
50smallrye.jwt.token.header = Cookie
51smallrye.jwt.token.cookie = Bearer
52smallrye.jwt.require.named-principal = true
53%dev.mulkcms.jwt.keystore.file = example-keys.p12
54%prod.mulkcms.jwt.keystore.file = /secrets/keys.p12
55mulkcms.jwt.keystore.passphrase = 123456
56mulkcms.jwt.signing-key = MulkCMS-IdP
57mulkcms.jwt.issuer = https://matthias.benkard.de
58mulkcms.jwt.validity = P1D
59
Matthias Andreas Benkard8b35def2020-01-31 19:13:01 +010060# Deployment
61docker.registry = docker.benkard.de
62
63kubernetes.deployment.target = kubernetes
64kubernetes.group = mulk
65kubernetes.name = mulkcms2
66kubernetes.namespace = mulk
67kubernetes.service-type = ClusterIP
68kubernetes.image-pull-policy = Always
69kubernetes.headless = true
70kubernetes.service-account = default
71kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD
72kubernetes.env-vars[0].secret = mulkcms2-secrets
73kubernetes.env-vars[0].value = database-password
Matthias Andreas Benkard2a1383f2020-02-01 23:53:17 +010074kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET
75kubernetes.env-vars[1].secret = mulkcms2-secrets
76kubernetes.env-vars[1].value = keycloak-secret
77kubernetes.secret-volumes[0].volume-name = secrets
78kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets
79kubernetes.secret-volumes[0].default-mode = 0444
80kubernetes.mounts[0].name = secrets
81kubernetes.mounts[0].path = /secrets
82kubernetes.mounts[0].read-only = true