Matthias Andreas Benkard | 761cb73 | 2020-01-25 05:52:34 +0100 | [diff] [blame] | 1 | quarkus.log.console.color = true |
| 2 | |
Matthias Andreas Benkard | f5a24e4 | 2020-02-15 18:40:36 +0100 | [diff] [blame] | 3 | quarkus.log.level = INFO |
| 4 | #quarkus.log.category."org.hibernate".level = INFO |
| 5 | #quarkus.log.category."io.quarkus.oidc".level = FINEST |
| 6 | #quarkus.log.category."io.quarkus.vertx".level = FINEST |
| 7 | #quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST |
| 8 | #quarkus.log.category."io.vertx.ext.jwt".level = FINEST |
| 9 | |
Matthias Andreas Benkard | 2f0b370 | 2020-01-12 15:46:34 +0100 | [diff] [blame] | 10 | quarkus.datasource.driver = org.postgresql.Driver |
| 11 | quarkus.datasource.max-size = 8 |
| 12 | quarkus.datasource.min-size = 0 |
| 13 | |
| 14 | #quarkus.flyway.migrate-at-start = true |
| 15 | #quarkus.flyway.baseline-on-migrate = true |
| 16 | #quarkus.flyway.baseline-version = 1 |
| 17 | #quarkus.flyway.schemas = public |
| 18 | |
Matthias Andreas Benkard | 9222efa | 2020-01-24 19:11:24 +0100 | [diff] [blame] | 19 | %dev.quarkus.datasource.url = jdbc:postgresql://localhost:5432/mulkcms |
Matthias Andreas Benkard | 2f0b370 | 2020-01-12 15:46:34 +0100 | [diff] [blame] | 20 | %dev.quarkus.datasource.username = mulk |
| 21 | %dev.quarkus.datasource.password = |
Matthias Andreas Benkard | 9222efa | 2020-01-24 19:11:24 +0100 | [diff] [blame] | 22 | %dev.quarkus.hibernate-orm.log.sql = true |
Matthias Andreas Benkard | 24a2514 | 2020-01-24 13:25:54 +0100 | [diff] [blame] | 23 | |
Matthias Andreas Benkard | 8b35def | 2020-01-31 19:13:01 +0100 | [diff] [blame] | 24 | %prod.quarkus.datasource.url = jdbc:postgresql://postgresql.system:5432/mulkcms |
| 25 | %prod.quarkus.datasource.username = mulkcms |
| 26 | %prod.quarkus.datasource.password = |
| 27 | %prod.quarkus.hibernate-orm.log.sql = false |
| 28 | |
Matthias Andreas Benkard | c27d1cb | 2020-01-26 11:11:24 +0100 | [diff] [blame] | 29 | # Authentication |
Matthias Andreas Benkard | 24a2514 | 2020-01-24 13:25:54 +0100 | [diff] [blame] | 30 | quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master |
| 31 | quarkus.oidc.client-id = mulkcms |
| 32 | quarkus.oidc.application-type = web-app |
Matthias Andreas Benkard | 984a77b | 2020-02-02 15:41:51 +0100 | [diff] [blame] | 33 | quarkus.oidc.token.principal-claim = preferred_username |
Matthias Andreas Benkard | a6ac2a3 | 2020-02-15 18:40:20 +0100 | [diff] [blame] | 34 | quarkus.oidc.authentication.redirect-path = /oidc/login |
Matthias Andreas Benkard | c27d1cb | 2020-01-26 11:11:24 +0100 | [diff] [blame] | 35 | |
| 36 | quarkus.security.users.file.enabled = false |
| 37 | quarkus.security.users.embedded.enabled = false |
| 38 | |
| 39 | # Authentication (dev) |
| 40 | %dev.quarkus.oidc.enabled = false |
| 41 | %dev.quarkus.security.users.embedded.enabled = true |
| 42 | %dev.quarkus.security.users.embedded.plain-text = true |
| 43 | %dev.quarkus.security.users.embedded.users.mulk = mulk |
| 44 | %dev.quarkus.security.users.embedded.roles.mulk = Admin |
Matthias Andreas Benkard | 8b35def | 2020-01-31 19:13:01 +0100 | [diff] [blame] | 45 | |
Matthias Andreas Benkard | 2a1383f | 2020-02-01 23:53:17 +0100 | [diff] [blame] | 46 | # Session cookies |
| 47 | quarkus.smallrye-jwt.enabled = false |
| 48 | mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem |
| 49 | mp.jwt.verify.issuer = https://matthias.benkard.de |
| 50 | smallrye.jwt.token.header = Cookie |
| 51 | smallrye.jwt.token.cookie = Bearer |
| 52 | smallrye.jwt.require.named-principal = true |
| 53 | %dev.mulkcms.jwt.keystore.file = example-keys.p12 |
| 54 | %prod.mulkcms.jwt.keystore.file = /secrets/keys.p12 |
| 55 | mulkcms.jwt.keystore.passphrase = 123456 |
| 56 | mulkcms.jwt.signing-key = MulkCMS-IdP |
| 57 | mulkcms.jwt.issuer = https://matthias.benkard.de |
| 58 | mulkcms.jwt.validity = P1D |
| 59 | |
Matthias Andreas Benkard | 8b35def | 2020-01-31 19:13:01 +0100 | [diff] [blame] | 60 | # Deployment |
| 61 | docker.registry = docker.benkard.de |
| 62 | |
| 63 | kubernetes.deployment.target = kubernetes |
| 64 | kubernetes.group = mulk |
| 65 | kubernetes.name = mulkcms2 |
| 66 | kubernetes.namespace = mulk |
| 67 | kubernetes.service-type = ClusterIP |
| 68 | kubernetes.image-pull-policy = Always |
| 69 | kubernetes.headless = true |
| 70 | kubernetes.service-account = default |
| 71 | kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD |
| 72 | kubernetes.env-vars[0].secret = mulkcms2-secrets |
| 73 | kubernetes.env-vars[0].value = database-password |
Matthias Andreas Benkard | 2a1383f | 2020-02-01 23:53:17 +0100 | [diff] [blame] | 74 | kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET |
| 75 | kubernetes.env-vars[1].secret = mulkcms2-secrets |
| 76 | kubernetes.env-vars[1].value = keycloak-secret |
| 77 | kubernetes.secret-volumes[0].volume-name = secrets |
| 78 | kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets |
| 79 | kubernetes.secret-volumes[0].default-mode = 0444 |
| 80 | kubernetes.mounts[0].name = secrets |
| 81 | kubernetes.mounts[0].path = /secrets |
| 82 | kubernetes.mounts[0].read-only = true |