summaryrefslogtreecommitdiff
path: root/src/main/resources/application.properties
blob: b90cc9e937eaa5c2f4293621a00104662dc43717 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
quarkus.log.console.color = true

quarkus.log.level = INFO
#quarkus.log.category."org.hibernate".level = INFO
#quarkus.log.category."io.quarkus.oidc".level = FINEST
#quarkus.log.category."io.quarkus.vertx".level = FINEST
#quarkus.log.category."io.vertx.ext.auth.oauth2".level = FINEST
#quarkus.log.category."io.vertx.ext.jwt".level = FINEST

mulkcms.tag-base = hub.benkard.de
mulkcms.bookmarks.default-max-results = 25

quarkus.datasource.driver = org.postgresql.Driver
quarkus.datasource.max-size = 8
quarkus.datasource.min-size = 0

#quarkus.flyway.migrate-at-start = true
#quarkus.flyway.baseline-on-migrate = true
#quarkus.flyway.baseline-version = 1
#quarkus.flyway.schemas = public

%dev.quarkus.datasource.url = jdbc:postgresql://localhost:5432/mulkcms
%dev.quarkus.datasource.username = mulk
%dev.quarkus.datasource.password =
%dev.quarkus.hibernate-orm.log.sql = true

%prod.quarkus.datasource.url = jdbc:postgresql://postgresql.system:5432/mulkcms
%prod.quarkus.datasource.username = mulkcms
%prod.quarkus.datasource.password =
%prod.quarkus.hibernate-orm.log.sql = false

# Authentication
quarkus.oidc.auth-server-url = https://login.benkard.de/auth/realms/master
quarkus.oidc.client-id = mulkcms
quarkus.oidc.application-type = web-app
quarkus.oidc.token.principal-claim = preferred_username
#quarkus.oidc.authentication.redirect-path = /oidc/login

quarkus.security.users.file.enabled = false
quarkus.security.users.embedded.enabled = false

# Authentication (dev)
%dev.quarkus.oidc.enabled = false
%dev.quarkus.security.users.embedded.enabled = true
%dev.quarkus.security.users.embedded.plain-text = true
%dev.quarkus.security.users.embedded.users.mulk = mulk
%dev.quarkus.security.users.embedded.roles.mulk = Admin

# Session cookies
quarkus.smallrye-jwt.enabled = false
mp.jwt.verify.publickey.location = META-INF/resources/jwt-signing-public-key.pem
mp.jwt.verify.issuer = https://matthias.benkard.de
smallrye.jwt.token.header = Cookie
smallrye.jwt.token.cookie = Bearer
smallrye.jwt.require.named-principal = true
%dev.mulkcms.jwt.keystore.file = example-keys.p12
%prod.mulkcms.jwt.keystore.file = /secrets/keys.p12
mulkcms.jwt.keystore.passphrase = 123456
mulkcms.jwt.signing-key = MulkCMS-IdP
mulkcms.jwt.issuer = https://matthias.benkard.de
mulkcms.jwt.validity = P1D

# Deployment
docker.registry = docker.benkard.de

kubernetes.deployment.target = kubernetes
kubernetes.group = mulk
kubernetes.name = mulkcms2
kubernetes.namespace = mulk
kubernetes.service-type = ClusterIP
kubernetes.image-pull-policy = Always
kubernetes.headless = true
kubernetes.service-account = default
kubernetes.env-vars[0].name = QUARKUS_DATASOURCE_PASSWORD
kubernetes.env-vars[0].secret = mulkcms2-secrets
kubernetes.env-vars[0].value = database-password
kubernetes.env-vars[1].name = QUARKUS_OIDC_CREDENTIALS_SECRET
kubernetes.env-vars[1].secret = mulkcms2-secrets
kubernetes.env-vars[1].value = keycloak-secret
kubernetes.secret-volumes[0].volume-name = secrets
kubernetes.secret-volumes[0].secret-name = mulkcms2-secrets
kubernetes.secret-volumes[0].default-mode = 0444
kubernetes.mounts[0].name = secrets
kubernetes.mounts[0].path = /secrets
kubernetes.mounts[0].read-only = true