102 lines
4.3 KiB
Properties
102 lines
4.3 KiB
Properties
# Configuration UnionFlow Client - PRODUCTION
|
|
# Ce fichier est utilisé avec le profil Quarkus "prod"
|
|
|
|
# Configuration HTTP
|
|
quarkus.http.port=8086
|
|
quarkus.http.host=0.0.0.0
|
|
quarkus.http.root-path=/
|
|
quarkus.http.so-reuse-port=true
|
|
quarkus.http.tcp-quick-ack=true
|
|
quarkus.http.tcp-cork=true
|
|
|
|
# Configuration Session HTTP - Production
|
|
quarkus.http.session-timeout=60m
|
|
quarkus.http.session-cookie-same-site=strict
|
|
quarkus.http.session-cookie-http-only=true
|
|
quarkus.http.session-cookie-secure=true
|
|
|
|
# Configuration logging - Production
|
|
quarkus.log.console.enable=true
|
|
quarkus.log.console.level=INFO
|
|
quarkus.log.console.format=%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{2.}] (%t) %s%e%n
|
|
quarkus.log.category."dev.lions.unionflow".level=INFO
|
|
quarkus.log.category."org.primefaces".level=WARN
|
|
quarkus.log.category."org.apache.myfaces".level=WARN
|
|
|
|
# MyFaces Configuration - Production
|
|
quarkus.myfaces.project-stage=Production
|
|
quarkus.myfaces.state-saving-method=server
|
|
quarkus.myfaces.number-of-views-in-session=50
|
|
quarkus.myfaces.number-of-sequential-views-in-session=10
|
|
quarkus.myfaces.serialize-state-in-session=false
|
|
quarkus.myfaces.client-view-state-timeout=3600000
|
|
quarkus.myfaces.view-expired-exception-handler-redirect-page=/
|
|
quarkus.myfaces.check-id-production-mode=true
|
|
quarkus.myfaces.strict-xhtml-links=true
|
|
quarkus.myfaces.refresh-transient-build-on-pss=true
|
|
quarkus.myfaces.resource-max-time-expires=604800000
|
|
quarkus.myfaces.resource-buffer-size=2048
|
|
|
|
# PrimeFaces Configuration - Production
|
|
primefaces.THEME=none
|
|
primefaces.FONT_AWESOME=true
|
|
primefaces.CLIENT_SIDE_VALIDATION=true
|
|
primefaces.MOVE_SCRIPTS_TO_BOTTOM=true
|
|
primefaces.CSP=true
|
|
primefaces.UPLOADER=commons
|
|
primefaces.AUTO_UPDATE=false
|
|
primefaces.CACHE_PROVIDER=org.primefaces.cache.DefaultCacheProvider
|
|
primefaces.RESOURCE_HANDLER=org.primefaces.application.resource.PrimeResourceHandler
|
|
|
|
# OmniFaces Configuration - Production
|
|
omnifaces.CDN_RESOURCE_HANDLER_DISABLED=true
|
|
omnifaces.COMBINED_RESOURCE_HANDLER_DISABLED=false
|
|
|
|
# Configuration Backend UnionFlow - Production
|
|
unionflow.backend.url=${UNIONFLOW_BACKEND_URL:https://api.lions.dev/unionflow}
|
|
|
|
# Configuration REST Client - Production
|
|
quarkus.rest-client."unionflow-api".url=${unionflow.backend.url}
|
|
quarkus.rest-client."unionflow-api".scope=jakarta.inject.Singleton
|
|
quarkus.rest-client."unionflow-api".connect-timeout=5000
|
|
quarkus.rest-client."unionflow-api".read-timeout=30000
|
|
quarkus.rest-client."unionflow-api".providers=dev.lions.unionflow.client.service.RestClientExceptionMapper,dev.lions.unionflow.client.security.JwtClientRequestFilter
|
|
|
|
# Configuration Keycloak OIDC - Production
|
|
quarkus.oidc.enabled=true
|
|
quarkus.oidc.auth-server-url=${KEYCLOAK_AUTH_SERVER_URL:https://security.lions.dev/realms/unionflow}
|
|
quarkus.oidc.client-id=unionflow-client
|
|
quarkus.oidc.credentials.secret=${KEYCLOAK_CLIENT_SECRET}
|
|
quarkus.oidc.application-type=web-app
|
|
quarkus.oidc.authentication.redirect-path=/auth/callback
|
|
quarkus.oidc.authentication.restore-path-after-redirect=true
|
|
quarkus.oidc.authentication.scopes=openid,profile,email,roles
|
|
quarkus.oidc.token.issuer=https://security.lions.dev/realms/unionflow
|
|
quarkus.oidc.tls.verification=required
|
|
quarkus.oidc.authentication.cookie-same-site=strict
|
|
quarkus.oidc.authentication.java-script-auto-redirect=false
|
|
quarkus.oidc.discovery-enabled=true
|
|
quarkus.oidc.verify-access-token=true
|
|
|
|
# Activation de la sécurité
|
|
quarkus.security.auth.enabled=true
|
|
|
|
# Chemins publics (non protégés par OIDC) - Production
|
|
quarkus.http.auth.permission.public.paths=/,/index.xhtml,/pages/public/*,/auth/*,/q/*,/q/oidc/*,/favicon.ico,/resources/*,/META-INF/resources/*,/images/*,/jakarta.faces.resource/*,/javax.faces.resource/*
|
|
quarkus.http.auth.permission.public.policy=permit
|
|
|
|
# Tous les autres chemins nécessitent une authentification
|
|
quarkus.http.auth.permission.authenticated.paths=/*
|
|
quarkus.http.auth.permission.authenticated.policy=authenticated
|
|
|
|
# Configuration Session - Production
|
|
unionflow.session.timeout=${SESSION_TIMEOUT:1800}
|
|
unionflow.session.remember-me.duration=${REMEMBER_ME_DURATION:604800}
|
|
|
|
# Configuration de sécurité - Production
|
|
unionflow.security.enable-csrf=${ENABLE_CSRF:true}
|
|
unionflow.security.password.min-length=${PASSWORD_MIN_LENGTH:8}
|
|
unionflow.security.password.require-special-chars=${PASSWORD_REQUIRE_SPECIAL:true}
|
|
unionflow.security.max-login-attempts=${MAX_LOGIN_ATTEMPTS:5}
|
|
unionflow.security.lockout-duration=${LOCKOUT_DURATION:300}
|