mirror of
https://github.com/valitydev/api-key-mgmt-v2.git
synced 2024-11-06 02:15:19 +00:00
e74f084f63
* fix key metadata * fix bouncer context * cleanup * update swag and revert security to revoke * TD-635: update code for new spec * add vault client * add tests * fix style * TD-642: fix revoke * fix vault interaction --------- Co-authored-by: anatoliy.losev <losto@nix>
156 lines
4.1 KiB
Plaintext
156 lines
4.1 KiB
Plaintext
[
|
|
{kernel, [
|
|
{log_level, info},
|
|
{logger, [
|
|
{handler, default, logger_std_h, #{
|
|
level => debug,
|
|
config => #{
|
|
type => {file, "/var/log/api-key-mgmt-v2/console.json"},
|
|
sync_mode_qlen => 20
|
|
},
|
|
formatter => {logger_logstash_formatter, #{}}
|
|
}}
|
|
]}
|
|
]},
|
|
|
|
{scoper, [
|
|
{storage, scoper_storage_logger}
|
|
]},
|
|
|
|
{dmt_client, [
|
|
% milliseconds
|
|
{cache_update_interval, 5000},
|
|
{max_cache_size, #{
|
|
elements => 20,
|
|
% 50Mb
|
|
memory => 52428800
|
|
}},
|
|
{woody_event_handlers, [
|
|
{scoper_woody_event_handler, #{
|
|
event_handler_opts => #{
|
|
formatter_opts => #{
|
|
max_length => 1000
|
|
}
|
|
}
|
|
}}
|
|
]},
|
|
{service_urls, #{
|
|
'Repository' => <<"http://dominant:8022/v1/domain/repository">>,
|
|
'RepositoryClient' => <<"http://dominant:8022/v1/domain/repository_client">>
|
|
}}
|
|
]},
|
|
|
|
{akm, [
|
|
{ip, "::"},
|
|
{port, 8080},
|
|
%% To send ASCII text in 5xx replies
|
|
%% {oops_bodies, #{
|
|
%% 500 => "oops_bodies/500_body"
|
|
%% }},
|
|
{transport, thrift},
|
|
{access_conf, #{
|
|
jwt => #{
|
|
keyset => #{
|
|
akm => {pem_file, "var/keys/api-key-mgmt-v2/private.pem"}
|
|
}
|
|
}
|
|
}},
|
|
{health_check, #{
|
|
disk => {erl_health, disk, ["/", 99]},
|
|
memory => {erl_health, cg_memory, [99]},
|
|
service => {erl_health, service, [<<"api-key-mgmt-v2">>]}
|
|
}},
|
|
% milliseconds
|
|
{max_request_deadline, 60000},
|
|
% seconds
|
|
{file_storage_url_lifetime, 60},
|
|
{lechiffre_opts, #{
|
|
encryption_source => {json, {file, <<"path/to/pub.secret">>}},
|
|
decryption_sources => [{json, {file, <<"path/to/priv.secret">>}}]
|
|
}},
|
|
|
|
{epsql_connection, #{
|
|
host => "db",
|
|
port => 5432,
|
|
username => "postgres",
|
|
password => "postgres",
|
|
database => "apikeymgmtv2"
|
|
}},
|
|
|
|
{mailer, #{
|
|
url => "vality.dev",
|
|
from_email => "example@example.com",
|
|
relay => "smtp.gmail.com",
|
|
password => "password",
|
|
username => "username"
|
|
}}
|
|
]},
|
|
|
|
{how_are_you, [
|
|
{metrics_publishers, [
|
|
% {hay_statsd_publisher, #{
|
|
% key_prefix => <<"api-key-mgmt-v2.">>,
|
|
% host => "localhost",
|
|
% port => 8125
|
|
% }}
|
|
]}
|
|
]},
|
|
|
|
{snowflake, [
|
|
% {machine_id, 42}
|
|
]},
|
|
|
|
{bender_client, [
|
|
{services, #{
|
|
'Bender' => <<"http://bender:8022/v1/bender">>,
|
|
'Generator' => <<"http://bender:8022/v1/generator">>
|
|
}},
|
|
{deadline, 60000}
|
|
%{retries, #{
|
|
% 'GenerateID' => finish,
|
|
% 'GetInternalID' => finish,
|
|
% '_' => finish
|
|
%}}
|
|
]},
|
|
|
|
{bouncer_client, [
|
|
{service_clients, #{
|
|
bouncer => #{
|
|
url => <<"http://bouncer:8022/">>,
|
|
timeout => 500,
|
|
retries => #{
|
|
'Judge' => {linear, 1, 100},
|
|
'_' => finish
|
|
}
|
|
},
|
|
org_management => #{
|
|
url => <<"http://orgmgmt:8022/">>,
|
|
retries => #{
|
|
'GetUserContext' => {linear, 2, 500},
|
|
'_' => finish
|
|
}
|
|
}
|
|
}}
|
|
]},
|
|
|
|
{token_keeper_client, [
|
|
{service_client, #{
|
|
url => <<"http://token-keeper:8022/">>,
|
|
timeout => 1000,
|
|
retries => #{
|
|
'GetByToken' => {linear, 3, 100},
|
|
'_' => finish
|
|
}
|
|
}}
|
|
]},
|
|
|
|
{prometheus, [
|
|
{collectors, [default]}
|
|
]},
|
|
|
|
{canal, [
|
|
{url, "http://vault:8200"},
|
|
{engine, kvv2}
|
|
]}
|
|
].
|