helmsdeep/config/capi-v2/sys.config

%% -*- mode: erlang -*-
[
    {kernel, [
        {logger_level, info},
        {logger, [
            {handler, default, logger_std_h, #{
                    level => debug,
                    config => #{
                        type => standard_io,
                        sync_mode_qlen => 2000,
                        drop_mode_qlen => 2000,
                        flush_qlen => 3000
                    },
                    filters => [{access_log, {fun logger_filters:domain/2, {stop, equal, [cowboy_access_log]}}}],
                    formatter => {logger_logstash_formatter, #{}}
            }},
            {handler, access_logger, logger_std_h, #{
                    level => info,
                    config => #{
                        type => standard_io,
                        sync_mode_qlen => 2000,
                        drop_mode_qlen => 2000,
                        flush_qlen => 3000
                    },
                    filters => [{access_log, {fun logger_filters:domain/2, {stop, not_equal, [cowboy_access_log]}}}],
                    formatter => {logger_logstash_formatter, #{}}
                    }}
                ]}
            ]},

            {scoper, [
                {storage, scoper_storage_logger}
            ]},

            {capi, [
                {ip                  , "::"                     },
                {port                , 8080                     },
                {service_type        , real                     },
                {access_conf, #{
                    jwt => #{
                        signee => capi,
                        keyset => #{
                            keycloak => #{
                                source => {pem_file, "/var/lib/capi/keys/keycloak/keycloak.pubkey.pem"},
                                metadata => #{
                                    auth_method => user_session_token,
                                    user_realm => <<"external">>
                                }
                            },
                            capi => #{
                                source => {pem_file, "/var/lib/capi/keys/capi.privkey.pem"},
                                metadata => #{}
                            }
                        }
                    }
                }},
                {bouncer_ruleset_id, <<"service/authz/api">>},
                {oops_bodies, #{
                    500 => "/var/lib/capi/oops-bodies/oopsBody1",
                    501 => "/var/lib/capi/oops-bodies/oopsBody1",
                    502 => "/var/lib/capi/oops-bodies/oopsBody1",
                    503 => "/var/lib/capi/oops-bodies/oopsBody2",
                    504 => "/var/lib/capi/oops-bodies/oopsBody2"
                }},
                {swagger_handler_opts, #{
                    validation_opts => #{
                        schema => #{
                            response => mild
                        }
                    }
                }},
                {health_check, #{
                    disk    => {erl_health, disk     , ["/", 99]},
                    memory  => {erl_health, cg_memory, [70]},
                    service => {erl_health, service  , [<<"capi-v2">>]}
                }},
                {max_request_deadline, 60000}, % milliseconds
                {reporter_url_lifetime, 300}, % seconds
                {default_processing_deadline, <<"30m">>},
                {lechiffre_opts, #{
                    decryption_sources => [
                        {json, {file, <<"/var/lib/capi/keys/token_encryption_key1.jwk">>}}
                    ]
                }},
                {auth_config, #{
                    metadata_mappings => #{
                        % Keep those synchronized with token-keeper config!
                        party_id => <<"com.rbkmoney.party.id">>,
                        token_consumer => <<"com.rbkmoney.token.consumer">>,
                        user_id => <<"com.rbkmoney.user.id">>,
                        user_email => <<"com.rbkmoney.user.email">>
                    }
                }}
            ]},

            {capi_woody_client, [
                {services, #{
                    bender => #{
                        url => <<"http://bender:8022/v1/bender">>,
                        transport_opts => #{
                            pool => bender,
                            timeout => 2000,
                            max_connections => 2000
                }
                },
                invoicing => #{
                url => <<"http://hellgate:8022/v1/processing/invoicing">>,
            transport_opts => #{
                pool => invoicing,
                timeout => 2000,
                max_connections => 2000
            }
            },
            invoice_templating => #{
                url => <<"http://hellgate:8022/v1/processing/invoice_templating">>,
                transport_opts => #{
                    pool => invoice_templating,
                    timeout => 2000
                }
            },
            merchant_stat => #{
                url => <<"http://magista:8022/stat">>,
                transport_opts => #{
                    pool => merchant_stat,
                    timeout => 2000
                }
            },
            party_management => #{
                url => <<"http://party-management:8022/v1/processing/partymgmt">>,
                transport_opts => #{
                    pool => party_management,
                    timeout => 2000
                }
            },
            geo_ip_service => #{
                url => <<"http://columbus:8022/repo">>,
                transport_opts => #{
                    pool => geo_ip_service,
                    timeout => 2000
                }
            },
            accounter => #{
                url => <<"http://shumway:8022/accounter">>,
                transport_opts => #{
                    pool => accounter,
                    timeout => 2000,
                    max_connections => 1000
            }
            },
            file_storage => #{
                url => <<"http://file-storage:8022/file_storage">>,
                transport_opts => #{
                    pool => file_storage,
                    timeout => 2000
                }
            },
            reporting => #{
                url => <<"http://reporter:8022/reports/new-proto">>,
                transport_opts => #{
                    pool => reporting,
                    timeout => 2000
                }
            },
            payouts => #{
                url => <<"http://payouter:8022/payout/management">>,
                transport_opts => #{
                    pool => payouts,
                    timeout => 2000
                }
            },
            webhook_manager => #{
                url => <<"http://hooker:8022/hook">>,
                transport_opts => #{
                    pool => webhook_manager,
                    timeout => 2000
                }
            },
            customer_management => #{
                url => <<"http://hellgate:8022/v1/processing/customer_management">>,
                transport_opts => #{
                    pool => customer_management,
                    timeout => 2000
                }
            }
            }},
            {service_deadlines, #{
                bender              => 30000,
                invoicing           => 30000, % milliseconds
                party_management    => 30000,
                customer_management => 30000
            }}
                ]},

            {party_client, [
                {services, #{
                    party_management => <<"http://party-management:8022/v1/processing/partymgmt">>
                }},
                {woody, #{
                    cache_mode => safe,  % disabled | safe | aggressive
                    options => #{
                        woody_client => #{
                            event_handler => {
                                scoper_woody_event_handler,
                                {scoper_event_handler_options, #{
                                    event_handler_opts => #{
                                        formatter_opts => #{
                                            max_length => 1000,
                                            max_printable_string_length => 80
                                        }
                                    }
                                }
                                }
                            },
                            transport_opts => #{
                                pool => party_client,
                                timeout => 2000
                            }
                        }
                    },
                    %retries => #{'_' => finish},
                    deadline_timeout => 30000
                }}
            ]},

            {bender_client, [
                {services, #{
                    'Bender' => <<"http://bender:8022/v1/bender">>,
                    'Generator' => <<"http://bender:8022/v1/generator">>
                }},
                {deadline, 60000}
            ]},

            {bouncer_client, [
                {service_clients, #{
                    bouncer => #{
                        url => <<"http://bouncer:8022/v1/arbiter">>,
                        retries => #{
                            'Judge' => {linear, 3, 500},
                            '_' => finish
                        }
                    },
                    org_management => #{
                        url => <<"http://bouncer:8022/v1/org_management_stub">>,
                        retries => #{
                            'GetUserContext' => {linear, 3, 500},
                            '_' => finish
                        }
                    }
                }}
            ]},

            {dmt_client, [
                {cache_update_interval, 30000}, % milliseconds
                {cache_server_call_timeout, 30000}, % milliseconds
                {max_cache_size, #{
                    elements => 5,
                    memory => 52428800 % 50Mb
                }},
                {service_urls, #{
                    'Repository'       => <<"http://dominant:8022/v1/domain/repository">>,
                    'RepositoryClient' => <<"http://dominant:8022/v1/domain/repository_client">>
                }}
            ]},

            {token_keeper_client, [
                {service_client, #{
                    url => <<"http://token-keeper:8022/v1/token-keeper">>,
                    retries => #{
                        'GetByToken' => {linear, 3, 500},
                        '_' => finish
                    }
                }}
            ]},

            {how_are_you, [
                {metrics_handlers, [
                    hay_vm_handler,
                    hay_cgroup_handler,
                    woody_api_hay
                ]},
                {metrics_publishers, []}
            ]},

            {hackney, [
                {mod_metrics, woody_client_metrics}
            ]},

            {os_mon, [
                {disksup_posix_only, true}
            ]},

            {snowflake, [{machine_id, 1}]}
].