helmsdeep/config/wapi-pcidss-v0/sys.config

[
    {kernel, [
        {logger_level, info},
        {logger, [
            {handler, default, logger_std_h, #{
                level => debug,
                config => #{
                    type => standard_io,
                    sync_mode_qlen => 20,
                    burst_limit_enable => true,
                    burst_limit_max_count => 600,
                    burst_limit_window_time => 1000
                },
                filters => [{access_log, {fun logger_filters:domain/2, {stop, equal, [cowboy_access_log]}}}],
                formatter => {logger_logstash_formatter, #{}}
            }},
            {handler, access_logger, logger_std_h, #{
                level => info,
                config => #{
                    type => standard_io,
                    sync_mode_qlen => 20,
                    burst_limit_enable => true,
                    burst_limit_max_count => 600,
                    burst_limit_window_time => 1000
                },
                filters => [{access_log, {fun logger_filters:domain/2, {stop, not_equal, [cowboy_access_log]}}}],
                formatter => {logger_logstash_formatter, #{}}
            }}
        ]}
    ]},

    {scoper, [
        {storage, scoper_storage_logger}
    ]},

    {os_mon, [
        {disksup_posix_only, true}
    ]},

    {wapi, [
        {ip, "::"},
        {port, 8080},
        %% To send ASCII text in 5xx replies
        %% {oops_bodies, #{
        %%     500 => "oops_bodies/500_body"
        %% }},
        {scoper_event_handler_options, #{
            event_handler_opts => #{
                formatter_opts => #{
                    max_length => 1000,
                    max_printable_string_length => 80
                }
            }
        }},
        {realm, <<"external">>},
        {public_endpoint, <<"http://wapi">>},
        {access_conf, #{
            signee => capi,
            jwt => #{
                keyset => #{
                    keycloak => {pem_file, "/var/lib/wapi/keys/keycloak/keycloak.pubkey.pem"},
                    wapi     => {pem_file, "/var/lib/wapi/keys/wapi.privkey.pem"}
                }
            }
        }},
        {health_checkers, [
            {erl_health, disk     , ["/", 99]   },
            {erl_health, cg_memory, [99]        },
            {erl_health, service  , [<<"wapi-pcidss">>]}
        ]},
        {lechiffre_opts,  #{
            encryption_source => {json, {file, <<"/var/lib/wapi/keys/token_encryption_key1.jwk">>}},
            decryption_sources => [{json, {file, <<"/var/lib/wapi/keys/token_encryption_key1.jwk">>}}]
        }}
    ]},

    {wapi_woody_client, [
        {service_urls, #{
            cds_storage         => "http://cds:8022/v2/storage",
            binbase             => "http://binbase:8022/v1/binbase",
            identdoc_storage    => "http://cds:8022/v1/identity_document_storage"
        }}
    ]},

    {dmt_client, [
        {cache_update_interval, 5000}, % milliseconds
        {cache_server_call_timeout, 30000}, % milliseconds
        {max_cache_size, #{
            elements => 80,
            memory => 209715200 % 200Mb
        }},
        {woody_event_handlers, [
            {scoper_woody_event_handler, #{
                event_handler_opts => #{
                    formatter_opts => #{
                        max_length => 1000,
                        max_printable_string_length => 80
                    }
                }
            }}
        ]},
        {service_urls, #{
            'Repository'       => <<"http://dominant:8022/v1/domain/repository">>,
            'RepositoryClient' => <<"http://dominant:8022/v1/domain/repository_client">>
        }}
    ]},

    {snowflake, [{machine_id, 1}]},

    {prometheus, [
        {collectors, [default]}
    ]}
].