-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.conf.example
More file actions
66 lines (59 loc) · 2 KB
/
Copy pathapp.conf.example
File metadata and controls
66 lines (59 loc) · 2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
[app]
loglevel=debug
# Deployment environment reported on the startup audit event (e.g. local, test, acc, prod)
environment=local
mtls_override_cert=
# Enable the /test routes
enable_test_routes=True
# Enable the exchange service routes (/exchange/*, /receive)
enable_exchange_services_routes=True
[logging]
# Single syslog channel (host:port, UDP); leave empty to log to stdout only.
# All streams (app, siem, public_inspect, debug) are multiplexed over this
# channel; each JSON record carries a stream_id field to tell them apart.
syslog_path=
# Identifies this application in the JSON records (application_id field),
# so the log server can tell apart applications sharing the channel.
application_id=pseudoniemendienst
# Include stack traces in the JSON logs
include_traces=True
# Log everything as plain text to the console (for local development)
debug_logs_in_console=True
[database]
dsn=postgresql+psycopg://postgres:postgres@postgres:5432/postgres
create_tables=false
retry_backoff=0.1, 0.2, 0.4, 0.8, 1.6, 3.2, 4.8, 6.4, 10.0
pool_size=5
max_overflow=10
pool_pre_ping=False
pool_recycle=1800
[uvicorn]
swagger_enabled = True
docs_url = /docs
redoc_url = /redocs
host = 0.0.0.0
port = 6502
reload = True
use_ssl = False
ssl_base_dir = secrets/ssl
ssl_cert_file = server.cert
ssl_key_file = server.key
# The root path if behind a proxy
root_path =
[oprf]
# Local key fallback: file with base64 server key (used when hsm_url is not set)
server_key_file=secrets/oprf-server.key
# HSM API: when set, evaluation is delegated to the HSM API instead of the local key
# hsm_url=https://localhost:8443
# hsm_module=softhsm
# hsm_slot=SoftHSMLabel
# hsm_cert_file=secrets/prs-use.crt
# hsm_key_file=secrets/prs-use.key
# hsm_ca_cert_file=secrets/hsm-ca.crt
[pseudonym]
# Master key for hkdf
master_key=
[authorization_headers]
# space separated list of expected audiences, one should be present in the authorization authorization header
# usually the value is the domain of the running application
expected_audiences = https://localhost:6502