-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathapplication.properties
More file actions
126 lines (98 loc) · 4.78 KB
/
application.properties
File metadata and controls
126 lines (98 loc) · 4.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# debug=true
# trace=true
server.tomcat.basedir=${TOMCAT_BASE_DIR}
server.port=${LABKEY_PORT}
spring.main.log-startup-info=true
spring.main.banner-mode=off
spring.application.name=labkey
server.servlet.application-display-name=labkey
context.resources.jdbc.labkeyDataSource.type=javax.sql.DataSource
context.resources.jdbc.labkeyDataSource.driverClassName=org.postgresql.Driver
# context.resources.jdbc.labkeyDataSource.url=jdbc:postgresql://${POSTGRES_HOST:-localhost}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-${POSTGRES_USER}}${POSTGRES_PARAMETERS:-}
# context.resources.jdbc.labkeyDataSource.username=${POSTGRES_USER:-postgres}
# context.resources.jdbc.labkeyDataSource.password=${POSTGRES_PASSWORD:-}
context.resources.jdbc.labkeyDataSource.url=@@jdbcUrl@@
context.resources.jdbc.labkeyDataSource.username=@@jdbcUser@@
context.resources.jdbc.labkeyDataSource.password=@@jdbcPassword@@
context.resources.jdbc.labkeyDataSource.maxTotal=${POSTGRES_MAX_TOTAL_CONNECTIONS}
context.resources.jdbc.labkeyDataSource.maxIdle=${POSTGRES_MAX_IDLE_CONNECTIONS}
context.resources.jdbc.labkeyDataSource.maxWaitMillis=${POSTGRES_MAX_WAIT_MILLIS}
context.resources.jdbc.labkeyDataSource.accessToUnderlyingConnectionAllowed=${POSTGRES_ACCESS_UNDERLYING_CONNECTIONS}
context.resources.jdbc.labkeyDataSource.validationQuery=${POSTGRES_VALIDATION_QUERY}
context.externalModules=${LABKEY_EXTERNAL_MODULES}
# send access logs to file:
# server.tomcat.accesslog.directory=/tmp
# server.tomcat.accesslog.enabled=true
# server.tomcat.accesslog.prefix=access
# server.tomcat.accesslog.suffix=.log
# server.tomcat.accesslog.rotate=false
## File-based Tomcat HTTP access logs are enabled by default and use our recommended pattern. Override as needed.
# server.tomcat.accesslog.pattern=%h %l %u %t "%r" %s %b %D %S %I "%{Referer}i" "%{User-Agent}i" %{LABKEY.username}s %{X-Forwarded-For}i
# send access logs to stdout (preferred for ECS):
server.tomcat.accesslog.enabled=true
server.tomcat.accesslog.directory=/dev
server.tomcat.accesslog.prefix=stdout
server.tomcat.accesslog.buffered=false
server.tomcat.accesslog.suffix=
server.tomcat.accesslog.file-date-format=
server.http2.enabled=true
server.ssl.enabled=true
# must match values in entrypoint.sh
server.ssl.key-alias=${TOMCAT_KEYSTORE_ALIAS}
server.ssl.key-store=${LABKEY_HOME}/${TOMCAT_KEYSTORE_FILENAME}
# server.ssl.key-store-password=${TOMCAT_KEYSTORE_PASSWORD}
server.ssl.key-store-type=${TOMCAT_KEYSTORE_FORMAT}
context.encryptionKey=@@encryptionKey@@
#
# as of time of writing, this cannot be changed via app props but is needed for
# management.endpoints.web.base-path below
#
server.servlet.context-path=/_
server.error.whitelabel.enabled=false
mail.smtpHost=@@smtpHost@@
mail.smtpUser=@@smtpUser@@
mail.smtpPort=@@smtpPort@@
mail.smtpPassword=@@smtpPassword@@
mail.smtpAuth=@@smtpAuth@@
mail.smtpFrom=@@smtpFrom@@
mail.smtpStartTlsEnable=@@smtpStartTlsEnable@@
management.endpoints.web.base-path=/
management.endpoints.enabled-by-default=false
management.endpoint.health.enabled=true
management.endpoint.shutdown.enabled=false
management.endpoints.web.exposure.include=health
management.endpoints.jmx.exposure.exclude=*
management.endpoint.env.keys-to-sanitize=.*user.*,.*pass.*,secret,key,token,.*credentials.*,vcap_services,sun.java.command,.*key-store.*
info.labkey.version=${LABKEY_VERSION}
info.labkey.distribution=${LABKEY_DISTRIBUTION}
server.tomcat.max-threads=50
server.servlet.session.timeout=60m
context.workDirLocation=/work/Tomcat/localhost
## Example CSP Enforce policy
# csp.enforce=\
# default-src 'self' ; \
# connect-src 'self' ${CONNECTION.SOURCES} ; \
# object-src 'none' ; \
# style-src 'self' 'unsafe-inline' ${STYLE.SOURCES} ; \
# img-src 'self' data: ${IMAGE.SOURCES} ; \
# font-src 'self' data: ${FONT.SOURCES} ; \
# script-src 'unsafe-eval' 'strict-dynamic' 'nonce-${REQUEST.SCRIPT.NONCE}' ; \
# base-uri 'self' ; \
# frame-src 'self' ${FRAME.SOURCES} ; \
# ${UPGRADE.INSECURE.REQUESTS} \
# frame-ancestors 'self' ; \
# report-uri /admin-contentSecurityPolicyReport.api?cspVersion=e12&${CSP.REPORT.PARAMS} ;
## Example CSP Report policy
# csp.report=\
# default-src 'self' ; \
# connect-src 'self' ${CONNECTION.SOURCES} ; \
# object-src 'none' ; \
# style-src 'self' 'unsafe-inline' ${STYLE.SOURCES} ; \
# img-src 'self' data: ${IMAGE.SOURCES} ; \
# font-src 'self' data: ${FONT.SOURCES} ; \
# script-src 'unsafe-eval' 'strict-dynamic' 'nonce-${REQUEST.SCRIPT.NONCE}' ; \
# base-uri 'self' ; \
# frame-src 'self' ${FRAME.SOURCES} ; \
# report-uri /admin-contentSecurityPolicyReport.api?cspVersion=r12&${CSP.REPORT.PARAMS} ;
## Load optional application.properties if file exists - used for one-off labkey cloud use cases etc.
spring.config.import=optional:file:${LABKEY_HOME}/config/optional.application.properties