# =================================================================== # Spring Boot configuration for the "prod" profile. # # This configuration overrides the application.yml file. # # More information on profiles: https://www.jhipster.tech/profiles/ # More information on configuration properties: https://www.jhipster.tech/common-application-properties/ # =================================================================== # =================================================================== # Standard Spring Boot properties. # Full reference is available at: # http://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html # =================================================================== logging: level: ROOT: INFO tech.jhipster: INFO org.datasurvey: INFO management: metrics: export: prometheus: enabled: false spring: devtools: restart: enabled: false livereload: enabled: false datasource: type: com.zaxxer.hikari.HikariDataSource url: jdbc:mysql://${DB_HOST}:3306/${DB_NAME}?useUnicode=true&characterEncoding=utf8&useSSL=true&useLegacyDatetimeCode=false&serverTimezone=UTC&createDatabaseIfNotExist=true username: ${DB_USERNAME} password: ${DB_PASSWORD} hikari: poolName: Hikari auto-commit: false data-source-properties: cachePrepStmts: true prepStmtCacheSize: 250 prepStmtCacheSqlLimit: 2048 useServerPrepStmts: true jpa: # Replace by 'prod, faker' to add the faker context and have sample data loaded in production liquibase: contexts: prod mail: host: smtp.gmail.com port: 587 username: ${MAIL_USERNAME} password: ${MAIL_PASSWORD} protocol: smtp properties.mail.smtp: auth: true starttls.enable: true ssl.trust: smtp.gmail.com tls: true thymeleaf: cache: true # =================================================================== # To enable TLS in production, generate a certificate using: # keytool -genkey -alias datasurvey -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore keystore.p12 -validity 3650 # # You can also use Let's Encrypt: # https://maximilian-boehm.com/hp2121/Create-a-Java-Keystore-JKS-from-Let-s-Encrypt-Certificates.htm # # Then, modify the server.ssl properties so your "server" configuration looks like: # # server: # port: 443 # ssl: # key-store: classpath:config/tls/keystore.p12 # key-store-password: password # key-store-type: PKCS12 # key-alias: selfsigned # # The ciphers suite enforce the security by deactivating some old and deprecated SSL cipher, this list was tested against SSL Labs (https://www.ssllabs.com/ssltest/) # ciphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 ,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 ,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_RSA_WITH_CAMELLIA_256_CBC_SHA,TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA,TLS_RSA_WITH_CAMELLIA_128_CBC_SHA # =================================================================== server: port: 8080 shutdown: graceful # see https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-graceful-shutdown compression: enabled: true mime-types: text/html,text/xml,text/plain,text/css, application/javascript, application/json min-response-size: 1024 # =================================================================== # JHipster specific properties # # Full reference is available at: https://www.jhipster.tech/common-application-properties/ # =================================================================== jhipster: http: cache: # Used by the CachingHttpHeadersFilter timeToLiveInDays: 1461 cache: # Cache configuration ehcache: # Ehcache configuration time-to-live-seconds: 3600 # By default objects stay 1 hour in the cache max-entries: 1000 # Number of objects in each cache entry security: authentication: jwt: # This token must be encoded using Base64 and be at least 256 bits long (you can type `openssl rand -base64 64` on your command line to generate a 512 bits one) # As this is the PRODUCTION configuration, you MUST change the default key, and store it securely: # - In the JHipster Registry (which includes a Spring Cloud Config server) # - In a separate `application-prod.yml` file, in the same folder as your executable JAR file # - In the `JHIPSTER_SECURITY_AUTHENTICATION_JWT_BASE64_SECRET` environment variable base64-secret: ZjRmZGRhNzFhNDI5OTRmYjkzZmQ0NzI5Yzc3YTYyODBkMjFjZGY1OWMwNzY5YTJkOTA1ZDY3YzE1MWEwMGRkYzg4ZTNlOGUwNTAzMzdiMWVjNDA4NjFiY2JhNTNhYzhkZjQ3N2MyMmY5YzA5ZTFiNzIzMjJjMTg4MmFlNTUyOTY= # Token is valid 24 hours token-validity-in-seconds: 86400 token-validity-in-seconds-for-remember-me: 2592000 mail: # specific JHipster mail property, for standard properties see MailProperties base-url: http://my-server-url-to-change # Modify according to your server's URL logging: use-json-format: false # By default, logs are not in Json format logstash: # Forward logs to logstash over a socket, used by LoggingConfiguration enabled: false host: localhost port: 5000 queue-size: 512 # =================================================================== # Application specific properties # Add your own application properties here, see the ApplicationProperties class # to have type-safe configuration, like in the JHipsterProperties above # # More documentation is available at: # https://www.jhipster.tech/common-application-properties/ # =================================================================== # application: