fup
Cadoles/bouncer/pipeline/pr-develop This commit looks good
Details
Cadoles/bouncer/pipeline/pr-develop This commit looks good
Details
This commit is contained in:
parent
2b37735818
commit
086564b429
|
@ -18,7 +18,7 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: bouncer-admin
|
- name: bouncer-admin
|
||||||
image: reg.cadoles.com/cadoles/bouncer:v2023.7.8-b44ff2a
|
image: reg.cadoles.com/cadoles/bouncer:v2024.2.5-1602626
|
||||||
command: ["bouncer"]
|
command: ["bouncer"]
|
||||||
args: ["--debug", "-c", "/etc/bouncer/config.yml", "server", "admin", "run"]
|
args: ["--debug", "-c", "/etc/bouncer/config.yml", "server", "admin", "run"]
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
|
|
|
@ -15,7 +15,7 @@ layers:
|
||||||
redis:
|
redis:
|
||||||
addresses:
|
addresses:
|
||||||
- ${RFS_BOUNCER_REDIS_SERVICE_HOST}:${RFS_BOUNCER_REDIS_SERVICE_PORT}
|
- ${RFS_BOUNCER_REDIS_SERVICE_HOST}:${RFS_BOUNCER_REDIS_SERVICE_PORT}
|
||||||
master: ""
|
master: "${REDIS_MASTER_NAME}"
|
||||||
|
|
||||||
logger:
|
logger:
|
||||||
level: 3
|
level: 3
|
||||||
|
|
|
@ -18,7 +18,7 @@ spec:
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: bouncer-server
|
- name: bouncer-server
|
||||||
image: reg.cadoles.com/cadoles/bouncer:v2023.7.8-b44ff2a
|
image: reg.cadoles.com/cadoles/bouncer:v2024.2.5-1602626
|
||||||
command: ["bouncer", "-c", "/etc/bouncer/config.yml", "server", "proxy", "run"]
|
command: ["bouncer", "-c", "/etc/bouncer/config.yml", "server", "proxy", "run"]
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
ports:
|
ports:
|
||||||
|
|
|
@ -1,176 +1,176 @@
|
||||||
# Configuration du service "admin"
|
# Configuration du service "admin"
|
||||||
admin:
|
admin:
|
||||||
http:
|
http:
|
||||||
# Hôte d'écoute du service,
|
# Hôte d'écoute du service,
|
||||||
# 0.0.0.0 pour écouter sur toutes les interfaces
|
# 0.0.0.0 pour écouter sur toutes les interfaces
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
# Port d'écoute du service
|
# Port d'écoute du service
|
||||||
port: 8081
|
port: 8081
|
||||||
# Utiliser les entêtes HTTP True-Client-IP, X-Real-IP ou X-Forwarded-For
|
# Utiliser les entêtes HTTP True-Client-IP, X-Real-IP ou X-Forwarded-For
|
||||||
# pour le calcul de l'adresse distante à l'origine des requêtes
|
# pour le calcul de l'adresse distante à l'origine des requêtes
|
||||||
useRealIP: true
|
useRealIP: true
|
||||||
|
|
||||||
# Configuration CORS du service
|
# Configuration CORS du service
|
||||||
# Uniquement nécessaire si un frontend web
|
# Uniquement nécessaire si un frontend web
|
||||||
# est branché sur l'API d'administration.
|
# est branché sur l'API d'administration.
|
||||||
cors:
|
cors:
|
||||||
allowedOrigins:
|
allowedOrigins:
|
||||||
- http://localhost:8081
|
- http://localhost:8081
|
||||||
allowCredentials: true
|
allowCredentials: true
|
||||||
allowMethods:
|
allowMethods:
|
||||||
- POST
|
- POST
|
||||||
- GET
|
- GET
|
||||||
- PUT
|
- PUT
|
||||||
- DELETE
|
- DELETE
|
||||||
allowedHeaders:
|
allowedHeaders:
|
||||||
- Origin
|
- Origin
|
||||||
- Accept
|
- Accept
|
||||||
- Content-Type
|
- Content-Type
|
||||||
- Authorization
|
- Authorization
|
||||||
- Sentry-Trace
|
- Sentry-Trace
|
||||||
debug: false
|
debug: false
|
||||||
|
|
||||||
# Authentification JWT
|
# Authentification JWT
|
||||||
auth:
|
auth:
|
||||||
# Origine du jeton JWT
|
# Origine du jeton JWT
|
||||||
issuer: http://127.0.0.1:8081
|
issuer: http://127.0.0.1:8081
|
||||||
# Clé privée permettant de signer les jetons
|
# Clé privée permettant de signer les jetons
|
||||||
# JWT générés pour l'usage de l'API d'administration.
|
# JWT générés pour l'usage de l'API d'administration.
|
||||||
privateKey: /etc/bouncer/admin-key.json
|
privateKey: /etc/bouncer/admin-key.json
|
||||||
|
|
||||||
# Métriques Prometheus
|
# Métriques Prometheus
|
||||||
metrics:
|
metrics:
|
||||||
# Activer ou désactiver la publication des métriques
|
# Activer ou désactiver la publication des métriques
|
||||||
enabled: true
|
enabled: true
|
||||||
# Route de publication des métriques
|
# Route de publication des métriques
|
||||||
endpoint: /.bouncer/metrics
|
endpoint: /.bouncer/metrics
|
||||||
# Authentification "basic auth" sur la page
|
# Authentification "basic auth" sur la page
|
||||||
# de publication
|
# de publication
|
||||||
# Mettre à null pour désactiver l'authentification
|
# Mettre à null pour désactiver l'authentification
|
||||||
basicAuth: null
|
basicAuth: null
|
||||||
|
|
||||||
# Configuration de l'intégration Sentry
|
# Configuration de l'intégration Sentry
|
||||||
# Voir https://pkg.go.dev/github.com/getsentry/sentry-go?utm_source=godoc#ClientOptions
|
# Voir https://pkg.go.dev/github.com/getsentry/sentry-go?utm_source=godoc#ClientOptions
|
||||||
sentry:
|
sentry:
|
||||||
dsn: ""
|
dsn: ""
|
||||||
debug: false
|
debug: false
|
||||||
flushTimeout: 2s
|
flushTimeout: 2s
|
||||||
attachStacktrace: true
|
attachStacktrace: true
|
||||||
sampleRate: 1
|
sampleRate: 1
|
||||||
enableTracing: true
|
enableTracing: true
|
||||||
tracesSampleRate: 0.2
|
tracesSampleRate: 0.2
|
||||||
profilesSampleRate: 1
|
profilesSampleRate: 1
|
||||||
ignoreErrors: []
|
ignoreErrors: []
|
||||||
sendDefaultPII: false
|
sendDefaultPII: false
|
||||||
serverName: ""
|
serverName: ""
|
||||||
environment: ""
|
environment: ""
|
||||||
maxBreadcrumbs: 0
|
maxBreadcrumbs: 0
|
||||||
maxSpans: 1000
|
maxSpans: 1000
|
||||||
maxErrorDepth: 10
|
maxErrorDepth: 10
|
||||||
|
|
||||||
# Configuration du service "proxy"
|
# Configuration du service "proxy"
|
||||||
proxy:
|
proxy:
|
||||||
http:
|
http:
|
||||||
# Hôte d'écoute du service,
|
# Hôte d'écoute du service,
|
||||||
# 0.0.0.0 pour écouter sur toutes les interfaces
|
# 0.0.0.0 pour écouter sur toutes les interfaces
|
||||||
host: 0.0.0.0
|
host: 0.0.0.0
|
||||||
# Port d'écoute du service
|
# Port d'écoute du service
|
||||||
port: 8080
|
port: 8080
|
||||||
# Utiliser les entêtes HTTP True-Client-IP, X-Real-IP ou X-Forwarded-For
|
# Utiliser les entêtes HTTP True-Client-IP, X-Real-IP ou X-Forwarded-For
|
||||||
# pour le calcul de l'adresse distante à l'origine des requêtes
|
# pour le calcul de l'adresse distante à l'origine des requêtes
|
||||||
useRealIP: true
|
useRealIP: true
|
||||||
|
|
||||||
# Métriques Prometheus
|
# Métriques Prometheus
|
||||||
metrics:
|
metrics:
|
||||||
# Activer ou désactiver la publication des métriques
|
# Activer ou désactiver la publication des métriques
|
||||||
enabled: true
|
enabled: true
|
||||||
# Route de publication des métriques
|
# Route de publication des métriques
|
||||||
endpoint: /.bouncer/metrics
|
endpoint: /.bouncer/metrics
|
||||||
# Authentification "basic auth" sur la page
|
# Authentification "basic auth" sur la page
|
||||||
# de publication
|
# de publication
|
||||||
# Mettre à null pour désactiver l'authentification
|
# Mettre à null pour désactiver l'authentification
|
||||||
basicAuth:
|
basicAuth:
|
||||||
credentials:
|
credentials:
|
||||||
prom: etheus
|
prom: etheus
|
||||||
|
|
||||||
# Configuration du transport HTTP(S)
|
# Configuration du transport HTTP(S)
|
||||||
# Voir https://pkg.go.dev/net/http#Transport
|
# Voir https://pkg.go.dev/net/http#Transport
|
||||||
transport:
|
transport:
|
||||||
forceAttemptHTTP2: true
|
forceAttemptHTTP2: true
|
||||||
maxIdleConns: 100
|
maxIdleConns: 100
|
||||||
maxIdleConnsPerHost: 100
|
maxIdleConnsPerHost: 100
|
||||||
maxConnsPerHost: 100
|
maxConnsPerHost: 100
|
||||||
idleConnTimeout: 1m30s
|
idleConnTimeout: 1m30s
|
||||||
tlsHandshakeTimeout: 10s
|
tlsHandshakeTimeout: 10s
|
||||||
expectContinueTimeout: 1s
|
expectContinueTimeout: 1s
|
||||||
disableKeepAlives: false
|
disableKeepAlives: false
|
||||||
disableCompression: false
|
disableCompression: false
|
||||||
responseHeaderTimeout: 10s
|
responseHeaderTimeout: 10s
|
||||||
writeBufferSize: 4096
|
writeBufferSize: 4096
|
||||||
readBufferSize: 4096
|
readBufferSize: 4096
|
||||||
maxResponseHeaderBytes: 0
|
maxResponseHeaderBytes: 0
|
||||||
|
|
||||||
# Configuration de l'intégration Sentry
|
# Configuration de l'intégration Sentry
|
||||||
# Voir https://pkg.go.dev/github.com/getsentry/sentry-go?utm_source=godoc#ClientOptions
|
# Voir https://pkg.go.dev/github.com/getsentry/sentry-go?utm_source=godoc#ClientOptions
|
||||||
sentry:
|
sentry:
|
||||||
dsn: ""
|
dsn: ""
|
||||||
debug: false
|
debug: false
|
||||||
flushTimeout: 2s
|
flushTimeout: 2s
|
||||||
attachStacktrace: true
|
attachStacktrace: true
|
||||||
sampleRate: 1
|
sampleRate: 1
|
||||||
enableTracing: true
|
enableTracing: true
|
||||||
tracesSampleRate: 0.2
|
tracesSampleRate: 0.2
|
||||||
profilesSampleRate: 1
|
profilesSampleRate: 1
|
||||||
ignoreErrors: []
|
ignoreErrors: []
|
||||||
sendDefaultPII: false
|
sendDefaultPII: false
|
||||||
serverName: ""
|
serverName: ""
|
||||||
environment: ""
|
environment: ""
|
||||||
maxBreadcrumbs: 0
|
maxBreadcrumbs: 0
|
||||||
maxSpans: 1000
|
maxSpans: 1000
|
||||||
maxErrorDepth: 10
|
maxErrorDepth: 10
|
||||||
|
|
||||||
# Configuration des connexions TCP
|
# Configuration des connexions TCP
|
||||||
# Voir https://pkg.go.dev/net#Dialer
|
# Voir https://pkg.go.dev/net#Dialer
|
||||||
dial:
|
dial:
|
||||||
timeout: 30s
|
timeout: 30s
|
||||||
keepAlive: 30s
|
keepAlive: 30s
|
||||||
fallbackDelay: 300ms
|
fallbackDelay: 300ms
|
||||||
dualStack: true
|
dualStack: true
|
||||||
|
|
||||||
# Configuration du client Redis
|
# Configuration du client Redis
|
||||||
#
|
#
|
||||||
# Les modes "standalone", "sentinel" et "cluster" de Redis sont supportés:
|
# Les modes "standalone", "sentinel" et "cluster" de Redis sont supportés:
|
||||||
# - Mode "standalone": renseigner une seule entrée dans redis.addresses;
|
# - Mode "standalone": renseigner une seule entrée dans redis.addresses;
|
||||||
# - Mode "sentinel": renseigner une adresse dans redis.master et une ou plusieurs adresses dans redis.addresses;
|
# - Mode "sentinel": renseigner le nom du master sentinel dans redis.master et une ou plusieurs adresses dans redis.addresses;
|
||||||
# - Mode "cluster": renseigner plusieurs adresses dans redis.addresses et laisser redis.master vide.
|
# - Mode "cluster": renseigner plusieurs adresses dans redis.addresses et laisser redis.master vide.
|
||||||
redis:
|
redis:
|
||||||
addresses:
|
addresses:
|
||||||
- localhost:6379
|
- localhost:6379
|
||||||
master: ""
|
master: ""
|
||||||
|
|
||||||
# Configuration des logs
|
# Configuration des logs
|
||||||
logger:
|
logger:
|
||||||
# Niveau de verbosité
|
# Niveau de verbosité
|
||||||
# 0 - DEBUG
|
# 0 - DEBUG
|
||||||
# 1 - INFO
|
# 1 - INFO
|
||||||
# 2 - WARNING
|
# 2 - WARNING
|
||||||
# 3 - ERROR
|
# 3 - ERROR
|
||||||
# 4 - FATAL
|
# 4 - FATAL
|
||||||
level: 1
|
level: 1
|
||||||
# Format des logs, "human" ou "json"
|
# Format des logs, "human" ou "json"
|
||||||
format: human
|
format: human
|
||||||
|
|
||||||
# Configuration des différents layers
|
# Configuration des différents layers
|
||||||
layers:
|
layers:
|
||||||
# Configuration du layer "queue"
|
# Configuration du layer "queue"
|
||||||
queue:
|
queue:
|
||||||
# Répertoire contenant les templates
|
# Répertoire contenant les templates
|
||||||
templateDir: "/etc/bouncer/layers/queue/templates"
|
templateDir: "/etc/bouncer/layers/queue/templates"
|
||||||
# Temps de vie par défaut d'une session
|
# Temps de vie par défaut d'une session
|
||||||
defaultKeepAlive: 1m
|
defaultKeepAlive: 1m
|
||||||
|
|
||||||
# Configuration du layer "circuitbreaker"
|
# Configuration du layer "circuitbreaker"
|
||||||
circuitbreaker:
|
circuitbreaker:
|
||||||
# Répertoire contenant les templates
|
# Répertoire contenant les templates
|
||||||
templateDir: "/etc/bouncer/layers/circuitbreaker/templates"
|
templateDir: "/etc/bouncer/layers/circuitbreaker/templates"
|
||||||
|
|
Loading…
Reference in New Issue