Skip to content

Commit

Permalink
📝 Update default configuration doc section
Browse files Browse the repository at this point in the history
  • Loading branch information
ujibang committed Dec 11, 2023
1 parent 5ab2109 commit 6e2a0c6
Showing 1 changed file with 56 additions and 9 deletions.
65 changes: 56 additions & 9 deletions docs/default-configuration.adoc
Original file line number Diff line number Diff line change
Expand Up @@ -99,8 +99,8 @@ jwtAuthenticationMechanism:
rolesClaim: null
fixedRoles:
# - jwt-role
issuer: myIssuer
audience: myAudience
issuer: restheart.org
audience: null
# Digest Authentication
# see https://restheart.org/docs/security/authentication#digest-authentication
Expand Down Expand Up @@ -131,7 +131,11 @@ identityAuthMechanism:
# see https://restheart.org/docs/security/authentication#file-realm-authenticator
fileRealmAuthenticator:
enabled: false
conf-file: ./users.yml
#conf-file: ./users.yml
users:
- userid: admin
password: null
roles: [admin]
# mongoRealAuthenticator authenticates users defined in a MongoDB collection.
# see https://restheart.org/docs/security/authentication#mongo-realm-authenticator
Expand All @@ -144,7 +148,7 @@ mongoRealmAuthenticator:
json-path-roles: $.roles
bcrypt-hashed-password: true
bcrypt-complexity: 12
enforce-minimum-password-strenght: false
enforce-minimum-password-strength: false
# Integer from 0 to 4
# 0 Weak (guesses < 3^10)
# 1 Fair (guesses < 6^10)
Expand All @@ -171,7 +175,11 @@ mongoRealmAuthenticator:
# see https://restheart.org/docs/security/authorization#file-acl-authorizer
fileAclAuthorizer:
enabled: false
conf-file: ./acl.yml
#conf-file: ./acl.yml
permissions:
- role: admin
predicate: path-prefix('/')
priority: 0
# mongoAclAuthorizer authorizes requests according to the Access Control List defined in a MongoDB collection.
# see https://restheart.org/docs/security/authorization#mongo-acl-authorizer
Expand Down Expand Up @@ -234,16 +242,21 @@ jwtTokenManager:
ttl: 15
srv-uri: /tokens
issuer: restheart.org
audience: null
# additional JWT claims from accounts properties
account-properties-claims:
# - foo # property name
# - /nested/property # xpath expr for nested properties
----

== Mongo Client Provider

[source,yml]
----
# Provider the MongoClient via @Inject('mclient') and @Inject('mclient-reactive')
# Provide the MongoClient via @Inject('mclient') and @Inject('mclient-reactive')
mclient:
# see https://docs.mongodb.com/manual/reference/connection-string/
connection-string: mongodb://127.0.0.1
connection-string: mongodb://127.0.0.1
----

== MongoService: MongoDB REST and Websocket API
Expand Down Expand Up @@ -303,6 +316,7 @@ mongo:
doc: OPTIONAL
# get collection cache speedups GET /coll?cache requests
get-collection-cache-enabled: true
get-collection-cache-size: 100
get-collection-cache-ttl: 10_000 # Time To Live, default 10 seconds
get-collection-cache-docs: 1000 # number of documents to cache for each request
Expand Down Expand Up @@ -336,11 +350,13 @@ mongo:
# TTL in milliseconds; specify a value < 0 to never expire cached entries
schema-cache-ttl: 60000
# Time limit in milliseconds for processing queries on the server (without network latency). 0 means no time limit
# The time limit in milliseconds for processing queries. Set to 0 for no time limit.
query-time-limit: 0
# Time limit in milliseconds for processing aggregations on the server (without network latency). 0 means no time limit
# The time limit in milliseconds for processing aggregations. Set to 0 for no time limit.
aggregation-time-limit: 0
# Deprecated: it will be removed in RH v8.0
# use requestsMetricsCollector instead, see https://restheart.org/docs/monitoring
# see https://restheart.org/docs/mongodb-rest/monitoring
# OFF => no gathering, ROOT => gathering at root level, DATABASE => at db level, COLLECTION => at collection level
metrics-gathering-level: "OFF"
Expand All @@ -356,10 +372,14 @@ graphql:
uri: /graphql
db: restheart
collection: gql-apps
# app definitions are cached. this sets the time to live in msecs
app-def-cache-ttl: 10_000
# default-limit is used for queries that don't not specify a limit
default-limit: 100
# max-limit is the maximum value for a Query limit
max-limit: 1000
# The time limit in milliseconds for processing queries. Set to 0 for no time limit.
query-time-limit: 0
verbose: false
----

Expand Down Expand Up @@ -453,6 +473,7 @@ bruteForceAttackGuard:
# - log-to-file: true => log messages to a file (default value: false)
# - log-file-path: to specify the log file path (default value: restheart.log in system temporary directory)
# - packages: only messages form these packages are logged, e.g. [ "org.restheart", "com.restheart", "io.undertow", "org.mongodb" ]
# - full-stacktrace: true to log the full stacktrace of exceptions
# - requests-log-mode: 0 => no log, 1 => light log, 2 => detailed dump (use 2 only for development, it can log credentials)
# - tracing-headers (default, empty = no tracing): add tracing HTTP headers (Use with %X{header-name} in logback.xml); see https://restheart.org/docs/auditing
Expand All @@ -463,6 +484,7 @@ logging:
log-to-file: false
log-file-path: restheart.log
packages: [ "org.restheart", "com.restheart" ]
full-stacktrace: false
requests-log-mode: 1
tracing-headers:
# - x-b3-traceid # vv Zipkin headers, see https://github.com/openzipkin/b3-propagation
Expand All @@ -474,6 +496,21 @@ logging:
# - tracestate # ^^
----

== Metrics

[source,yml]
----
# Metrics
# see https://restheart.org/docs/metrics
requestsMetricsCollector:
enabled: false
uri: /metrics
include: [ "/*" ]
exclude: [ "/metrics", "/metrics/*" ]
jvmMetricsCollector:
enabled: false
----
== Core module configuration

[source,yml]
Expand All @@ -489,6 +526,16 @@ core:
# added to the classpath and registered.
plugins-directory: plugins
# Limit the scanning of classes annotated with @RegisterPlugin
# to the specified packages. It can speedup the boot time
# in case of huge plugin jars. It is usually not required.
# Use an empty array to not limit scanning.
# Alsways add the package org.restheart to the list
plugins-packages: []
# Set to true for verbose logging of jar scanning for plugins
plugins-scanning-verbose: false
# Optionally define the base url of this instance
# Useful when RESTHeart is mediated by a reverse proxy or an API gateway to determine the instance's correct URL
base-url: null
Expand Down

0 comments on commit 6e2a0c6

Please sign in to comment.