178 lines
4.5 KiB
YAML
178 lines
4.5 KiB
YAML
# TankStopp Production Configuration
|
|
# This file contains production-specific settings with security and performance optimizations
|
|
|
|
# Server Configuration
|
|
server:
|
|
host: "0.0.0.0"
|
|
port: 8080
|
|
read_timeout: 10s
|
|
write_timeout: 10s
|
|
idle_timeout: 60s
|
|
shutdown_timeout: 30s
|
|
|
|
# Database Configuration
|
|
database:
|
|
# Production database file
|
|
path: "/var/lib/tankstopp/fuel_stops.db"
|
|
|
|
# Connection Pool Settings (optimized for production load)
|
|
connection_pool:
|
|
max_idle_connections: 25
|
|
max_open_connections: 200
|
|
connection_max_lifetime: "2h"
|
|
connection_max_idle_time: "1h"
|
|
|
|
# Logging Settings (minimal for production)
|
|
logging:
|
|
# Only log errors and warnings in production
|
|
level: "error"
|
|
# Higher threshold for production
|
|
slow_query_threshold: "500ms"
|
|
# Disable debug mode
|
|
debug: false
|
|
|
|
# Migration Settings
|
|
migration:
|
|
# Disable auto-migration in production for safety
|
|
auto_migrate: false
|
|
# Never drop tables in production
|
|
drop_tables_first: false
|
|
# Larger batch size for production efficiency
|
|
create_batch_size: 5000
|
|
|
|
# Performance Settings (optimized for production)
|
|
performance:
|
|
# Enable prepared statements for performance
|
|
prepare_statements: true
|
|
# Don't disable foreign key checks in production
|
|
disable_foreign_key_check: false
|
|
# Don't ignore relationships in production
|
|
ignore_relationships_when_migrating: false
|
|
# Enable field querying for efficiency
|
|
query_fields: true
|
|
# Never enable dry run in production
|
|
dry_run: false
|
|
# Larger batch size for production
|
|
create_in_batches: 500
|
|
|
|
# Application Settings
|
|
app:
|
|
name: "TankStopp"
|
|
version: "1.0.0"
|
|
environment: "production"
|
|
# Disable debug mode in production
|
|
debug: false
|
|
|
|
# Security Settings (strict for production)
|
|
security:
|
|
session:
|
|
# Longer timeout for production users
|
|
timeout: "24h"
|
|
cookie_name: "tankstopp_session"
|
|
# Require HTTPS in production
|
|
secure_cookies: true
|
|
# Keep HTTP only for security
|
|
http_only: true
|
|
|
|
# Strong password requirements for production
|
|
password:
|
|
min_length: 12
|
|
require_uppercase: true
|
|
require_lowercase: true
|
|
require_numbers: true
|
|
require_special_chars: true
|
|
|
|
# Logging Configuration (structured for production)
|
|
logging:
|
|
# Info level for production monitoring
|
|
level: "info"
|
|
# JSON format for log aggregation
|
|
format: "json"
|
|
# Output to file for persistence
|
|
output: "file"
|
|
# Production log file path
|
|
file_path: "/var/log/tankstopp/application.log"
|
|
# Enable log rotation for production
|
|
rotation:
|
|
enabled: true
|
|
max_size: "500MB"
|
|
max_age: "90d"
|
|
max_backups: 10
|
|
|
|
# External Services (production-optimized timeouts)
|
|
external_services:
|
|
overpass_api:
|
|
url: "https://overpass-api.de/api/interpreter"
|
|
# Conservative timeout for production
|
|
timeout: "30s"
|
|
max_retries: 3
|
|
# Standard search radius
|
|
search_radius: 5000
|
|
|
|
# Production-specific settings
|
|
production:
|
|
# Disable hot reload in production
|
|
hot_reload: false
|
|
# Disable request logging for performance
|
|
request_logging: false
|
|
# Disable profiling endpoints for security
|
|
profiling: false
|
|
# Static file serving with long cache
|
|
static_files:
|
|
directory: "/var/www/tankstopp/static"
|
|
cache_duration: "24h"
|
|
# Enable compression for better performance
|
|
compression:
|
|
enabled: true
|
|
level: 6
|
|
|
|
# Feature Flags (selectively enabled for production)
|
|
features:
|
|
fuel_station_search: true
|
|
vehicle_management: true
|
|
statistics_dashboard: true
|
|
data_export: true
|
|
api_endpoints: true
|
|
|
|
# Default User Settings
|
|
defaults:
|
|
currency: "EUR"
|
|
fuel_type: "Super E5"
|
|
distance_unit: "km"
|
|
volume_unit: "liters"
|
|
|
|
# Production-specific overrides
|
|
prod_overrides:
|
|
# Disable CORS in production (handle via reverse proxy)
|
|
enable_cors: false
|
|
# Require secure connections
|
|
require_https: true
|
|
# Disable detailed error messages for security
|
|
detailed_errors: false
|
|
# Disable request/response logging for performance
|
|
log_requests: false
|
|
# Disable SQL query logging for performance
|
|
log_sql_queries: false
|
|
# Enable rate limiting
|
|
rate_limiting:
|
|
enabled: true
|
|
requests_per_minute: 60
|
|
burst_size: 10
|
|
# Enable security headers
|
|
security_headers:
|
|
enabled: true
|
|
hsts_max_age: "31536000"
|
|
content_type_nosniff: true
|
|
frame_deny: true
|
|
xss_protection: true
|
|
# Health check settings
|
|
health_check:
|
|
enabled: true
|
|
endpoint: "/health"
|
|
timeout: "5s"
|
|
# Monitoring settings
|
|
monitoring:
|
|
enabled: true
|
|
metrics_endpoint: "/metrics"
|
|
enable_pprof: false
|