SpringUserFrameworkDemoApp/src/main/resources/application-prd.yml at 57d6d8501bae7d840da9f6cf32eb105f47e41eb6 · devondragon/SpringUserFrameworkDemoApp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
spring:
  thymeleaf:
    cache: true # Enable Thymeleaf cache in production
  jpa:
    show-sql: false # Disable SQL logging in production
    hibernate:
      ddl-auto: validate # Only validate schema in production, don't auto-update
  datasource:
    # Production datasource configuration (should be overridden by environment variables)
    url: ${DATABASE_URL:jdbc:mariadb://localhost:3306/springuser_prod?createDatabaseIfNotExist=false}
    username: ${DATABASE_USERNAME:springuser}
    password: ${DATABASE_PASSWORD:springuser}

server:
  servlet:
    session:
      cookie:
        secure: true # Force secure cookies in production
        same-site: strict # Strict SameSite policy for production
        http-only: true

logging:
  level:
    root: WARN # Reduce log level in production
    com.digitalsanctuary: INFO
    org.springframework.security: WARN
  file:
    name: /opt/app/logs/user-app.log

management:
  endpoints:
    web:
      exposure:
        include: health,info,metrics # Limit exposed actuator endpoints in production
  endpoint:
    health:
      show-details: never # Don't expose detailed health info in production

user:
  webauthn:
    rpId: ${WEBAUTHN_RP_ID:example.com}
    rpName: ${WEBAUTHN_RP_NAME:Spring User Framework Demo}
    allowedOrigins: ${WEBAUTHN_ALLOWED_ORIGINS:https://example.com}
  security:
    disableCSRFdURIs: # No CSRF disabled URIs in production for better security