forked from Permify/permify
-
Notifications
You must be signed in to change notification settings - Fork 0
/
example.config.yaml
98 lines (88 loc) · 2.65 KB
/
example.config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# The server section specifies the HTTP and gRPC server settings,
# including whether or not TLS is enabled and the certificate and
# key file locations.
server:
rate_limit: 100
http:
enabled: true
port: 3476
tls:
enabled: true
cert: /etc/letsencrypt/live/yourdomain.com/fullchain.pem
key: /etc/letsencrypt/live/yourdomain.com/privkey.pem
grpc:
port: 3478
tls:
enabled: true
cert: /etc/letsencrypt/live/yourdomain.com/fullchain.pem
key: /etc/letsencrypt/live/yourdomain.com/privkey.pem
# The logger section sets the logging level for the service.
logger:
level: info
# The profiler section enables or disables the pprof profiler and
# sets the port number for the profiler endpoint.
profiler:
enabled: true
port: 6060
# The authn section specifies the authentication method for the service.
authn:
enabled: true
method: preshared
preshared:
keys: []
# The tracer section enables or disables distributed tracing and sets the
# exporter and endpoint for the tracing data.
tracer:
exporter: zipkin
endpoint: http://localhost:9411/api/v2/spans
enabled: true
# The meter section enables or disables metrics collection and sets the
# exporter and endpoint for the collected metrics.
meter:
exporter: otlp
endpoint: localhost:4318
enabled: true
# The service section sets various service-level settings, including whether
# or not to use a circuit breaker, and cache sizes for schema, permission,
# and relationship data.
service:
circuit_breaker: false
watch:
enabled: false
schema:
cache:
number_of_counters: 1_000
max_cost: 10MiB
permission:
bulk_limit: 100
concurrency_limit: 100
cache:
number_of_counters: 10_000
max_cost: 10MiB
relationship:
# The database section specifies the database engine and connection settings,
# including the URI for the database, whether or not to auto-migrate the database,
# and connection pool settings.
database:
engine: postgres
uri: postgres://user:password@host:5432/db_name
auto_migrate: false
max_open_connections: 20
max_idle_connections: 1
max_connection_lifetime: 300s
max_connection_idle_time: 60s
garbage_collection:
enabled: true
interval: 200h
window: 200h
timeout: 5m
# distributed configuration settings
distributed:
# Indicates whether the distributed mode is enabled or not
enabled: true
# The address of the distributed service.
# Using a Kubernetes DNS name suggests this service runs in a Kubernetes cluster
# under the 'default' namespace and is named 'permify'
address: "kubernetes:///permify.default:5000"
# The port on which the service is exposed
port: "5000"