朱子纯 / vibe-erp

application.yaml 2.17 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 
# vibe_erp — production-ish defaults.
#
# This is the baseline configuration baked into the shipping image. It is
# deliberately non-secret: every sensitive value is read from an environment
# variable so the same image works for self-hosted and (eventually) hosted
# deployments. See architecture spec sections 10 and 11.
#
# Customer overrides live in /opt/vibe-erp/config/vibe-erp.yaml on the
# mounted volume. Plug-in configuration lives in metadata__plugin_config,
# never here.

spring:
  application:
    name: vibe-erp
  datasource:
    url: ${VIBEERP_DB_URL}
    username: ${VIBEERP_DB_USER}
    password: ${VIBEERP_DB_PASSWORD}
    driver-class-name: org.postgresql.Driver
  jpa:
    # Liquibase owns the schema; Hibernate must never touch DDL.
    hibernate:
      ddl-auto: validate
    open-in-view: false
    # Multi-tenant wall #1 (the application-layer wall):
    # Hibernate's DISCRIMINATOR strategy means every query and every save
    # is automatically filtered/written with the tenant id from
    # `HibernateTenantResolver`, which reads `TenantContext` (set per-request
    # by `TenantResolutionFilter`). Wall #2 — Postgres Row-Level Security —
    # is enforced by the `RlsTransactionHook` (planned: implementation-plan
    # P1.1) once it lands. Both walls are required by CLAUDE.md guardrail #5;
    # disabling either is a release-blocker.
    properties:
      hibernate:
        tenant_identifier_resolver: org.vibeerp.platform.persistence.tenancy.HibernateTenantResolver
        multiTenancy: DISCRIMINATOR
  liquibase:
    change-log: classpath:db/changelog/master.xml

server:
  port: 8080
  shutdown: graceful

management:
  endpoints:
    web:
      exposure:
        include: health,info,prometheus

vibeerp:
  instance:
    mode: ${VIBEERP_INSTANCE_MODE:self-hosted}
    default-tenant: ${VIBEERP_DEFAULT_TENANT:default}
  plugins:
    directory: ${VIBEERP_PLUGINS_DIR:/opt/vibe-erp/plugins}
    auto-load: true
  i18n:
    default-locale: en-US
    fallback-locale: en-US
    available-locales: en-US,zh-CN,de-DE,ja-JP,es-ES
  files:
    backend: local
    local-path: ${VIBEERP_FILES_DIR:/opt/vibe-erp/files}

logging:
  level:
    org.vibeerp: INFO
    org.springframework: WARN