# vibe_erp — production-ish defaults. # # This is the baseline configuration baked into the shipping image. It is # deliberately non-secret: every sensitive value is read from an environment # variable so the same image works for self-hosted and (eventually) hosted # deployments. See architecture spec sections 10 and 11. # # Customer overrides live in /opt/vibe-erp/config/vibe-erp.yaml on the # mounted volume. Plug-in configuration lives in metadata__plugin_config, # never here. spring: application: name: vibe-erp datasource: url: ${VIBEERP_DB_URL} username: ${VIBEERP_DB_USER} password: ${VIBEERP_DB_PASSWORD} driver-class-name: org.postgresql.Driver jpa: # Liquibase owns the schema; Hibernate must never touch DDL. hibernate: ddl-auto: validate open-in-view: false # Multi-tenant wall #1 (the application-layer wall): # Hibernate's DISCRIMINATOR strategy means every query and every save # is automatically filtered/written with the tenant id from # `HibernateTenantResolver`, which reads `TenantContext` (set per-request # by `TenantResolutionFilter`). Wall #2 — Postgres Row-Level Security — # is enforced by the `RlsTransactionHook` (planned: implementation-plan # P1.1) once it lands. Both walls are required by CLAUDE.md guardrail #5; # disabling either is a release-blocker. properties: hibernate: tenant_identifier_resolver: org.vibeerp.platform.persistence.tenancy.HibernateTenantResolver multiTenancy: DISCRIMINATOR liquibase: change-log: classpath:db/changelog/master.xml server: port: 8080 shutdown: graceful management: endpoints: web: exposure: include: health,info,prometheus vibeerp: instance: mode: ${VIBEERP_INSTANCE_MODE:self-hosted} default-tenant: ${VIBEERP_DEFAULT_TENANT:default} plugins: directory: ${VIBEERP_PLUGINS_DIR:/opt/vibe-erp/plugins} auto-load: true i18n: default-locale: en-US fallback-locale: en-US available-locales: en-US,zh-CN,de-DE,ja-JP,es-ES files: backend: local local-path: ${VIBEERP_FILES_DIR:/opt/vibe-erp/files} logging: level: org.vibeerp: INFO org.springframework: WARN