strive-api/render.yaml at main · SatanLittleHelper/strive-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
services:
  - type: web
    name: strive-api
    env: docker
    plan: free
    autoDeploy: true
    healthCheckPath: /health
    dockerfilePath: ./Dockerfile
    branch: main
    envVars:
      - key: PORT
        value: 8080
      - key: LOG_LEVEL
        value: INFO
      - key: LOG_FORMAT
        value: json
      - key: DB_HOST
        sync: false
      - key: DB_PORT
        value: 5432
      - key: DB_USER
        sync: false
      - key: DB_PASSWORD
        sync: false
      - key: DB_NAME
        sync: false
      - key: DB_SSL_MODE
        value: require
      - key: JWT_SECRET
        sync: false
      - key: JWT_ISSUER
        value: strive-api
      - key: JWT_AUDIENCE
        value: strive-app
      - key: JWT_CLOCK_SKEW
        value: 2m
      - key: CORS_ALLOWED_ORIGINS
        value: http://localhost:4200,http://127.0.0.1:4200,http://192.168.1.186:4200,https://satanlittlehelper.github.io
      - key: CORS_ALLOWED_METHODS
        value: GET,POST,PUT,DELETE,OPTIONS
      - key: CORS_ALLOWED_HEADERS
        value: Accept,Authorization,Content-Type,X-Request-ID
      - key: CORS_EXPOSED_HEADERS
        value: X-Request-ID
      - key: CORS_ALLOW_CREDENTIALS
        value: "true"
      - key: CORS_MAX_AGE
        value: 86400
      - key: COOKIE_SECURE
        value: "true"
      - key: COOKIE_SAMESITE
        value: "None"
      - key: COOKIE_DOMAIN
        value: ""
      - key: RATE_LIMIT_ENABLED
        value: "true"
      - key: RATE_LIMIT_AUTH_PER_MINUTE
        value: 5
      - key: RATE_LIMIT_GENERAL_PER_MINUTE
        value: 60
      - key: RATE_LIMIT_BURST_SIZE
        value: 10
      - key: WGER_API_ENABLED
        value: "true"
      - key: WGER_API_BASE_URL
        value: https://wger.de/api/v2
      - key: WGER_API_KEY
        value: ""
      - key: WGER_API_TIMEOUT
        value: 30s
      - key: WGER_API_RETRY_COUNT
        value: 3
      - key: SECURITY_HSTS_MAX_AGE
        value: 31536000
      - key: SECURITY_HSTS_INCLUDE_SUBDOMAINS
        value: "true"
      - key: SECURITY_X_FRAME_OPTIONS
        value: DENY
      - key: SECURITY_X_CONTENT_TYPE_OPTIONS
        value: nosniff
      - key: SECURITY_REFERRER_POLICY
        value: strict-origin-when-cross-origin
      - key: SECURITY_XSS_PROTECTION
        value: "1; mode=block"