forked from tchiotludo/akhq
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapplication.example.yml
181 lines (170 loc) · 6.46 KB
/
application.example.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
micronaut:
security:
# Ldap authentificaton configuration
ldap:
default:
enabled: true
context:
server: 'ldap://ldap.forumsys.com:389'
managerDn: 'cn=read-only-admin,dc=example,dc=com'
managerPassword: 'password'
search:
base: "dc=example,dc=com"
groups:
enabled: true
base: "dc=example,dc=com"
akhq:
server:
base-path: "" # if behind a reverse proxy, path to akhq without trailing slash (optional). Example: akhq is
# behind a reverse proxy with url http://my-server/akhq, set base-path: "/akhq".
# Not needed if you're behind a reverse proxy with subdomain http://akhq.my-server/
access-log: # Access log configuration (optional)
enabled: true # true by default
name: org.akhq.log.access # Logger name
format: "[Date: {}] [Duration: {} ms] [Url: {} {} {}] [Status: {}] [Ip: {}] [Length: {}] [Port: {}]" # Logger format
# default kafka properties for each clients, available for admin / producer / consumer (optional)
clients-defaults:
consumer:
properties:
isolation.level: read_committed
# list of kafka cluster available for akhq
connections:
my-cluster-plain-text: # url friendly name for the cluster (letter, number, _, -, ... dot are not allowed here)
properties: # standard kafka properties (optional)
bootstrap.servers: "kafka:9092"
schema-registry:
url: "http://schema-registry:8085" # schema registry url (optional)
# Basic Auth user / pass
basic-auth-username: basic-auth-user
basic-auth-password: basic-auth-pass
properties: # standard kafka properties (optional)
ssl.protocol: TLS
connect:
- name: connect-1
url: "http://connect:8083"
# Basic Auth user / pass (optional)
basic-auth-username: basic-auth-user
basic-auth-password: basic-auth-pass
# ssl store configuration (optional)
ssl-trust-store: /app/truststore.jks
ssl-trust-store-password: trust-store-password
ssl-key-store: /app/truststore.jks
ssl-key-store-password: key-store-password
- name: connect-2
url: "http://connect:8084"
# Basic Auth user / pass (optional)
basic-auth-username: basic-auth-user
basic-auth-password: basic-auth-pass
# ssl store configuration (optional)
ssl-trust-store: /app/truststore.jks
ssl-trust-store-password: trust-store-password
ssl-key-store: /app/truststore.jks
ssl-key-store-password: key-store-password
my-cluster-ssl:
properties:
bootstrap.servers: "kafka:9093"
security.protocol: SSL
ssl.truststore.location: /app/truststore.jks
ssl.truststore.password: password
ssl.keystore.location: /app/keystore.jks
ssl.keystore.password: password
ssl.key.password: password
my-cluster-sasl:
properties:
bootstrap.servers: "kafka:9094"
security.protocol: SASL_SSL
sasl.mechanism: SCRAM-SHA-256
sasl.jaas.config: org.apache.kafka.common.security.scram.ScramLoginModule required username="admin" password="password";
ssl.truststore.location: /app/truststore.jks
ssl.truststore.password: password
ssl.keystore.location: /app/keystore.jks
ssl.keystore.password: password
ssl.key.password: password
pagination:
page-size: 25 # number of elements per page (default : 25)
threads: 16 # Number of parallel threads to resolve page
# Topic list display options (optional)
topic:
retention: 172800000 # default retention period when creating topic
partition: 3 # default number of partition when creating topic
replication: 3 # default number of replicas when creating topic
default-view: HIDE_INTERNAL # default list view (ALL, HIDE_INTERNAL, HIDE_INTERNAL_STREAM, HIDE_STREAM)
internal-regexps: # list of regexp to be considered as internal (internal topic can't be deleted or updated)
- "^_.*$"
- "^.*_schemas$"
- "^.*connect-config$"
- "^.*connect-offsets$1"
- "^.*connect-status$"
stream-regexps: # list of regexp to be considered as internal stream topic
- "^.*-changelog$"
- "^.*-repartition$"
- "^.*-rekey$"
skip-consumer-groups: false # Skip loading consumer group information when showing topics
# Topic display data options (optional)
topic-data:
sort: OLDEST # default sort order (OLDEST, NEWEST) (default: OLDEST)
size: 50 # max record per page (default: 50)
poll-timeout: 1000 # The time, in milliseconds, spent waiting in poll if data is not available in the buffer.
# Auth & Roles (optional)
security:
default-group: admin # Default groups for all the user even unlogged user
# Groups definition
groups:
admin: # Group name
roles: # roles for the group
- topic/read
- topic/insert
- topic/delete
- topic/config/update
- node/read
- node/config/update
- topic/data/read
- topic/data/insert
- topic/data/delete
- group/read
- group/delete
- group/offsets/update
- registry/read
- registry/insert
- registry/update
- registry/delete
- registry/version/delete
- acls/read
- connect/read
- connect/insert
- connect/update
- connect/delete
- connect/state/update
attributes:
# Regexp to filter topic available for group
topics-filter-regexp: "test.*"
topic-reader: # Other group
roles:
- topic/read
attributes:
topics-filter-regexp: "test\\.reader.*"
# Basic auth configuration
basic-auth:
user: # Username
password: pass # Password in sha256
groups: # Groups for the user
- admin
- topic-reader
# Ldap Groups configuration (when using ldap)
ldap:
group:
group-ldap-1: # just a key, no matter will be override by name below
name: "group-ldap-1"
groups: # Akhq groups list
- topic-reader
group-ldap-2:
name: "group-ldap-2"
groups:
- admin
user:
riemann: # ldap user id
groups: # Akhq groups list
- topic-reader
einstein:
groups:
- admin