prod.exs

import Config

# For production, don't forget to configure the url host
# to something meaningful, Phoenix uses this information
# when generating URLs.
#
# Note we also include the path to a cache manifest
# containing the digested version of static files. This
# manifest is generated by the `mix phx.digest` task,
# which you should run after static files are built and
# before starting your production server.
config :central, TeiserverWeb.Endpoint,
  url: [host: "yourdomain.com"],
  https: [
    port: 8888,
    otp_app: :central,
    keyfile: "/var/www/tls/privkey.pem",
    certfile: "/var/www/tls/cert.pem",
    cacertfile: "/var/www/tls/fullchain.pem",
    versions: [:"tlsv1.2"],
    dhfile: '/var/www/tls/dh-params.pem',
    ciphers: [
      'ECDHE-ECDSA-AES256-GCM-SHA384',
      'ECDHE-RSA-AES256-GCM-SHA384',
      'ECDHE-ECDSA-AES256-SHA384',
      'ECDHE-RSA-AES256-SHA384',
      'ECDHE-ECDSA-DES-CBC3-SHA',
      'ECDH-ECDSA-AES256-GCM-SHA384',
      'ECDH-RSA-AES256-GCM-SHA384',
      'ECDH-ECDSA-AES256-SHA384',
      'ECDH-RSA-AES256-SHA384',
      'DHE-DSS-AES256-GCM-SHA384',
      'DHE-DSS-AES256-SHA256',
      'AES256-GCM-SHA384',
      'AES256-SHA256',
      'ECDHE-ECDSA-AES128-GCM-SHA256',
      'ECDHE-RSA-AES128-GCM-SHA256',
      'ECDHE-ECDSA-AES128-SHA256',
      'ECDHE-RSA-AES128-SHA256',
      'ECDH-ECDSA-AES128-GCM-SHA256',
      'ECDH-RSA-AES128-GCM-SHA256',
      'ECDH-ECDSA-AES128-SHA256',
      'ECDH-RSA-AES128-SHA256',
      'DHE-DSS-AES128-GCM-SHA256',
      'DHE-DSS-AES128-SHA256',
      'AES128-GCM-SHA256',
      'AES128-SHA256',
      'ECDHE-ECDSA-AES256-SHA',
      'ECDHE-RSA-AES256-SHA',
      'DHE-DSS-AES256-SHA',
      'ECDH-ECDSA-AES256-SHA',
      'ECDH-RSA-AES256-SHA',
      'AES256-SHA',
      'ECDHE-ECDSA-AES128-SHA',
      'ECDHE-RSA-AES128-SHA',
      'DHE-DSS-AES128-SHA',
      'ECDH-ECDSA-AES128-SHA',
      'ECDH-RSA-AES128-SHA',
      'AES128-SHA'
    ],
    secure_renegotiate: true,
    reuse_sessions: true,
    honor_cipher_order: true
  ],
  force_ssl: [hsts: true],
  root: ".",
  cache_static_manifest: "priv/static/cache_manifest.json",
  server: true,
  check_origin: ["//yourdomain.com", "//*.yourdomain.com"],
  version: Mix.Project.config()[:version]

config :central, Teiserver,
  certs: [
    keyfile: "/var/www/tls/privkey.pem",
    certfile: "/var/www/tls/cert.pem",
    cacertfile: "/var/www/tls/fullchain.pem"
  ],
  enable_benchmark: false,
  node_name: "node-name",
  enable_managed_lobbies: true,
  tachyon_schema_path: "/apps/central/lib/central-0.1.0/priv/tachyon/schema_v1/*/*/*.json"

config :central, Teiserver.Repo,
  pool_size: String.to_integer(System.get_env("POOL_SIZE") || "40"),
  timeout: 120_000,
  queue_interval: 2000

# Do not print debug messages in production
config :logger,
  format: "$date $time [$level] $metadata $message\n",
  metadata: [:request_id, :user_id],
  level: :info

config :logger,
  backends: [
    {LoggerFileBackend, :error_log},
    {LoggerFileBackend, :notice_log},
    {LoggerFileBackend, :info_log},
    :console
  ]

config :logger, :error_log,
  path: "/var/log/central/error.log",
  format: "$date $time [$level] $metadata $message\n",
  metadata: [:request_id, :user_id],
  level: :error

config :logger, :notice_log,
  path: "/var/log/central/notice.log",
  format: "$date $time [$level] $metadata $message\n",
  metadata: [:request_id, :user_id],
  level: :notice

config :logger, :info_log,
  path: "/var/log/central/info.log",
  format: "$date $time [$level] $metadata $message\n",
  metadata: [:request_id, :user_id],
  level: :info

# Overwritten in secret
config :central, Teiserver.Account.Guardian,
  secret_key: "yix2DcXsA9MzAI8WldmYiJ38j2GyyXf5beWGAOJHl0FKNH04n1VACYbepqutma27"

import_config "prod.secret.exs"