diff --git a/README.md b/README.md index 553b7418..1798e767 100644 --- a/README.md +++ b/README.md @@ -3,38 +3,39 @@ ## Configuration Base -| EnvVar | Description | Example | Default | -|------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------|--------------------------------------------------| -| LOG_LEVEL | Sets the log level being used. Possible values are: `error`, `warn`, `info`, `debug` and `trace`. | | `warn` | -| BROKER_CLIENT_MOCK_ENABLED | Enables the mock client. Possible values are `true` and `false`. | | `true` | -| BROKER_CLIENT_DIRECT_ENABLED | Enables the direct client. Possible values are `true` and `false`. | | `false` | -| BROKER_CLIENT_AKTIN_ENABLED | Enables the aktin client. Possible values are `true` and `false`. | | `false` | -| BROKER_CLIENT_DSF_ENABLED | Enables the dsf client. Possible values are `true` and `false`. | | `false` | -| KEYCLOAK_BASE_URL | Base URL of the keycloak instance. | | `http://localhost:8080` | -| KEYCLOAK_BASE_URL_ISSUER | Base URL the keycloak instance uses in the issuer claim | | `http://localhost:8080` | -| KEYCLOAK_BASE_URL_JWK | Base URL for the JWK Set URI of the keycloak instance | | `http://localhost:8080` | -| KEYCLOAK_REALM | Realm to be used for checking bearer tokens. | | `feasibility` | -| KEYCLOAK_CLIENT_ID | Client ID to be used for checking bearer tokens. | | `feasibility-webapp` | -| KEYCLOAK_ALLOWED_ROLE | Role that has to be part of the bearer token in order for the requester to be authorized. | | `FeasibilityUser` | -| KEYCLOAK_POWER_ROLE | Optional role that can be assigned to a user to free them from being subject to any hard limits (see _PRIVACY_QUOTA_HARD.*_ EnvVars). | | `FeasibilityPowerUser` | -| KEYCLOAK_ADMIN_ROLE | Role that gives admin rights to a user. Admins do not fall under any limits and can also see un-obfuscated site names. | | `FeasibilityAdmin` | -| SPRING_DATASOURCE_URL | The JDBC URL of the Postgres feasibility database. | | `jdbc:postgresql://feasibility-db:5432/codex_ui` | -| SPRING_DATASOURCE_USERNAME | Username to connect to the Postgres feasibility database. | | `guidbuser` | -| SPRING_DATASOURCE_PASSWORD | Password to connect to the Postgres feasibility database. | | `guidbpw` | -| ONTOLOGY_FILES_FOLDER_UI | | | ontology/ui_profiles | -| ONTOLOGY_DB_MIGRATION_FOLDER | | | ontology/migration | -| MAPPINGS_FILE | | | ontology/termCodeMapping.json | -| CONCEPT_TREE_FILE | | | ontology/conceptTree.json | -| CQL_TRANSLATE_ENABLED | | | true | -| FHIR_TRANSLATE_ENABLED | | | false | -| FLARE_WEBSERVICE_BASE_URL | URL of the local FLARE webservice - needed for FHIR query translation and when running the DIRECT path | | http://localhost:5000 | -| CQL_SERVER_BASE_URL | URL of the local FHIR server that handles CQL requests | | http://cql | -| API_BASE_URL | Sets the base URL of the webservice. This is necessary if the webservice is running behind a proxy server. If not filled, the API base URL is the request URL | https://host/api | | -| QUERY_VALIDATION_ENABLED | When enabled, any structured query submitted via the `run-query` endpoint is validated against the JSON schema located in `src/main/resources/query/query-schema.json` | true / false | true | -| QUERYRESULT_EXPIRY_MINUTES | How many minutes should query results be kept in memory? | | 5 | -| QUERYRESULT_PUBLIC_KEY | The public key in Base64-encoded DER format without banners and line breaks. Mandatory if _QUERYRESULT_DISABLE_LOG_FILE_ENCRYPTION_ is _false_ | -| QUERYRESULT_DISABLE_LOG_FILE_ENCRYPTION | Disable encryption of the result log file. | true / false | | -| ALLOWED_ORIGINS | Allowed origins for cross-origin requests. This should at least cover the frontend address. | | http://localhost | +| EnvVar | Description | Example | Default | +|-----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------|--------------------------------------------------| +| LOG_LEVEL | Sets the log level being used. Possible values are: `error`, `warn`, `info`, `debug` and `trace`. | | `warn` | +| HIBERNATE_SHOW_SQL | Show the sql statements hibernate executes | | `false` | +| BROKER_CLIENT_MOCK_ENABLED | Enables the mock client. Possible values are `true` and `false`. | | `true` | +| BROKER_CLIENT_DIRECT_ENABLED | Enables the direct client. Possible values are `true` and `false`. | | `false` | +| BROKER_CLIENT_AKTIN_ENABLED | Enables the aktin client. Possible values are `true` and `false`. | | `false` | +| BROKER_CLIENT_DSF_ENABLED | Enables the dsf client. Possible values are `true` and `false`. | | `false` | +| KEYCLOAK_BASE_URL | Base URL of the keycloak instance. | | `http://localhost:8080` | +| KEYCLOAK_BASE_URL_ISSUER | Base URL the keycloak instance uses in the issuer claim | | `http://localhost:8080` | +| KEYCLOAK_BASE_URL_JWK | Base URL for the JWK Set URI of the keycloak instance | | `http://localhost:8080` | +| KEYCLOAK_REALM | Realm to be used for checking bearer tokens. | | `feasibility` | +| KEYCLOAK_CLIENT_ID | Client ID to be used for checking bearer tokens. | | `feasibility-webapp` | +| KEYCLOAK_ALLOWED_ROLE | Role that has to be part of the bearer token in order for the requester to be authorized. | | `FeasibilityUser` | +| KEYCLOAK_POWER_ROLE | Optional role that can be assigned to a user to free them from being subject to any hard limits (see _PRIVACY_QUOTA_HARD.*_ EnvVars). | | `FeasibilityPowerUser` | +| KEYCLOAK_ADMIN_ROLE | Role that gives admin rights to a user. Admins do not fall under any limits and can also see un-obfuscated site names. | | `FeasibilityAdmin` | +| SPRING_DATASOURCE_URL | The JDBC URL of the Postgres feasibility database. | | `jdbc:postgresql://feasibility-db:5432/codex_ui` | +| SPRING_DATASOURCE_USERNAME | Username to connect to the Postgres feasibility database. | | `guidbuser` | +| SPRING_DATASOURCE_PASSWORD | Password to connect to the Postgres feasibility database. | | `guidbpw` | +| ONTOLOGY_FILES_FOLDER_UI | | | ontology/ui_profiles | +| ONTOLOGY_DB_MIGRATION_FOLDER | | | ontology/migration | +| MAPPINGS_FILE | | | ontology/termCodeMapping.json | +| CONCEPT_TREE_FILE | | | ontology/conceptTree.json | +| CQL_TRANSLATE_ENABLED | | | true | +| FHIR_TRANSLATE_ENABLED | | | false | +| FLARE_WEBSERVICE_BASE_URL | URL of the local FLARE webservice - needed for FHIR query translation and when running the DIRECT path | | http://localhost:5000 | +| CQL_SERVER_BASE_URL | URL of the local FHIR server that handles CQL requests | | http://cql | +| API_BASE_URL | Sets the base URL of the webservice. This is necessary if the webservice is running behind a proxy server. If not filled, the API base URL is the request URL | https://host/api | | +| QUERY_VALIDATION_ENABLED | When enabled, any structured query submitted via the `run-query` endpoint is validated against the JSON schema located in `src/main/resources/query/query-schema.json` | true / false | true | +| QUERYRESULT_EXPIRY_MINUTES | How many minutes should query results be kept in memory? | | 5 | +| QUERYRESULT_PUBLIC_KEY | The public key in Base64-encoded DER format without banners and line breaks. Mandatory if _QUERYRESULT_DISABLE_LOG_FILE_ENCRYPTION_ is _false_ | +| QUERYRESULT_DISABLE_LOG_FILE_ENCRYPTION | Disable encryption of the result log file. | true / false | | +| ALLOWED_ORIGINS | Allowed origins for cross-origin requests. This should at least cover the frontend address. | | http://localhost | ### Running the DIRECT Path diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 83824be8..7a100cce 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -16,6 +16,7 @@ spring: properties: hibernate: dialect: org.hibernate.dialect.PostgreSQLDialect + show_sql: ${HIBERNATE_SHOW_SQL:false} flyway: locations: filesystem:${ONTOLOGY_DB_MIGRATION_FOLDER:ontology/migration},classpath:db/migration security: