# Values formatted like "_env:ENV_VAR_NAME:default_value" can be overridden by the specified environment variable.
# See https://github.com/yesodweb/yesod/wiki/Configuration#overriding-configuration-values-with-environment-variables

static-dir:      "_env:STATIC_DIR:static"
host:            "_env:HOST:*4" # any IPv4 host
port:            "_env:PORT:3000"
approot:         "_env:APPROOT:http://localhost:3000"
ip-from-header:  "_env:IP_FROM_HEADER:false"
var-dir:         "_env:VAR_DIR:."
contact-email:   "_env:CONTACT_EMAIL:filipg@amu.edu.pl"
repo-host:       "_env:REPO_HOST:ssh://gitolite@gonito.net/"
repo-scheme:     "_env:REPO_SCHEME:selfhosted"
tag-permissions: "_env:TAG_PERMISSIONS:only-admin-can-add-new-tags"
auto-opening:    "_env:AUTO_OPENING:false"
leaderboard-style: "_env:LEADERBOARD_STYLE:by-submitter"
new-best-result-slack-hook: "_env:NEW_BEST_RESULT_SLACK_HOOK:"
server-ssh-public-key: "_env:SERVER_SSH_PUBLIC_KEY:"
is-public:    "_env:IS_PUBLIC:true"

# How the output of asynchronous operations is presented
# - with-plain-text - just plain text shown by the browser;
#   pros: it works with anything, cons: with NGINX the output
#   is not shown progressively, only when it is finished
# - with-web-sockets - using web sockets and JavaScripts, pros:
#   nicer visually, fully works with NGINX, cons: does not work
#   with lighttpd
viewing-progress-style: "_env:VIEWING_PROGRESS_STYLE:with-plain-text"

# Optional values with the following production defaults.
# In development, they default to the inverse.
#
# development: false
# detailed-logging: false
# should-log-all: false
# reload-templates: false
# mutable-static: false
# skip-combining: false

database:
  user:     "_env:PGUSER:filipg"
  password: "_env:PGPASS:gonito"
  host:     "_env:PGHOST:localhost"
  port:     "_env:PGPORT:5432"
  database: "_env:PGDATABASE:gonito"
  poolsize: "_env:PGPOOLSIZE:10"

copyright: © Filip Graliński, Gonito ver. 3.6.1

admin-user: "_env:ADMINUSER:"
admin-password: "_env:ADMINPASS:"
location: "_env:LOCATION:"

# If set, the key given, in the JWK format, will be used to verify and
# trust JWT tokens sent by the client as Authorization/Bearer.
# The JWT token will be checked first for a given request, if not provided
# the standard auth procedure will used.
#
# If unset, the Authorization will NOT be checked at all (only the standard
# auth procedure will be applied).
#
# A JWK key is something like:
#
#    {"kty":"RSA", alg:"RS256", "use":"sig", "kid":"h01jmt_bD-1Di8i_GYbEV2a4NxhptzySHO-R8VuNHVA", "e":"AQAB", "n": "qG1elE6KPW3BYMxNpgK73MoksvbrUSfpRY4z9hU5iMsJREyD5Ar6XpjM1xAr6G7xglnOoumPC9o6FqhDHihm6QdJ5s5MA9ZyGkbi--kvy9Qc2d_VIGU-UR4vwyk3hAwXOFLhoknpQrJBJmMQvGFdas1Yr-m9EIWwT1zN7neHZkRUYZSVyQw_XghtMIWAUsLnhr6mM7nstHLafgxe5Qamzuc4K5EC_qipFXu4ugYkMDnaknlhkT43m7tcduVDnv5GV_4dBesF7FRII8tgUQWyw3Ty_FIoq43SInUPU_9cxA-qPGQz5C50th2aJl1z1snpLWS_1Zfsa8lnFsMj8_oh6w"}
#
# If you use Keycloak, it can be retrived via:
#
#    https://<HOST>/auth/realms/<REALM>/protocol/openid-connect/certs
#
# (key/0 element, not the whole JSON!).
#
# Note: at the moment, only RS256 is handled.
json-web-key: "_env:JSON_WEB_KEY"

# Take the team name of a user from a given metadata field. Currently
# handled only when JWK is used, family_name and given_name are handled.
# If one of these is set, it is not considered a part of the username.
team-field: "_env:TEAM_FIELD"

# Whether to automatically assign teams for submissions.
auto-team: "_env:AUTO_TEAM:false"

#analytics: UA-YOURCODE