mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-11 21:37:32 +00:00
82e232af72
# Which Problems Are Solved
The `auth.auth_requests` table is not cleaned up so long running Zitadel
installations can contain many rows.
The mirror command can take long because a the data are first copied
into memory (or disk) on cockroach and users do not get any output from
mirror. This is unfortunate because people don't know if Zitadel got
stuck.
# How the Problems Are Solved
Enhance logging throughout the projection processes and introduce a
configuration option for the maximum age of authentication requests.
# Additional Changes
None
# Additional Context
closes https://github.com/zitadel/zitadel/issues/9764
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
(cherry picked from commit 181186e477)
95 lines
3.7 KiB
YAML
95 lines
3.7 KiB
YAML
Source:
|
|
cockroach:
|
|
Host: localhost # ZITADEL_SOURCE_COCKROACH_HOST
|
|
Port: 26257 # ZITADEL_SOURCE_COCKROACH_PORT
|
|
Database: zitadel # ZITADEL_SOURCE_COCKROACH_DATABASE
|
|
MaxOpenConns: 6 # ZITADEL_SOURCE_COCKROACH_MAXOPENCONNS
|
|
MaxIdleConns: 6 # ZITADEL_SOURCE_COCKROACH_MAXIDLECONNS
|
|
MaxConnLifetime: 30m # ZITADEL_SOURCE_COCKROACH_MAXCONNLIFETIME
|
|
MaxConnIdleTime: 5m # ZITADEL_SOURCE_COCKROACH_MAXCONNIDLETIME
|
|
Options: "" # ZITADEL_SOURCE_COCKROACH_OPTIONS
|
|
User:
|
|
Username: zitadel # ZITADEL_SOURCE_COCKROACH_USER_USERNAME
|
|
Password: "" # ZITADEL_SOURCE_COCKROACH_USER_PASSWORD
|
|
SSL:
|
|
Mode: disable # ZITADEL_SOURCE_COCKROACH_USER_SSL_MODE
|
|
RootCert: "" # ZITADEL_SOURCE_COCKROACH_USER_SSL_ROOTCERT
|
|
Cert: "" # ZITADEL_SOURCE_COCKROACH_USER_SSL_CERT
|
|
Key: "" # ZITADEL_SOURCE_COCKROACH_USER_SSL_KEY
|
|
# Postgres is used as soon as a value is set
|
|
# The values describe the possible fields to set values
|
|
postgres:
|
|
Host: # ZITADEL_SOURCE_POSTGRES_HOST
|
|
Port: # ZITADEL_SOURCE_POSTGRES_PORT
|
|
Database: # ZITADEL_SOURCE_POSTGRES_DATABASE
|
|
MaxOpenConns: # ZITADEL_SOURCE_POSTGRES_MAXOPENCONNS
|
|
MaxIdleConns: # ZITADEL_SOURCE_POSTGRES_MAXIDLECONNS
|
|
MaxConnLifetime: # ZITADEL_SOURCE_POSTGRES_MAXCONNLIFETIME
|
|
MaxConnIdleTime: # ZITADEL_SOURCE_POSTGRES_MAXCONNIDLETIME
|
|
Options: # ZITADEL_SOURCE_POSTGRES_OPTIONS
|
|
User:
|
|
Username: # ZITADEL_SOURCE_POSTGRES_USER_USERNAME
|
|
Password: # ZITADEL_SOURCE_POSTGRES_USER_PASSWORD
|
|
SSL:
|
|
Mode: # ZITADEL_SOURCE_POSTGRES_USER_SSL_MODE
|
|
RootCert: # ZITADEL_SOURCE_POSTGRES_USER_SSL_ROOTCERT
|
|
Cert: # ZITADEL_SOURCE_POSTGRES_USER_SSL_CERT
|
|
Key: # ZITADEL_SOURCE_POSTGRES_USER_SSL_KEY
|
|
|
|
Destination:
|
|
postgres:
|
|
Host: localhost # ZITADEL_DESTINATION_POSTGRES_HOST
|
|
Port: 5432 # ZITADEL_DESTINATION_POSTGRES_PORT
|
|
Database: zitadel # ZITADEL_DESTINATION_POSTGRES_DATABASE
|
|
MaxOpenConns: 5 # ZITADEL_DESTINATION_POSTGRES_MAXOPENCONNS
|
|
MaxIdleConns: 2 # ZITADEL_DESTINATION_POSTGRES_MAXIDLECONNS
|
|
MaxConnLifetime: 30m # ZITADEL_DESTINATION_POSTGRES_MAXCONNLIFETIME
|
|
MaxConnIdleTime: 5m # ZITADEL_DESTINATION_POSTGRES_MAXCONNIDLETIME
|
|
Options: "" # ZITADEL_DESTINATION_POSTGRES_OPTIONS
|
|
User:
|
|
Username: zitadel # ZITADEL_DESTINATION_POSTGRES_USER_USERNAME
|
|
Password: "" # ZITADEL_DESTINATION_POSTGRES_USER_PASSWORD
|
|
SSL:
|
|
Mode: disable # ZITADEL_DESTINATION_POSTGRES_USER_SSL_MODE
|
|
RootCert: "" # ZITADEL_DESTINATION_POSTGRES_USER_SSL_ROOTCERT
|
|
Cert: "" # ZITADEL_DESTINATION_POSTGRES_USER_SSL_CERT
|
|
Key: "" # ZITADEL_DESTINATION_POSTGRES_USER_SSL_KEY
|
|
|
|
EventBulkSize: 10000 # ZITADEL_EVENTBULKSIZE
|
|
# The maximum duration an auth request was last updated before it gets ignored.
|
|
# Default is 30 days
|
|
MaxAuthRequestAge: 720h # ZITADEL_MAXAUTHREQUESTAGE
|
|
|
|
Projections:
|
|
# The maximum duration a transaction remains open
|
|
# before it spots left folding additional events
|
|
# and updates the table.
|
|
TransactionDuration: 0s # ZITADEL_PROJECTIONS_TRANSACTIONDURATION
|
|
# turn off scheduler during operation
|
|
RequeueEvery: 0s
|
|
ConcurrentInstances: 7 # ZITADEL_PROJECTIONS_CONCURRENTINSTANCES
|
|
EventBulkLimit: 1000 # ZITADEL_PROJECTIONS_EVENTBULKLIMIT
|
|
Customizations:
|
|
notifications:
|
|
MaxFailureCount: 1
|
|
|
|
Eventstore:
|
|
MaxRetries: 3 # ZITADEL_EVENTSTORE_MAXRETRIES
|
|
|
|
Auth:
|
|
Spooler:
|
|
TransactionDuration: 0s #ZITADEL_AUTH_SPOOLER_TRANSACTIONDURATION
|
|
BulkLimit: 1000 #ZITADEL_AUTH_SPOOLER_BULKLIMIT
|
|
|
|
Admin:
|
|
Spooler:
|
|
TransactionDuration: 0s #ZITADEL_AUTH_SPOOLER_TRANSACTIONDURATION
|
|
BulkLimit: 10 #ZITADEL_AUTH_SPOOLER_BULKLIMIT
|
|
|
|
FirstInstance:
|
|
# We only need to create an empty zitadel database so this step must be skipped
|
|
Skip: true
|
|
|
|
Log:
|
|
Level: info
|