Development Platform: Configuration

parameters

Schema version: 1

• settings

  object
  • settings.datasources

    object

    Default: {}

    • settings.datasources.logging

      object

      Default: {}

      • settings.datasources.logging.enabled

        boolean

        Flag to enable or disable datasource logging to stdout.

        Default: false

  • settings.domain

    object

    Default: {}

    • settings.domain.customDomain

      string

      The custom domain to use if useCustomDomain is true. Must not contain http:// or https://. Required if useCustomDomain is true.

      Default: example.com

      Examples:

      
      

      customDomain: example.com
      

      customDomain: ddp.example.com
      

    • settings.domain.customSecretName

      string

      The custom secret name to use if useCustomSecret is true.

      Default: example-tls

      Examples:

      
      

      customSecretName: example-tls
      

      customSecretName: custom-tls-secret
      

    • settings.domain.prefix

      string

      Prefix for generating the domain name if not using a custom domain.

      Default: ddp

      Examples:

      
      

      prefix: ddp
      

      prefix: dev-platform
      

    • settings.domain.useCustomDomain

      boolean

      If true, use the custom domain. If false, use the generated domain prefix.

      Default: false

    • settings.domain.useCustomSecret

      boolean

      Use custom secret

      Default: false

  • settings.events

    object

    Default: {}

    • settings.events.ttl

      string

      Time to live for events. Format: string in Go duration format.

      Default: 96h

      Examples:

      
      

      ttl: 96h
      

      ttl: 720h
      

      ttl: 1d
      

      ttl: 30m
      

  • settings.extraCA

    string

    Additional CA certificates in PEM format. Used when accessing any services that DDP may potentially connect to (e.g., dex by FQDN if you have your own CA for dex). The certificate is mounted to /etc/ssl/certs/extraca.crt.

    Default:

    Examples:

    
    

    extraCA: ""
    

    extraCA: |
      -----BEGIN CERTIFICATE-----
      MIIEKTCCApGgAwIBAgIRAL6BA5jjXYI52wcc3b9UftAwDQYJKoZIhvcNAQELBQAw
      ...
      -----END CERTIFICATE-----
    

  • settings.logger

    object

    Default: {}

    • settings.logger.format

      string

      Format of the logging.

      Default: logfmt

      Allowed values: json, logfmt

    • settings.logger.level

      string

      Logging level.

      Default: info

      Allowed values: debug, info, warn, error

  • settings.postgres

    object

    Default: {}

    • settings.postgres.database

      string

      Name of the Postgres database.

      Default: ddp

      Examples:

      
      

      database: ddp
      

      database: development_platform
      

      database: my_database
      

    • settings.postgres.host

      string

      Hostname or IP address of the Postgres server. When mode=internal, must be set to postgres.

      Default: postgres

      Examples:

      
      

      host: postgres
      

      host: localhost
      

      host: 192.168.1.100
      

      host: postgres.example.com
      

    • settings.postgres.mode

      string

      Specifies whether Postgres is internal or external.

      Default: internal

      Allowed values: internal, external

    • settings.postgres.password

      string

      Password for connecting to Postgres.

      Default: ddp

      Examples:

      
      

      password: ddp
      

      password: secure_password_123
      

    • settings.postgres.port

      number

      Port number on which Postgres is listening. Not required if using the default value.

      Default: 5432

      Examples:

      
      

      port: 5432
      

      port: 35432
      

    • settings.postgres.username

      string

      Username for connecting to Postgres.

      Default: ddp

      Examples:

      
      

      username: ddp
      

      username: postgres
      

      username: db_user
      

  • settings.rbac

    object

    Default: {}

    • settings.rbac.ownerIsAdmin

      boolean

      If true, the resource owner automatically gets administrator rights.

      Default: true

    • settings.rbac.superAdminEmail

      string

      Required value

      Email of the super admin.

      Example:

      
      

      superAdminEmail: admin@example.com
      

  • settings.redis

    object

    Default: {}

    • settings.redis.database

      string

      Database index to use on the Redis server. Not required if using the default value.

      Default: 0

      Examples:

      
      

      database: "0"
      

      database: "1"
      

      database: "15"
      

    • settings.redis.host

      string

      Hostname or IP address of the Redis server. When mode=internal, must be set to redis.

      Default: redis

      Examples:

      
      

      host: redis
      

      host: localhost
      

      host: 192.168.1.101
      

      host: redis.example.com
      

    • settings.redis.mode

      string

      Specifies whether Redis is internal or external.

      Default: internal

      Allowed values: internal, external

    • settings.redis.password

      string

      Password for connecting to Redis. Not required if using the default value (empty string).

      Default:

      Examples:

      
      

      password: ""
      

      password: redis_password
      

    • settings.redis.port

      number

      Port number on which Redis is listening. Not required if using the default value.

      Default: 6379

      Examples:

      
      

      port: 6379
      

      port: 6380
      

  • settings.security

    object

    Default: {}

    • settings.security.headers

      object

      Configuration for HTTP security headers (CSP, X-Frame-Options, etc.).

      Default: {}

      • settings.security.headers.csp

        object

        Content Security Policy (CSP) configuration.

        Default: {}

        • settings.security.headers.csp.additionalSources

          string

          Additional CSP sources (space-separated list of URLs or special values). These sources will be added to img-src, connect-src, frame-src, and frame-ancestors directives.

          Default:

          Examples:

          
          

          additionalSources: ""
          

          additionalSources: https://cdn.example.com
          

          additionalSources: https://api.example.com https://cdn.example.com
          

        • settings.security.headers.csp.allowExternalImages

          boolean

          Allow images from external sources. When true, images can be loaded from any domain (useful for icons from external CDNs). When false, only images from ‘self’ and ‘data:’ are allowed.

          Default: false

          Examples:

          
          

          allowExternalImages: false
          

          allowExternalImages: true
          

        • settings.security.headers.csp.allowIframe

          boolean

          Allow iframe embedding. When true, the application can be embedded in iframes from any domain (useful for widgets). When false, only same-origin iframes are allowed.

          Default: false

          Examples:

          
          

          allowIframe: false
          

          allowIframe: true
          

      • settings.security.headers.enabled

        boolean

        Enable or disable security headers. When disabled, no security headers will be sent in HTTP responses.

        Default: true

        Examples:

        
        

        enabled: true
        

        enabled: false
        

      • settings.security.headers.xFrameOptions

        string

        X-Frame-Options header value. ‘DENY’ prevents the page from being displayed in a frame. ‘SAMEORIGIN’ allows framing only by pages from the same origin.

        Default: SAMEORIGIN

        Allowed values: DENY, SAMEORIGIN

        Examples:

        
        

        xFrameOptions: DENY
        

        xFrameOptions: SAMEORIGIN
        

    • settings.security.secretKey

      string

      Required value

      Secret key for security purposes. Must contain 16, 24, or 32 characters (bytes). Only printable ASCII characters are allowed.

      Examples:

      
      

      secretKey: mySecretKeyDefau
      

      secretKey: 16charssecretkey
      

      secretKey: 24characterssecretkey!!x
      

      secretKey: 32characterslongsecretkey1234xyz
      

  • settings.workers

    object

    Default: {}

    • settings.workers.maxTasks

      integer

      Maximum number of tasks that can be processed in parallel by each worker. This controls the concurrency level per worker instance.

      Default: 10

      Allowed values: 1 <= X

      Examples:

      
      

      maxTasks: 5
      

      maxTasks: 10
      

      maxTasks: 20
      

    • settings.workers.replicas

      integer

      Number of worker replicas to deploy. Workers process tasks from the queue (datasource sync, action execution, health checks).

      Default: 2

      Allowed values: 0 <= X

      Examples:

      
      

      replicas: 1
      

      replicas: 2
      

      replicas: 3