Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct {
Port int `env:"PORT" envDefault:"8080"`
// SecureCookies controls the Secure flag on the session and CSRF cookies.
// Defaults to true (TLS-terminating proxy in front in production). Set to
// false locally to allow plaintext HTTP on 127.0.0.1.
SecureCookies bool `env:"SECURE_COOKIES" envDefault:"true"`
PostgresHost string `env:"POSTGRES_HOST,required"`
PostgresPort int `env:"POSTGRES_PORT" envDefault:"5432"`
PostgresDB string `env:"POSTGRES_DB" envDefault:"mere"`
PostgresUser string `env:"POSTGRES_USER" envDefault:"mere"`
PostgresPassword string `env:"POSTGRES_PASSWORD,required"`
ClickHouseHost string `env:"CLICKHOUSE_HOST,required"`
ClickHousePort int `env:"CLICKHOUSE_PORT" envDefault:"9000"`
ClickHouseDatabase string `env:"CLICKHOUSE_DATABASE" envDefault:"analytics"`
ClickHouseAdminUser string `env:"CLICKHOUSE_ADMIN_USER" envDefault:"mere_admin"`
ClickHouseAdminPassword string `env:"CLICKHOUSE_ADMIN_PASSWORD,required"`
ClickHouseReadonlyUser string `env:"CLICKHOUSE_READONLY_USER" envDefault:"mere_readonly"`
ClickHouseReadonlyPassword string `env:"CLICKHOUSE_READONLY_PASSWORD,required"`
// OAuthIssuerURL is the externally reachable base URL the OAuth server
// advertises in its discovery document and signs authorization redirects
// against. Required because the discovery JSON must be absolute.
OAuthIssuerURL string `env:"OAUTH_ISSUER_URL,required"`
OAuthAccessTokenTTL time.Duration `env:"OAUTH_ACCESS_TOKEN_TTL" envDefault:"1h"`
OAuthAuthorizationCodeTTL time.Duration `env:"OAUTH_AUTHORIZATION_CODE_TTL" envDefault:"10m"`
// Ingest pipeline (Step 5). IngestEventBuffer is the atomic-pending event
// ceiling Submit checks against; the underlying channel is sized smaller
// because envelopes carry many events each. IngestFlushEvents +
// IngestFlushInterval form the per-batch flush trigger (whichever fires
// first). IngestShutdownGrace bounds phase 3 of SIGTERM. IngestDisabled
// is the kill switch — when true, /api/v1/ingest/events 503s immediately without
// touching the channel. IngestMaxBodyBytes caps the request body
// surface area (10 MiB).
IngestEventBuffer int `env:"INGEST_EVENT_BUFFER" envDefault:"50000"`
IngestFlushEvents int `env:"INGEST_FLUSH_EVENTS" envDefault:"5000"`
IngestFlushInterval time.Duration `env:"INGEST_FLUSH_INTERVAL" envDefault:"2s"`
IngestShutdownGrace time.Duration `env:"INGEST_SHUTDOWN_GRACE" envDefault:"10s"`
IngestDisabled bool `env:"INGEST_DISABLED" envDefault:"false"`
IngestMaxBodyBytes int64 `env:"INGEST_MAX_BODY_BYTES" envDefault:"10485760"`
IngestDLQDrainBatchLimit int `env:"INGEST_DLQ_DRAIN_BATCH_LIMIT" envDefault:"10"`
// DLQDepth503Threshold is the active failed_events row count above which
// /healthz returns 503. Operators page on the resulting kamal-proxy
// circuit-break.
DLQDepth503Threshold int `env:"DLQ_DEPTH_503_THRESHOLD" envDefault:"100000"`
// AllowedOrigins restricts the Access-Control-Allow-Origin header on
// /api/v1/ingest/events and bearer API routes. Empty (default) → `*`. Comma-separated
// list of exact origins (no wildcards beyond the empty-list case).
AllowedOrigins []string `env:"ALLOWED_ORIGINS" envSeparator:"," envDefault:""`
// QueryMaxBodyBytes caps POST /api/v1/projects/:id/query bodies. The query
// result itself streams and is bounded by ClickHouse max_result_rows.
QueryMaxBodyBytes int64 `env:"QUERY_MAX_BODY_BYTES" envDefault:"262144"`
// QueryMaxResultRows caps ClickHouse result rows for every query front door:
// HTTP API, MCP, and the web playground.
QueryMaxResultRows uint64 `env:"QUERY_MAX_RESULT_ROWS" envDefault:"1000"`
// QueryMaxExecutionTime caps ClickHouse query runtime. Values are rounded up
// to whole seconds when sent to ClickHouse's max_execution_time setting.
QueryMaxExecutionTime time.Duration `env:"QUERY_MAX_EXECUTION_TIME" envDefault:"1m"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.