All Config

All Config

Configuration property fixed at build time - ️ Configuration property overridable at runtime

AWS Lambda Type Default

quarkus.lambda.handlerThe handler name. Handler names are specified on handler classes using the @javax.inject.Named annotation. If this name is unspecified and there is exactly one unnamed implementation of com.amazonaws.services.lambda.runtime.RequestHandler then this unnamed handler will be used. If there is only a single named handler and the name is unspecified then the named handler will be used. string

quarkus.lambda.enable-polling-jvm-modeIf true, this will enable the aws event poll loop within a Quarkus test run. This loop normally only runs in native image. This option is strictly for testing purposes. boolean false

Agroal - Database connection pool Type Default

quarkus.datasource.driverThe datasource driver class name string

quarkus.datasource.transactionsWhether we want to use regular JDBC transactions, XA, or disable all transactional capabilities. When enabling XA you will need a driver implementing javax.sql.XADataSource. enabled, xa, disabled enabled

quarkus.datasource.health.enabledWhether or not an healtcheck is published in case the smallrye-health extension is present (default to true). boolean true

quarkus.datasource.urlThe datasource URL string

quarkus.datasource.usernameThe datasource username string

quarkus.datasource.passwordThe datasource password string

quarkus.datasource.credentials-providerThe credentials provider name string

quarkus.datasource.credentials-provider-typeThe credentials provider type. It is the @Named value of the credentials provider bean. It is used to discriminate if multiple CredentialsProvider beans are available. For Vault it is: vault-credentials-provider. Not necessary if there is only one credentials provider available. string

quarkus.datasource.initial-sizeThe initial size of the pool. Usually you will want to set the initial size to match at least the minimal size, but this is not enforced so to allow for architectures which prefer a lazy initialization of the connections on boot, while being able to sustain a minimal pool size after boot. int

quarkus.datasource.min-sizeThe datasource pool minimum size int 0

quarkus.datasource.max-sizeThe datasource pool maximum size int 20

quarkus.datasource.background-validation-intervalThe interval at which we validate idle connections in the background. Set to 0 to disable background validation. Duration 2M

quarkus.datasource.acquisition-timeoutThe timeout before cancelling the acquisition of a new connection Duration 5

quarkus.datasource.leak-detection-intervalThe interval at which we check for connection leaks. Duration

quarkus.datasource.idle-removal-intervalThe interval at which we try to remove idle connections. Duration 5M

quarkus.datasource.max-lifetimeThe max lifetime of a connection. Duration

quarkus.datasource.transaction-isolation-levelThe transaction isolation level. undefined, none, read-uncommitted, read-committed, repeatable-read, serializable

quarkus.datasource.enable-metricsEnable datasource metrics collection. boolean false

quarkus.datasource.detect-statement-leaksWhen enabled Agroal will be able to produce a warning when a connection is returned to the pool without the application having closed all open statements. This is unrelated with tracking of open connections. Disable for peak performance, but only when there’s high confidence that no leaks are happening. boolean true

quarkus.datasource.new-connection-sqlQuery executed when first using a connection. string

Additional named datasources Type Default

quarkus.datasource."datasource-name".driverThe datasource driver class name string

quarkus.datasource."datasource-name".transactionsWhether we want to use regular JDBC transactions, XA, or disable all transactional capabilities. When enabling XA you will need a driver implementing javax.sql.XADataSource. enabled, xa, disabled enabled

quarkus.datasource."datasource-name".urlThe datasource URL string

quarkus.datasource."datasource-name".usernameThe datasource username string

quarkus.datasource."datasource-name".passwordThe datasource password string

quarkus.datasource."datasource-name".credentials-providerThe credentials provider name string

quarkus.datasource."datasource-name".credentials-provider-typeThe credentials provider type. It is the @Named value of the credentials provider bean. It is used to discriminate if multiple CredentialsProvider beans are available. For Vault it is: vault-credentials-provider. Not necessary if there is only one credentials provider available. string

quarkus.datasource."datasource-name".initial-sizeThe initial size of the pool. Usually you will want to set the initial size to match at least the minimal size, but this is not enforced so to allow for architectures which prefer a lazy initialization of the connections on boot, while being able to sustain a minimal pool size after boot. int

quarkus.datasource."datasource-name".min-sizeThe datasource pool minimum size int 0

quarkus.datasource."datasource-name".max-sizeThe datasource pool maximum size int 20

quarkus.datasource."datasource-name".background-validation-intervalThe interval at which we validate idle connections in the background. Set to 0 to disable background validation. Duration 2M

quarkus.datasource."datasource-name".acquisition-timeoutThe timeout before cancelling the acquisition of a new connection Duration 5

quarkus.datasource."datasource-name".leak-detection-intervalThe interval at which we check for connection leaks. Duration

quarkus.datasource."datasource-name".idle-removal-intervalThe interval at which we try to remove idle connections. Duration 5M

quarkus.datasource."datasource-name".max-lifetimeThe max lifetime of a connection. Duration

quarkus.datasource."datasource-name".transaction-isolation-levelThe transaction isolation level. undefined, none, read-uncommitted, read-committed, repeatable-read, serializable

quarkus.datasource."datasource-name".enable-metricsEnable datasource metrics collection. boolean false

quarkus.datasource."datasource-name".detect-statement-leaksWhen enabled Agroal will be able to produce a warning when a connection is returned to the pool without the application having closed all open statements. This is unrelated with tracking of open connections. Disable for peak performance, but only when there’s high confidence that no leaks are happening. boolean true

quarkus.datasource."datasource-name".new-connection-sqlQuery executed when first using a connection. string

Amazon DynamoDB client Type Default

quarkus.dynamodb.enable-endpoint-discoveryEnable DynamoDB service endpoint discovery. boolean false

quarkus.dynamodb.endpoint-overrideThe endpoint URI with which the SDK should communicate. If not specified, an appropriate endpoint to be used for DynamoDB service and region. URI

quarkus.dynamodb.api-call-timeoutThe amount of time to allow the client to complete the execution of an API call. This timeout covers the entire client execution except for marshalling. This includes request handler execution, all HTTP requests including retries, unmarshalling, etc. This value should always be positive, if present. Duration

quarkus.dynamodb.api-call-attempt-timeoutThe amount of time to wait for the HTTP request to complete before giving up and timing out. This value should always be positive, if present. Duration

quarkus.dynamodb.interceptorsList of execution interceptors that will have access to read and modify the request and response objects as they are processed by the AWS SDK. The list should consists of class names which implements software.amazon.awssdk.core.interceptor.ExecutionInterceptor interface. list of class name required

quarkus.dynamodb.aws.regionAn Amazon Web Services region that hosts DynamoDB.It overrides region provider chain with static value ofregion with which the DynamoDB client should communicate.If not set, region is retrieved via the default providers chain in the following order:-aws.region system property-region property from the profile file-Instance profile fileSee software.amazon.awssdk.regions.Region for available regions. Region

quarkus.dynamodb.aws.credentials.typeConfigure the credentials provider that should be used to authenticate with AWS.Available values:-default - the provider will attempt to identify the credentials automatically using the following checks: -Java System Properties - aws.accessKeyId and aws.secretKey -Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY -Credential profiles file at the default location (~/.aws/credentials) shared by all AWS SDKs and the AWS CLI -Credentials delivered through the Amazon EC2 container service if AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variable is set and security manager has permission to access the variable. -Instance profile credentials delivered through the Amazon EC2 metadata service-static - the provider that uses the access key and secret access key specified in the tatic-provider section of the config.-system-property - it loads credentials from the aws.accessKeyId, aws.secretAccessKey and aws.sessionToken system properties.-env-variable - it loads credentials from the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_SESSION_TOKEN environment variables.-profile - credentials are based on AWS configuration profiles. This loads credentials froma profile file,allowing you to share multiple sets of AWS security credentials between different tools like the AWS SDK for Java and the AWS CLI.-container - It loads credentials from a local metadata service. Containers currently supported by the AWS SDK areAmazon Elastic Container Service (ECS) and AWS Greengrass-instance-profile - It loads credentials from the Amazon EC2 Instance Metadata Service.-process - Credentials are loaded from an external process. This is used to support the credential_process setting in the profilecredentials file. See Sourcing Credentials From External Processesfor more information.-anonymous - It always returns anonymous AWS credentials. Anonymous AWS credentials result in un-authenticated requests and willfail unless the resource or API’s policy has been configured to specifically allow anonymous access. default, static, system-property, env-variable, profile, container, instance-profile, process, anonymous default

quarkus.dynamodb.aws.credentials.default-provider.async-credential-update-enabledWhether this provider should fetch credentials asynchronously in the background. If this is true, threads are less likely to block, but additional resources are used to maintain the provider. boolean false

quarkus.dynamodb.aws.credentials.default-provider.reuse-last-provider-enabledWhether the provider should reuse the last successful credentials provider in the chain. Reusing the last successful credentials provider will typically return credentials faster than searching through the chain. boolean true

quarkus.dynamodb.aws.credentials.static-provider.access-key-idAWS Access key id string required

quarkus.dynamodb.aws.credentials.static-provider.secret-access-keyAWS Secret access key string required

quarkus.dynamodb.aws.credentials.profile-provider.profile-nameThe name of the profile that should be used by this credentials provider. If not specified, the value in AWS_PROFILE environment variable or aws.profile system property is used and defaults to default name. string

quarkus.dynamodb.aws.credentials.process-provider.async-credential-update-enabledWhether the provider should fetch credentials asynchronously in the background. If this is true, threads are less likely to block when credentials are loaded, but additional resources are used to maintain the provider. boolean false

quarkus.dynamodb.aws.credentials.process-provider.credential-refresh-thresholdThe amount of time between when the credentials expire and when the credentials should start to be refreshed. This allows the credentials to be refreshed before they are reported to expire. Duration 15S

quarkus.dynamodb.aws.credentials.process-provider.process-output-limitThe maximum size of the output that can be returned by the external process before an exception is raised. MemorySize 1024

quarkus.dynamodb.aws.credentials.process-provider.commandThe command that should be executed to retrieve credentials. string required

quarkus.dynamodb.sync-client.typeType of the sync HTTP client implementation url, apache url

quarkus.dynamodb.sync-client.connection-timeoutThe maximum amount of time to establish a connection before timing out. Duration 2S

quarkus.dynamodb.sync-client.socket-timeoutThe amount of time to wait for data to be transferred over an established, open connection before the connection is timed out. Duration 30S

quarkus.dynamodb.sync-client.apache.connection-acquisition-timeoutThe amount of time to wait when acquiring a connection from the pool before giving up and timing out. Duration 10S

quarkus.dynamodb.sync-client.apache.connection-max-idle-timeThe maximum amount of time that a connection should be allowed to remain open while idle. Duration 60S

quarkus.dynamodb.sync-client.apache.connection-time-to-liveThe maximum amount of time that a connection should be allowed to remain open, regardless of usage frequency. Duration

quarkus.dynamodb.sync-client.apache.max-connectionsThe maximum number of connections allowed in the connection pool. Each built HTTP client has its own private connection pool. int 50

quarkus.dynamodb.sync-client.apache.expect-continue-enabledWhether the client should send an HTTP expect-continue handshake before each request. boolean true

quarkus.dynamodb.sync-client.apache.use-idle-connection-reaperWhether the idle connections in the connection pool should be closed asynchronously. When enabled, connections left idling for longer than quarkus.dynamodb.sync-client.connection-max-idle-time will be closed. This will not close connections currently in use. boolean true

quarkus.dynamodb.sync-client.apache.proxy.enabledEnable HTTP proxy boolean false

quarkus.dynamodb.sync-client.apache.proxy.endpointThe endpoint of the proxy server that the SDK should connect through. Currently, the endpoint is limited to a host and port. Any other URI components will result in an exception being raised. URI required

quarkus.dynamodb.sync-client.apache.proxy.usernameThe username to use when connecting through a proxy. string

quarkus.dynamodb.sync-client.apache.proxy.passwordThe password to use when connecting through a proxy. string

quarkus.dynamodb.sync-client.apache.proxy.ntlm-domainFor NTLM proxies - the Windows domain name to use when authenticating with the proxy. string

quarkus.dynamodb.sync-client.apache.proxy.ntlm-workstationFor NTLM proxies - the Windows workstation name to use when authenticating with the proxy. string

quarkus.dynamodb.sync-client.apache.proxy.preemptive-basic-authentication-enabledWhether to attempt to authenticate preemptively against the proxy server using basic authentication. boolean

quarkus.dynamodb.sync-client.apache.proxy.non-proxy-hostsThe hosts that the client is allowed to access without going through the proxy. list of string required

quarkus.dynamodb.sync-client.apache.tls-managers-provider.typeTLS managers provider type.Available providers:-none - Use this provider if you don’t want the client to present any certificates to the remote TLS host.-system-property - Provider checks the standard javax.net.ssl.keyStore, javax.net.ssl.keyStorePassword, andjavax.net.ssl.keyStoreType properties defined by the JSSE.-file-store - Provider that loads a the key store from a file. none, system-property, file-store system-property

quarkus.dynamodb.sync-client.apache.tls-managers-provider.file-store.pathPath to the key store. path required

quarkus.dynamodb.sync-client.apache.tls-managers-provider.file-store.typeKey store type. See the KeyStore section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard keystore types. string required

quarkus.dynamodb.sync-client.apache.tls-managers-provider.file-store.passwordKey store password string required

quarkus.dynamodb.async-client.max-concurrencyThe maximum number of allowed concurrent requests. For HTTP/1.1 this is the same as max connections. For HTTP/2 the number of connections that will be used depends on the max streams allowed per connection. int 50

quarkus.dynamodb.async-client.max-pending-connection-acquiresThe maximum number of pending acquires allowed. Once this exceeds, acquire tries will be failed. int 10000

quarkus.dynamodb.async-client.read-timeoutThe amount of time to wait for a read on a socket before an exception is thrown. Specify 0 to disable. Duration 30S

quarkus.dynamodb.async-client.write-timeoutThe amount of time to wait for a write on a socket before an exception is thrown. Specify 0 to disable. Duration 30S

quarkus.dynamodb.async-client.connection-timeoutThe amount of time to wait when initially establishing a connection before giving up and timing out. Duration 10S

quarkus.dynamodb.async-client.connection-acquisition-timeoutThe amount of time to wait when acquiring a connection from the pool before giving up and timing out. Duration 2S

quarkus.dynamodb.async-client.connection-time-to-liveThe maximum amount of time that a connection should be allowed to remain open, regardless of usage frequency. Duration

quarkus.dynamodb.async-client.connection-max-idle-timeThe maximum amount of time that a connection should be allowed to remain open while idle. Currently has no effect if quarkus.dynamodb.async-client.use-idle-connection-reaper is false. Duration 60S

quarkus.dynamodb.async-client.use-idle-connection-reaperWhether the idle connections in the connection pool should be closed. When enabled, connections left idling for longer than quarkus.dynamodb.async-client.connection-max-idle-time will be closed. This will not close connections currently in use. boolean true

quarkus.dynamodb.async-client.protocolThe HTTP protocol to use. http1-1, http2 http1-1

quarkus.dynamodb.async-client.max-http2-streamsThe maximum number of concurrent streams for an HTTP/2 connection. This setting is only respected when the HTTP/2 protocol is used. 0 means unlimited. int 0

quarkus.dynamodb.async-client.ssl-providerThe SSL Provider to be used in the Netty client. Default is OPENSSL if available, JDK otherwise. jdk, openssl, openssl-refcnt

quarkus.dynamodb.async-client.proxy.enabledEnable HTTP proxy. boolean false

quarkus.dynamodb.async-client.proxy.endpointThe endpoint of the proxy server that the SDK should connect through. Currently, the endpoint is limited to a host and port. Any other URI components will result in an exception being raised. URI required

quarkus.dynamodb.async-client.proxy.non-proxy-hostsThe hosts that the client is allowed to access without going through the proxy. list of string required

quarkus.dynamodb.async-client.tls-managers-provider.typeTLS managers provider type.Available providers:-none - Use this provider if you don’t want the client to present any certificates to the remote TLS host.-system-property - Provider checks the standard javax.net.ssl.keyStore, javax.net.ssl.keyStorePassword, andjavax.net.ssl.keyStoreType properties defined by the JSSE.-file-store - Provider that loads a the key store from a file. none, system-property, file-store system-property

quarkus.dynamodb.async-client.tls-managers-provider.file-store.pathPath to the key store. path required

quarkus.dynamodb.async-client.tls-managers-provider.file-store.typeKey store type. See the KeyStore section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard keystore types. string required

quarkus.dynamodb.async-client.tls-managers-provider.file-store.passwordKey store password string required

quarkus.dynamodb.async-client.event-loop.overrideEnable the custom configuration of the Netty event loop group. boolean false

quarkus.dynamodb.async-client.event-loop.number-of-threadsNumber of threads to use for the event loop group. If not set, the default Netty thread count is used (which is double the number of available processors unless the io.netty.eventLoopThreads system property is set. int

quarkus.dynamodb.async-client.event-loop.thread-name-prefixThe thread name prefix for threads created by this thread factory used by event loop group. The prefix will be appended with a number unique to the thread factory and a number unique to the thread. If not specified it defaults to aws-java-sdk-NettyEventLoop string

Apache Kafka Streams Type Default

quarkus.kafka-streams.application-idA unique identifier for this Kafka Streams application. string required

quarkus.kafka-streams.bootstrap-serversA comma-separated list of host:port pairs identifying the Kafka bootstrap server(s) list of host:port localhost:9012

quarkus.kafka-streams.application-serverA unique identifier of this application instance, typically in the form host:port. string

quarkus.kafka-streams.topicsA comma-separated list of topic names. The pipeline will only be started once all these topics are present in the Kafka cluster. list of string required

Apache Tika Type Default

quarkus.tika.tika-config-pathThe resource path within the application artifact to the tika-config.xml file. string

quarkus.tika.parsersComma separated list of the parsers which must be supported. Most of the document formats recognized by Apache Tika are supported by default but it affects the application memory and native executable sizes. One can list only the required parsers in tika-config.xml to minimize a number of parsers loaded into the memory, but using this property is recommended to achieve both optimizations. Either the abbreviated or full parser class names can be used. At the moment only PDF parser can be listed using a reserved 'pdf' abbreviation. Custom class name abbreviations have to be used for all other parsers. For example: // Only PDF parser is required: tika-parsers = pdf // Only PDF and Java class parsers are required: tika-parsers = pdf,classparser classparser = org.apache.tika.parser.asm.ClassParser This property will have no effect if the tikaConfigPath' property has been set. </td><td> string </td><td></td></tr><tr><td> <a id="quarkus-tika_quarkus.tika.append-embedded-content"></a><code><a href="https://quarkus.io/guides/#quarkus-tika_quarkus.tika.append-embedded-content">quarkus.tika.append-embedded-content</a></code> Controls how the content of the embedded documents is parsed. By default it is appended to the master document content. Setting this property to false makes the content of each of the embedded documents available separately. </td><td> boolean </td><td> <code>true</code> </td></tr><tr><th> <a id="quarkus-arc_arc"></a>[ArC](https://quarkus.io/guides/#quarkus-arc_arc) </th><th> Type </th><th> Default </th></tr><tr><td> <a id="quarkus-arc_quarkus.arc.remove-unused-beans"></a><code><a href="https://quarkus.io/guides/#quarkus-arc_quarkus.arc.remove-unused-beans">quarkus.arc.remove-unused-beans</a></code> - If set to <code>all</code> (or <code>true</code>) the container will attempt to remove all unused beans. - If set to none (or <code>false</code>) no beans will ever be removed even if they are unused (according to the criteria set out below) - If set to <code>fwk</code>, then all unused beans will be removed, except the unused beans whose classes are declared in the application code <pre>An unused bean: - is not a built-in bean or interceptor, - is not eligible for injection to any injection point, - is not excluded by any extension, - does not have a name, - does not declare an observer, - does not declare any producer which is eligible for injection to any injection point, - is not directly eligible for injection into anyjavax.enterprise.inject.Instance` injection point string all

quarkus.arc.auto-inject-fieldsIf set to true @Inject is automatically added to all non-static fields that are annotated with one of the annotations defined by AutoInjectAnnotationBuildItem. boolean true

Artemis Core Type Default

quarkus.artemis.urlArtemis connection url string required

quarkus.artemis.usernameUsername for authentication, only used with JMS string

quarkus.artemis.passwordPassword for authentication, only used with JMS string

Eclipse Vert.x - Core Type Default

quarkus.vertx.cachingEnables or disables the Vert.x cache. boolean true

quarkus.vertx.classpath-resolvingEnables or disabled the Vert.x classpath resource resolver. boolean true

quarkus.vertx.event-loops-pool-sizeThe number of event loops. 2 x the number of core by default. int

quarkus.vertx.max-event-loop-execute-timeThe maximum amount of time the event loop can be blocked. Default is 2s. Duration

quarkus.vertx.warning-exception-timeThe amount of time before a warning is displayed if the event loop is blocked. Duration 2

quarkus.vertx.worker-pool-sizeThe size of the worker thread pool. int 20

quarkus.vertx.max-worker-execute-timeThe maximum amount of time the worker thread can be blocked. Default is 10s. Duration

quarkus.vertx.internal-blocking-pool-sizeThe size of the internal thread pool (used for the file system). int 20

quarkus.vertx.use-async-dnsEnables the async DNS resolver. boolean false

quarkus.vertx.eventbus.key-certificate-pem.keysComma-separated list of the path to the key files (Pem format). string

quarkus.vertx.eventbus.key-certificate-pem.certsComma-separated list of the path to the certificate files (Pem format). string

quarkus.vertx.eventbus.key-certificate-jks.pathPath of the key file (JKS format). string

quarkus.vertx.eventbus.key-certificate-jks.passwordPassword of the key file. string

quarkus.vertx.eventbus.key-certificate-pfx.pathPath to the key file (PFX format) string

quarkus.vertx.eventbus.key-certificate-pfx.passwordPassword of the key. string

quarkus.vertx.eventbus.trust-certificate-pem.certsComma-separated list of the trust certificate files (Pem format). string

quarkus.vertx.eventbus.trust-certificate-jks.pathPath of the key file (JKS format). string

quarkus.vertx.eventbus.trust-certificate-jks.passwordPassword of the key file. string

quarkus.vertx.eventbus.trust-certificate-pfx.pathPath to the key file (PFX format) string

quarkus.vertx.eventbus.trust-certificate-pfx.passwordPassword of the key. string

quarkus.vertx.eventbus.accept-backlogThe accept backlog. int

quarkus.vertx.eventbus.client-authThe client authentication. string NONE

quarkus.vertx.eventbus.connect-timeoutThe connect timeout. Duration 60

quarkus.vertx.eventbus.idle-timeoutThe idle timeout in milliseconds. Duration

quarkus.vertx.eventbus.receive-buffer-sizeThe receive buffer size. int

quarkus.vertx.eventbus.reconnect-attemptsThe number of reconnection attempts. int 0

quarkus.vertx.eventbus.reconnect-intervalThe reconnection interval in milliseconds. Duration 1

quarkus.vertx.eventbus.reuse-addressWhether or not to reuse the address. boolean true

quarkus.vertx.eventbus.reuse-portWhether or not to reuse the port. boolean false

quarkus.vertx.eventbus.send-buffer-sizeThe send buffer size. int

quarkus.vertx.eventbus.soLingerThe so linger. int

quarkus.vertx.eventbus.sslEnables or Disabled SSL. boolean false

quarkus.vertx.eventbus.tcp-keep-aliveWhether or not to keep the TCP connection opened (keep-alive). boolean false

quarkus.vertx.eventbus.tcp-no-delayConfigure the TCP no delay. boolean true

quarkus.vertx.eventbus.traffic-classConfigure the traffic class. int

quarkus.vertx.eventbus.trust-allEnables or disables the trust all parameter. boolean false

quarkus.vertx.cluster.hostThe host name. string localhost

quarkus.vertx.cluster.portThe port. int

quarkus.vertx.cluster.public-hostThe public host name. string

quarkus.vertx.cluster.public-portThe public port. int

quarkus.vertx.cluster.clusteredEnables or disables the clustering. boolean false

quarkus.vertx.cluster.ping-intervalThe ping interval. Duration 20

quarkus.vertx.cluster.ping-reply-intervalThe ping reply interval. Duration 20

Eclipse Vert.x - HTTP Type Default

quarkus.http.root-pathThe HTTP root path. All web content will be served relative to this root path. string /

quarkus.http.auth.basicIf basic auth should be enabled. If both basic and form auth is enabled then basic auth will be enabled in silent mode. If no authentication mechanisms are configured basic auth is the default, unless an io.quarkus.security.identity.IdentityProvider is present that supports io.quarkus.security.identity.request.TokenAuthenticationRequest in which case form auth will be the default. boolean false

quarkus.http.auth.form.enabledIf form authentication is enabled boolean false

quarkus.http.auth.form.login-pageThe login page string /login.html

quarkus.http.auth.form.error-pageThe error page string /error.html

quarkus.http.auth.form.landing-pageThe landing page to redirect to if there is no saved page to redirect back to string required

quarkus.http.auth.form.timeoutThe inactivity timeout Duration PT30M

quarkus.http.auth.form.new-cookie-intervalHow old a cookie can get before it will be replaced with a new cookie with an updated timeout. Not that smaller values will result in slightly more server load (as new encrypted cookies will be generated more often), however larger values affect the inactivity timeout as the timeout is set when a cookie is generated. For example if this is set to 10 minutes, and the inactivity timeout is 30m, if a users last request is when the cookie is 9m old then the actual timeout will happen 21m after the last request, as the timeout is only refreshed when a new cookie is generated. Duration PT1M

quarkus.http.auth.form.cookie-nameThe cookie that is used to store the persistent session string quarkus-credential

quarkus.http.auth.realmThe authentication realm string Quarkus

quarkus.http.corsEnable the CORS filter. boolean false

quarkus.http.portThe HTTP port int 8080

quarkus.http.test-portThe HTTP port used to run tests int 8081

quarkus.http.hostThe HTTP host string 0.0.0.0

quarkus.http.ssl-portThe HTTPS port int 8443

quarkus.http.test-ssl-portThe HTTPS port used to run tests int 8444

quarkus.http.cors.originsOrigins allowed for CORS Comma separated list of valid URLs. ex: http://www.quarkus.io,http://localhost:3000 The filter allows any origin if this is not set. default: returns any requested origin as valid list of string required

quarkus.http.cors.methodsHTTP methods allowed for CORS Comma separated list of valid methods. ex: GET,PUT,POST The filter allows any method if this is not set. default: returns any requested method as valid list of options, get, head, post, put, delete, trace, connect, patch, other required

quarkus.http.cors.headersHTTP headers allowed for CORS Comma separated list of valid headers. ex: X-Custom,Content-Disposition The filter allows any header if this is not set. default: returns any requested header as valid list of string required

quarkus.http.cors.exposed-headersHTTP headers exposed in CORS Comma separated list of valid headers. ex: X-Custom,Content-Disposition default: empty list of string required

quarkus.http.cors.access-control-max-ageThe Access-Control-Max-Age response header value indicating how long the results of a pre-flight request can be cached. Duration

quarkus.http.ssl.certificate.fileThe file path to a server certificate or certificate chain in PEM format. path

quarkus.http.ssl.certificate.key-fileThe file path to the corresponding certificate private key file in PEM format. path

quarkus.http.ssl.certificate.key-store-fileAn optional key store which holds the certificate information instead of specifying separate files. path

quarkus.http.ssl.certificate.key-store-file-typeAn optional parameter to specify type of the key store file. If not given, the type is automatically detected based on the file name. string

quarkus.http.ssl.certificate.key-store-passwordA parameter to specify the password of the key store file. If not given, the default ("password") is used. string password

quarkus.http.ssl.cipher-suitesThe cipher suites to use. If none is given, a reasonable default is selected. list of string required

quarkus.http.ssl.protocolsThe list of protocols to explicitly enable. list of string TLSv1.3,TLSv1.2

quarkus.http.io-threadsThe number if IO threads used to perform IO. This will be automatically set to a reasonable value based on the number of CPU cores if it is not provided. If this is set to a higher value than the number of Vert.x event loops then it will be capped at the number of event loops. In general this should be controlled by setting quarkus.vertx.event-loops-pool-size, this setting should only be used if you want to limit the number of HTTP io threads to a smaller number than the total number of IO threads. int

quarkus.http.virtualIf this is true then only a virtual channel will be set up for vertx web. We have this switch for testing purposes. boolean false

quarkus.http.limits.max-header-sizeThe the maximum length of all headers. MemorySize 20K

quarkus.http.limits.max-body-sizeThe maximum size of a request body. Default: no limit. MemorySize

quarkus.http.body.handle-file-uploadsWhether the files sent using multipart/form-data will be stored locally. If true, they will be stored in quarkus.http.body-handler.uploads-directory and will be made available via io.vertx.ext.web.RoutingContext.fileUploads(). Otherwise, the the files sent using multipart/form-data will not be stored locally, and io.vertx.ext.web.RoutingContext.fileUploads() will always return an empty collection. Note that even with this option being set to false, the multipart/form-data requests will be accepted. boolean true

quarkus.http.body.uploads-directoryThe directory where the files sent using multipart/form-data should be stored. Either an absolute path or a path relative to the current directory of the application process. string file-uploads

quarkus.http.body.merge-form-attributesWhether the form attributes should be added to the request parameters. If true, the form attributes will be added to the request parameters; otherwise the form parameters will not be added to the request parameters boolean true

quarkus.http.body.delete-uploaded-files-on-endWhether the uploaded files should be removed after serving the request. If true the uploaded files stored in quarkus.http.body-handler.uploads-directory will be removed after handling the request. Otherwise the files will be left there forever. boolean false

quarkus.http.body.preallocate-body-bufferWhether the body buffer should pre-allocated based on the Content-Length header value. If true the body buffer is pre-allocated according to the size read from the Content-Length header. Otherwise the body buffer is pre-allocated to 1KB, and is resized dynamically boolean false

quarkus.http.auth.session.encryption-keyThe encryption key that is used to store persistent logins (e.g. for form auth). Logins are stored in a persistent cookie that is encrypted with AES-256 using a key derived from a SHA-256 hash of the key that is provided here. If no key is provided then an in-memory one will be generated, this will change on every restart though so it is not suitable for production environments. This must be more than 16 characters long for security reasons string required

quarkus.http.auth.permission."permissions".policyThe HTTP policy that this permission set is linked to. There are 3 built in policies: permit, deny and authenticated. Role based policies can be defined, and extensions can add their own policies. string required

quarkus.http.auth.permission."permissions".methodsThe methods that this permission set applies to. If this is not set then they apply to all methods. Note that if a request matches any path from any permission set, but does not match the constraint due to the method not being listed then the request will be denied. Method specific permissions take precedence over matches that do not have any methods set. This means that for example if Quarkus is configured to allow GET and POST requests to /admin to and no other permissions are configured PUT requests to /admin will be denied. list of string required

quarkus.http.auth.permission."permissions".pathsThe paths that this permission check applies to. If the path ends in / then this is treated as a path prefix, otherwise it is treated as an exact match. Matches are done on a length basis, so the most specific path match takes precedence. If multiple permission sets match the same path then explicit methods matches take precedence over over matches without methods set, otherwise the most restrictive permissions are applied. list of string required

quarkus.http.auth.policy."role-policy".roles-allowedThe roles that are allowed to access resources protected by this policy list of string required

Elytron Security JDBC Realm Type Default

quarkus.security.jdbc.realm-nameThe realm name string Quarkus

quarkus.security.jdbc.enabledIf the properties store is enabled. boolean false

quarkus.security.jdbc.principal-query.sqlThe sql query to find the password string required

quarkus.security.jdbc.principal-query.datasourceThe data source to use string

quarkus.security.jdbc.principal-query.clear-password-mapper.enabledIf the clear-password-mapper is enabled. boolean false

quarkus.security.jdbc.principal-query.clear-password-mapper.password-indexThe index (1 based numbering) of the column containing the clear password int 1

quarkus.security.jdbc.principal-query.bcrypt-password-mapper.enabledIf the bcrypt-password-mapper is enabled. boolean false

quarkus.security.jdbc.principal-query.bcrypt-password-mapper.password-indexThe index (1 based numbering) of the column containing the password hash int 0

quarkus.security.jdbc.principal-query.bcrypt-password-mapper.hash-encodingA string referencing the password hash encoding ("BASE64" or "HEX") base64, hex BASE64

quarkus.security.jdbc.principal-query.bcrypt-password-mapper.salt-indexThe index (1 based numbering) of the column containing the Bcrypt salt int 0

quarkus.security.jdbc.principal-query.bcrypt-password-mapper.salt-encodingA string referencing the salt encoding ("BASE64" or "HEX") base64, hex BASE64

quarkus.security.jdbc.principal-query.bcrypt-password-mapper.iteration-count-indexThe index (1 based numbering) of the column containing the Bcrypt iteration count int 0

quarkus.security.jdbc.principal-query.attribute-mappings."attribute-mappings".indexThe index (1 based numbering) of column to map int 0

quarkus.security.jdbc.principal-query.attribute-mappings."attribute-mappings".toThe target attribute name string required

quarkus.security.jdbc.principal-query."named-principal-queries".sqlThe sql query to find the password string required

quarkus.security.jdbc.principal-query."named-principal-queries".datasourceThe data source to use string

quarkus.security.jdbc.principal-query."named-principal-queries".attribute-mappings."attribute-mappings".indexThe index (1 based numbering) of column to map int 0

quarkus.security.jdbc.principal-query."named-principal-queries".attribute-mappings."attribute-mappings".toThe target attribute name string required

quarkus.security.jdbc.principal-query."named-principal-queries".clear-password-mapper.enabledIf the clear-password-mapper is enabled. boolean false

quarkus.security.jdbc.principal-query."named-principal-queries".clear-password-mapper.password-indexThe index (1 based numbering) of the column containing the clear password int 1

quarkus.security.jdbc.principal-query."named-principal-queries".bcrypt-password-mapper.enabledIf the bcrypt-password-mapper is enabled. boolean false

quarkus.security.jdbc.principal-query."named-principal-queries".bcrypt-password-mapper.password-indexThe index (1 based numbering) of the column containing the password hash int 0

quarkus.security.jdbc.principal-query."named-principal-queries".bcrypt-password-mapper.hash-encodingA string referencing the password hash encoding ("BASE64" or "HEX") base64, hex BASE64

quarkus.security.jdbc.principal-query."named-principal-queries".bcrypt-password-mapper.salt-indexThe index (1 based numbering) of the column containing the Bcrypt salt int 0

quarkus.security.jdbc.principal-query."named-principal-queries".bcrypt-password-mapper.salt-encodingA string referencing the salt encoding ("BASE64" or "HEX") base64, hex BASE64

quarkus.security.jdbc.principal-query."named-principal-queries".bcrypt-password-mapper.iteration-count-indexThe index (1 based numbering) of the column containing the Bcrypt iteration count int 0

Elytron Security OAuth 2.0 Type Default

quarkus.oauth2.enabledDetermine if the OAuth2 extension is enabled. Enabled by default if you include the elytron-security-oauth2 dependency, so this would be used to disable it. boolean true

quarkus.oauth2.client-idThe OAuth2 client id used to validate the token. string required

quarkus.oauth2.client-secretThe OAuth2 client secret used to validate the token. string required

quarkus.oauth2.introspection-urlThe OAuth2 introspection endpoint URL used to validate the token and gather the authentication claims. string required

quarkus.oauth2.ca-cert-fileThe OAuth2 server certificate file. *Warning: this is not supported in native mode where the certificate must be included in the truststore used during the native image generation, see Using SSL With Native Executables. string

quarkus.oauth2.role-claimThe claim that is used in the introspection endpoint response to load the roles. string scope

Flyway Type Default

quarkus.flyway.locationsComma-separated list of locations to scan recursively for migrations. The location type is determined by its prefix. Unprefixed locations or locations starting with classpath: point to a package on the classpath and may contain both SQL and Java-based migrations. Locations starting with filesystem: point to a directory on the filesystem, may only contain SQL migrations and are only scanned recursively down non-hidden directories. list of string required

quarkus.flyway.connect-retriesThe maximum number of retries when attempting to connect to the database. After each failed attempt, Flyway will wait 1 second before attempting to connect again, up to the maximum number of times specified by connectRetries. int

quarkus.flyway.schemasComma-separated case-sensitive list of schemas managed by Flyway. The first schema in the list will be automatically set as the default one during the migration. It will also be the one containing the schema history table. list of string required

quarkus.flyway.tableThe name of Flyway’s schema history table. By default (single-schema mode) the schema history table is placed in the default schema for the connection provided by the datasource. When the flyway.schemas property is set (multi-schema mode), the schema history table is placed in the first schema of the list. string

quarkus.flyway.sql-migration-prefixThe file name prefix for versioned SQL migrations. Versioned SQL migrations have the following file name structure: prefixVERSIONseparatorDESCRIPTIONsuffix , which using the defaults translates to V1.1My_description.sql string

quarkus.flyway.repeatable-sql-migration-prefixThe file name prefix for repeatable SQL migrations. Repeatable SQL migrations have the following file name structure: prefixSeparatorDESCRIPTIONsuffix , which using the defaults translates to RMy_description.sql string

quarkus.flyway.migrate-at-starttrue to execute Flyway automatically when the application starts, false otherwise. boolean false

quarkus.flyway.baseline-on-migrateEnable the creation of the history table if it does not exist already. boolean false

quarkus.flyway.baseline-versionThe initial baseline version. string

quarkus.flyway.baseline-descriptionThe description to tag an existing schema with when executing baseline. string

Hibernate ORM Type Default

quarkus.hibernate-orm.dialectClass name of the Hibernate ORM dialect. The complete list of bundled dialects is available in theHibernate ORM JavaDoc.

Not all the dialects are supported in GraalVM native executables: we currently provide driver extensions for PostgreSQL,MariaDB, Microsoft SQL Server and H2.

string

quarkus.hibernate-orm.dialect.storage-engine

The storage engine to use when the dialect supports multiple storage engines.

E.g. MyISAM or InnoDB for MySQL.

string

quarkus.hibernate-orm.sql-load-script

Name of the file containing the SQL statements to execute when Hibernate ORM starts.Its default value differs depending on the Quarkus launch mode:

In dev and test modes, it defaults to import.sql.Simply add an import.sql file in the root of your resources directoryand it will be picked up without having to set this property.Pass no-file to force Hibernate ORM to ignore the SQL import file.
In production mode, it defaults to no-file.It means Hibernate ORM won’t try to execute any SQL import file by default.Pass an explicit value to force Hibernate ORM to execute the SQL import file.

If you need different SQL statements between dev mode, test (@QuarkusTest) and in production, use Quarkusconfiguration profiles facility.

application.properties

%dev.quarkus.hibernate-orm.sql-load-script = import-dev.sql
%test.quarkus.hibernate-orm.sql-load-script = import-test.sql
%prod.quarkus.hibernate-orm.sql-load-script = no-file

Quarkus supports .sql file with SQL statements or comments spread over multiple lines.Each SQL statement must be terminated by a semicolon.

string

import.sql (DEV,TEST)

quarkus.hibernate-orm.batch-fetch-size

The size of the batches used when loading entities and collections.

-1 means batch loading is disabled. This is the default.

int

-1

quarkus.hibernate-orm.statistics

Whether statistics collection is enabled.

boolean

false

Query related configuration Type Default

quarkus.hibernate-orm.query.query-plan-cache-max-size

The maximum size of the query plan cache.

string

quarkus.hibernate-orm.query.default-null-ordering

Default precedence of null values in ORDER BY clauses.

Valid values are: none, first, last.

string

Database related configuration Type Default

quarkus.hibernate-orm.database.generation

Select whether the database schema is generated or not. drop-and-create is awesome in development mode. Accepted values: none, create, drop-and-create, drop, update.

string

none

quarkus.hibernate-orm.database.generation.halt-on-error

Whether we should stop on the first error when applying the schema.

boolean

false

quarkus.hibernate-orm.database.default-catalog

The default catalog to use for the database objects.

string

quarkus.hibernate-orm.database.default-schema

The default schema to use for the database objects.

string

quarkus.hibernate-orm.database.charset

The charset of the database.

string

JDBC related configuration Type Default

quarkus.hibernate-orm.jdbc.timezone

The time zone pushed to the JDBC driver.

string

quarkus.hibernate-orm.jdbc.statement-fetch-size

How many rows are fetched at a time by the JDBC driver.

int

quarkus.hibernate-orm.jdbc.statement-batch-size

The number of updates (inserts, updates and deletes) that are sent by the JDBC driver at one time for execution.

int

Logging configuration Type Default

quarkus.hibernate-orm.log.sql

Show SQL logs and format them nicely. Setting it to true is obviously not recommended in production.

boolean

false

quarkus.hibernate-orm.log.jdbc-warnings

Whether JDBC warnings should be collected and logged.

boolean

depends on dialect

Caching configuration Type Default

quarkus.hibernate-orm.cache."cache".expiration.max-idle

The maximum time before an object of the cache is considered expired.

Duration

quarkus.hibernate-orm.cache."cache".memory.object-count

The maximum number of objects kept in memory in the cache.

long

Hibernate Search + Elasticsearch Type Default

quarkus.hibernate-search.elasticsearch.version

The version of Elasticsearch used in the cluster. As the schema is generated without a connection to the server, this item is mandatory. It doesn’t have to be the exact version (it can be 7 or 7.1 for instance) but it has to be sufficiently precise to choose a model dialect (the one used to generate the schema) compatible with the protocol dialect (the one used to communicate with Elasticsearch). There’s no rule of thumb here as it depends on the schema incompatibilities introduced by Elasticsearch versions. In any case, if there is a problem, you will have an error when Hibernate Search tries to connect to the cluster.

ElasticsearchVersion

quarkus.hibernate-search.elasticsearch.analysis.configurer

The class or the name of the bean used to configure full text analysis (e.g. analyzers, normalizers).

class name

quarkus.hibernate-search.default-backend

If not using the default backend configuration, the name of the default backend that is part of the additional-backends.

string

quarkus.hibernate-search.background-failure-handler

The class or the name of the bean that should be notified of any failure occurring in a background process (mainly index operations). Must implement org.hibernate.search.engine.reporting.FailureHandler.

class name

quarkus.hibernate-search.elasticsearch.hosts

The list of hosts of the Elasticsearch servers.

list of string

required

quarkus.hibernate-search.elasticsearch.username

The username used for authentication.

string

quarkus.hibernate-search.elasticsearch.password

The password used for authentication.

string

quarkus.hibernate-search.elasticsearch.connection-timeout

The connection timeout.

Duration

quarkus.hibernate-search.elasticsearch.max-connections

The maximum number of connections to all the Elasticsearch servers.

int

quarkus.hibernate-search.elasticsearch.max-connections-per-route

The maximum number of connections per Elasticsearch server.

int

quarkus.hibernate-search.elasticsearch.discovery.enabled

Defines if automatic discovery is enabled.

boolean

quarkus.hibernate-search.elasticsearch.discovery.refresh-interval

Refresh interval of the node list.

Duration

quarkus.hibernate-search.elasticsearch.discovery.default-scheme

The scheme that should be used for the new nodes discovered.

string

quarkus.hibernate-search.elasticsearch.index-defaults.lifecycle.strategy

The strategy used for index lifecycle. Must be one of: none, validate, update, create, drop-and-create or drop-and-create-and-drop.

none, validate, update, create, drop-and-create, drop-and-create-and-drop

quarkus.hibernate-search.elasticsearch.index-defaults.lifecycle.required-status

The minimal cluster status required. Must be one of: green, yellow, red.

green, yellow, red

quarkus.hibernate-search.elasticsearch.index-defaults.lifecycle.required-status-wait-timeout

How long we should wait for the status before failing the bootstrap.

Duration

quarkus.hibernate-search.elasticsearch.query.loading.cache-lookup.strategy

The strategy to use when loading entities during the execution of a search query. Can be either one of "skip", "persistence-context" or "persistence-context-then-second-level-cache". Defaults to "skip".

skip, persistence-context, persistence-context-then-second-level-cache

quarkus.hibernate-search.elasticsearch.query.loading.fetch-size

The fetch size to use when loading entities during the execution of a search query.

int

100

quarkus.hibernate-search.elasticsearch.automatic-indexing.synchronization.strategy

The synchronization strategy to use when indexing automatically. Defines the status for which you wait before considering the operation completed by Hibernate Search. Can be either one of "queued", "committed" or "searchable". Using "searchable" is recommended in unit tests. Defaults to "committed".

queued, committed, searchable

quarkus.hibernate-search.elasticsearch.automatic-indexing.enable-dirty-check

Whether to check if dirty properties are relevant to indexing before actually reindexing an entity. When enabled, re-indexing of an entity is skipped if the only changes are on properties that are not used when indexing.

boolean

quarkus.hibernate-search.elasticsearch.indexes."indexes".lifecycle.strategy

The strategy used for index lifecycle. Must be one of: none, validate, update, create, drop-and-create or drop-and-create-and-drop.

none, validate, update, create, drop-and-create, drop-and-create-and-drop

quarkus.hibernate-search.elasticsearch.indexes."indexes".lifecycle.required-status

The minimal cluster status required. Must be one of: green, yellow, red.

green, yellow, red

quarkus.hibernate-search.elasticsearch.indexes."indexes".lifecycle.required-status-wait-timeout

How long we should wait for the status before failing the bootstrap.

Duration

Additional backends Type Default

quarkus.hibernate-search.elasticsearch.backends."backend-name".version

ElasticsearchVersion

quarkus.hibernate-search.elasticsearch.backends."backend-name".analysis.configurer

The class or the name of the bean used to configure full text analysis (e.g. analyzers, normalizers).

class name

quarkus.hibernate-search.elasticsearch.backends."backend-name".hosts

The list of hosts of the Elasticsearch servers.

list of string

required

quarkus.hibernate-search.elasticsearch.backends."backend-name".username

The username used for authentication.

string

quarkus.hibernate-search.elasticsearch.backends."backend-name".password

The password used for authentication.

string

quarkus.hibernate-search.elasticsearch.backends."backend-name".connection-timeout

The connection timeout.

Duration

quarkus.hibernate-search.elasticsearch.backends."backend-name".max-connections

The maximum number of connections to all the Elasticsearch servers.

int

quarkus.hibernate-search.elasticsearch.backends."backend-name".max-connections-per-route

The maximum number of connections per Elasticsearch server.

int

quarkus.hibernate-search.elasticsearch.backends."backend-name".discovery.enabled

Defines if automatic discovery is enabled.

boolean

quarkus.hibernate-search.elasticsearch.backends."backend-name".discovery.refresh-interval

Refresh interval of the node list.

Duration

quarkus.hibernate-search.elasticsearch.backends."backend-name".discovery.default-scheme

The scheme that should be used for the new nodes discovered.

string

quarkus.hibernate-search.elasticsearch.backends."backend-name".index-defaults.lifecycle.strategy

The strategy used for index lifecycle. Must be one of: none, validate, update, create, drop-and-create or drop-and-create-and-drop.

none, validate, update, create, drop-and-create, drop-and-create-and-drop

quarkus.hibernate-search.elasticsearch.backends."backend-name".index-defaults.lifecycle.required-status

The minimal cluster status required. Must be one of: green, yellow, red.

green, yellow, red

quarkus.hibernate-search.elasticsearch.backends."backend-name".index-defaults.lifecycle.required-status-wait-timeout

How long we should wait for the status before failing the bootstrap.

Duration

quarkus.hibernate-search.elasticsearch.backends."backend-name".indexes."indexes".lifecycle.strategy

The strategy used for index lifecycle. Must be one of: none, validate, update, create, drop-and-create or drop-and-create-and-drop.

none, validate, update, create, drop-and-create, drop-and-create-and-drop

quarkus.hibernate-search.elasticsearch.backends."backend-name".indexes."indexes".lifecycle.required-status

The minimal cluster status required. Must be one of: green, yellow, red.

green, yellow, red

quarkus.hibernate-search.elasticsearch.backends."backend-name".indexes."indexes".lifecycle.required-status-wait-timeout

How long we should wait for the status before failing the bootstrap.

Duration

Infinispan Client Type Default

quarkus.infinispan-client.near-cache-max-entries

Sets the bounded entry count for near cache. If this value is 0 or less near cache is disabled.

int

0

quarkus.infinispan-client.server-list

Sets the host name/port to connect to. Each one is separated by a semicolon (eg. host1:11222;host2:11222).

string

quarkus.infinispan-client.client-intelligence

Sets client intelligence used by authentication

string

quarkus.infinispan-client.use-auth

Enables or disables authentication

string

quarkus.infinispan-client.auth-username

Sets user name used by authentication

string

quarkus.infinispan-client.auth-password

Sets password used by authentication

string

quarkus.infinispan-client.auth-realm

Sets realm used by authentication

string

quarkus.infinispan-client.auth-server-name

Sets server name used by authentication

string

quarkus.infinispan-client.auth-client-subject

Sets client subject used by authentication

string

quarkus.infinispan-client.auth-callback-handler

Sets callback handler used by authentication

string

quarkus.infinispan-client.sasl-mechanism

Sets SASL mechanism used by authentication

string

Infinispan Embedded Type Default

quarkus.infinispan-embedded.xml-config

The configured Infinispan embeddex xml file which is used by the managed EmbeddedCacheManager and its Caches

string

Jaeger Type Default

quarkus.jaeger.enabled

Defines if the Jaeger extension is enabled.

boolean

true

quarkus.jaeger.endpoint

The traces endpoint, in case the client should connect directly to the Collector, like http://jaeger-collector:14268/api/traces

URI

quarkus.jaeger.auth-token

Authentication Token to send as "Bearer" to the endpoint

string

quarkus.jaeger.user

Username to send as part of "Basic" authentication to the endpoint

string

quarkus.jaeger.password

Password to send as part of "Basic" authentication to the endpoint

string

quarkus.jaeger.agent-host-port

The hostname and port for communicating with agent via UDP

host:port

quarkus.jaeger.reporter-log-spans

Whether the reporter should also log the spans

boolean

quarkus.jaeger.reporter-max-queue-size

The reporter’s maximum queue size

int

quarkus.jaeger.reporter-flush-interval

The reporter’s flush interval

Duration

quarkus.jaeger.sampler-type

The sampler type (const, probabilistic, ratelimiting or remote)

string

quarkus.jaeger.sampler-param

The sampler parameter (number)

BigDecimal

quarkus.jaeger.sampler-manager-host-port

The host name and port when using the remote controlled sampler

host:port

quarkus.jaeger.service-name

The service name

string

quarkus.jaeger.tags

A comma separated list of name = value tracer level tags, which get added to all reported spans. The value can also refer to an environment variable using the format ${envVarName:default}, where the :default is optional, and identifies a value to be used if the environment variable cannot be found

string

quarkus.jaeger.propagation

Comma separated list of formats to use for propagating the trace context. Defaults to the standard Jaeger format. Valid values are jaeger and b3

string

quarkus.jaeger.sender-factory

The sender factory class name

string

Keycloak Authorization Type Default

quarkus.keycloak.connection-pool-size

Adapters will make separate HTTP invocations to the Keycloak server to turn an access code into an access token. This config option defines how many connections to the Keycloak server should be pooled

int

20

quarkus.keycloak.policy-enforcer.enable

Enables policy enforcement.

boolean

false

quarkus.keycloak.policy-enforcer.enforcement-mode

Specifies how policies are enforced.

string

ENFORCING

quarkus.keycloak.policy-enforcer.path-cache.max-entries

Defines the time in milliseconds when the entry should be expired

int

1000

quarkus.keycloak.policy-enforcer.path-cache.lifespan

Defines the limit of entries that should be kept in the cache

long

30000

quarkus.keycloak.policy-enforcer.lazy-load-paths

Specifies how the adapter should fetch the server for resources associated with paths in your application. If true, the policy enforcer is going to fetch resources on-demand accordingly with the path being requested

boolean

true

quarkus.keycloak.policy-enforcer.http-method-as-scope

Specifies how scopes should be mapped to HTTP methods. If set to true, the policy enforcer will use the HTTP method from the current request to check whether or not access should be granted

boolean

false

quarkus.keycloak.policy-enforcer.paths."paths".name

The name of a resource on the server that is to be associated with a given path

string

quarkus.keycloak.policy-enforcer.paths."paths".path

A URI relative to the application’s context path that should be protected by the policy enforcer

string

quarkus.keycloak.policy-enforcer.paths."paths".methods."methods".method

The name of the HTTP method

string

required

quarkus.keycloak.policy-enforcer.paths."paths".methods."methods".scopes

An array of strings with the scopes associated with the method

list of string

required

quarkus.keycloak.policy-enforcer.paths."paths".methods."methods".scopes-enforcement-mode

A string referencing the enforcement mode for the scopes associated with a method

all, any, disabled

ALL

quarkus.keycloak.policy-enforcer.paths."paths".enforcement-mode

Specifies how policies are enforced

permissive, enforcing, disabled

ENFORCING

quarkus.keycloak.policy-enforcer.paths."paths".claim-information-point

Map<String,Map<String,Map<String,String>>>

required

quarkus.keycloak.policy-enforcer.paths."paths".claim-information-point

Map<String,Map<String,String>>

required

quarkus.keycloak.policy-enforcer.claim-information-point

Map<String,Map<String,Map<String,String>>>

required

quarkus.keycloak.policy-enforcer.claim-information-point

Map<String,Map<String,String>>

required

Kubernetes Client Type Default

quarkus.kubernetes-client.trust-certs

Whether or not the client should trust a self signed certificate if so presented by the API server

boolean

false

quarkus.kubernetes-client.master-url

URL of the Kubernetes API server

string

quarkus.kubernetes-client.namespace

Default namespace to use

string

quarkus.kubernetes-client.ca-cert-file

CA certificate file

string

quarkus.kubernetes-client.ca-cert-data

CA certificate data

string

quarkus.kubernetes-client.client-cert-file

Client certificate file

string

quarkus.kubernetes-client.client-cert-data

Client certificate data

string

quarkus.kubernetes-client.client-key-file

Client key file

string

quarkus.kubernetes-client.client-key-data

Client key data

string

quarkus.kubernetes-client.client-key-algo

Client key algorithm

string

quarkus.kubernetes-client.client-key-passphrase

Client key passphrase

string

quarkus.kubernetes-client.username

Kubernetes auth username

string

quarkus.kubernetes-client.password

Kubernetes auth password

string

quarkus.kubernetes-client.watch-reconnect-interval

Watch reconnect interval

Duration

PT1S

quarkus.kubernetes-client.watch-reconnect-limit

Maximum reconnect attempts in case of watch failure By default there is no limit to the number of reconnect attempts

int

-1

quarkus.kubernetes-client.connection-timeout

Maximum amount of time to wait for a connection with the API server to be established

Duration

PT10S

quarkus.kubernetes-client.request-timeout

Maximum amount of time to wait for a request to the API server to be completed

Duration

PT10S

quarkus.kubernetes-client.rolling-timeout

Maximum amount of time in milliseconds to wait for a rollout to be completed

Duration

PT15M

quarkus.kubernetes-client.http-proxy

HTTP proxy used to access the Kubernetes API server

string

quarkus.kubernetes-client.https-proxy

HTTPS proxy used to access the Kubernetes API server

string

quarkus.kubernetes-client.proxy-username

Proxy username

string

quarkus.kubernetes-client.proxy-password

Proxy password

string

quarkus.kubernetes-client.no-proxy

IP addresses or hosts to exclude from proxying

list of java.util.Optional<java.lang.String>

required

Mailer Type Default

quarkus.mailer.from

Configure the default from attribute. It’s the sender email address.

string

quarkus.mailer.mock

Enables the mock mode, not sending emails. The content of the emails is printed on the console. Disabled by default on PROD, enabled by default on DEV and TEST modes.

boolean

quarkus.mailer.bounce-address

Configures the default bounce email address.

string

quarkus.mailer.host

The SMTP host name.

string

localhost

quarkus.mailer.port

The SMTP port.

int

quarkus.mailer.username

The username.

string

quarkus.mailer.password

The password.

string

quarkus.mailer.ssl

Enables or disables the SSL on connect. false by default.

boolean

false

quarkus.mailer.trust-all

Set whether to trust all certificates on ssl connect the option is also applied to STARTTLS operation. false by default.

boolean

false

quarkus.mailer.max-pool-size

Configures the maximum allowed number of open connections to the mail server If not set the default is 10.

int

quarkus.mailer.own-host-name

The hostname to be used for HELO/EHLO and the Message-ID

string

quarkus.mailer.keep-alive

Set if connection pool is enabled, true by default. If the connection pooling is disabled, the max number of sockets is enforced nevertheless.

boolean

true

quarkus.mailer.disable-esmtp

Disable ESMTP. false by default. The RFC-1869 states that clients should always attempt EHLO as first command to determine if ESMTP is supported, if this returns an error code, HELO is tried to use the regular SMTP command.

boolean

false

quarkus.mailer.start-tls

Set the TLS security mode for the connection. Either DISABLED, OPTIONAL or REQUIRED.

string

quarkus.mailer.login

Set the login mode for the connection. Either DISABLED, OPTIONAL or REQUIRED

string

quarkus.mailer.auth-methods

Set the allowed auth methods. If defined, only these methods will be used, if the server supports them.

string

quarkus.mailer.key-store

Set the key store.

string

quarkus.mailer.key-store-password

Set the key store password.

string

MongoDB client Type Default

quarkus.mongodb.connection-string

Configures the connection string. The format is: mongodb://[username:password@]host1[:port1][,host2[:port2],…[,hostN[:portN]]][/[database.collection][?options]] mongodb:// is a required prefix to identify that this is a string in the standard connection format. username:password@ are optional. If given, the driver will attempt to login to a database after connecting to a database server. For some authentication mechanisms, only the username is specified and the password is not, in which case the ":" after the username is left off as well. host1 is the only required part of the connection string. It identifies a server address to connect to. :portX is optional and defaults to :27017 if not provided. /database is the name of the database to login to and thus is only relevant if the username:password@ syntax is used. If not specified the admin database will be used by default. ?options are connection options. Note that if database is absent there is still a / required between the last host and the ? introducing the options. Options are name=value pairs and the pairs are separated by "&". An alternative format, using the mongodb+srv protocol, is: mongodb+srv://[username:password@]host[/[database][?options]] - mongodb+srv:// is a required prefix for this format. - username:password@ are optional. If given, the driver will attempt to login to a database after connecting to a database server. For some authentication mechanisms, only the username is specified and the password is not, in which case the ":" after the username is left off as well - host is the only required part of the URI. It identifies a single host name for which SRV records are looked up from a Domain Name Server after prefixing the host name with "_mongodb._tcp". The host/port for each SRV record becomes the seed list used to connect, as if each one were provided as host/port pair in a URI using the normal mongodb protocol. - /database is the name of the database to login to and thus is only relevant if the username:password@ syntax is used. If not specified the "admin" database will be used by default. - ?options are connection options. Note that if database is absent there is still a / required between the last host and the ? introducing the options. Options are name=value pairs and the pairs are separated by "&". Additionally with the mongodb+srv protocol, TXT records are looked up from a Domain Name Server for the given host, and the text value of each one is prepended to any options on the URI itself. Because the last specified value for any option wins, that means that options provided on the URI will override any that are provided via TXT records.

string

quarkus.mongodb.hosts

Configures the Mongo server addressed (one if single mode). The addressed are passed as host:port.

list of string

required

quarkus.mongodb.database

Configure the database name.

string

quarkus.mongodb.application-name

Configures the application name.

string

quarkus.mongodb.max-pool-size

Configures the maximum number of connections in the connection pool.

int

quarkus.mongodb.min-pool-size

Configures the minimum number of connections in the connection pool.

int

quarkus.mongodb.max-connection-idle-time

Maximum idle time of a pooled connection. A connection that exceeds this limit will be closed.

Duration

quarkus.mongodb.max-connection-life-time

Maximum life time of a pooled connection. A connection that exceeds this limit will be closed.

Duration

quarkus.mongodb.wait-queue-timeout

The maximum wait time that a thread may wait for a connection to become available.

Duration

quarkus.mongodb.maintenance-frequency

Configures the time period between runs of the maintenance job.

Duration

quarkus.mongodb.maintenance-initial-delay

Configures period of time to wait before running the first maintenance job on the connection pool.

Duration

quarkus.mongodb.wait-queue-multiple

This multiplier, multiplied with the maxPoolSize setting, gives the maximum number of threads that may be waiting for a connection to become available from the pool. All further threads will get an exception right away.

int

quarkus.mongodb.connect-timeout

How long a connection can take to be opened before timing out.

Duration

quarkus.mongodb.socket-timeout

How long a send or receive on a socket can take before timing out.

Duration

quarkus.mongodb.tls-insecure

If connecting with TLS, this option enables insecure TLS connections.

boolean

false

quarkus.mongodb.tls

Whether to connect using TLS.

boolean

false

quarkus.mongodb.replica-set-name

Implies that the hosts given are a seed list, and the driver will attempt to find all members of the set.

string

quarkus.mongodb.server-selection-timeout

How long the driver will wait for server selection to succeed before throwing an exception.

Duration

quarkus.mongodb.local-threshold

When choosing among multiple MongoDB servers to send a request, the driver will only send that request to a server whose ping time is less than or equal to the server with the fastest ping time plus the local threshold.

Duration

quarkus.mongodb.heartbeat-frequency

The frequency that the driver will attempt to determine the current state of each server in the cluster.

Duration

quarkus.mongodb.read-preference

Configures the read preferences. Supported values are: primary|primaryPreferred|secondary|secondaryPreferred|nearest

string

quarkus.mongodb.max-wait-queue-size

Configures the maximum number of concurrent operations allowed to wait for a server to become available. All further operations will get an exception immediately.

int

Write concern Type Default

quarkus.mongodb.write-concern.safe

Configures the safety. If set to true: the driver ensures that all writes are acknowledged by the MongoDB server, or else throws an exception. (see also w and wtimeoutMS). If set fo - false: the driver does not ensure that all writes are acknowledged by the MongoDB server.

boolean

true

quarkus.mongodb.write-concern.journal

Configures the journal writing aspect. If set to true: the driver waits for the server to group commit to the journal file on disk. If set to false: the driver does not wait for the server to group commit to the journal file on disk.

boolean

true

quarkus.mongodb.write-concern.w

When set, the driver adds w: wValue to all write commands. It requires safe to be true. The value is typically a number, but can also be the majority string.

string

quarkus.mongodb.write-concern.retry-writes

If set to true, the driver will retry supported write operations if they fail due to a network error.

boolean

false

quarkus.mongodb.write-concern.w-timeout

When set, the driver adds wtimeout : ms to all write commands. It requires safe to be true.

Duration

Credentials and authentication mechanism Type Default

quarkus.mongodb.credentials.username

Configures the username.

string

quarkus.mongodb.credentials.password

Configures the password.

string

quarkus.mongodb.credentials.auth-mechanism

Configures the authentication mechanism to use if a credential was supplied. The default is unspecified, in which case the client will pick the most secure mechanism available based on the sever version. For the GSSAPI and MONGODB-X509 mechanisms, no password is accepted, only the username. Supported values: MONGO-CR|GSSAPI|PLAIN|MONGODB-X509

string

quarkus.mongodb.credentials.auth-source

Configures the source of the authentication credentials. This is typically the database that the credentials have been created. The value defaults to the database specified in the path portion of the connection string or in the 'database' configuration property.. If the database is specified in neither place, the default value is admin. This option is only respected when using the MONGO-CR mechanism (the default).

string

quarkus.mongodb.credentials.auth-mechanism-properties

Allows passing authentication mechanism properties.

Map<String,String>

required

Narayana JTA - Transaction manager Type Default

quarkus.transaction-manager.node-name

The node name used by the transaction manager

string

quarkus

quarkus.transaction-manager.xa-node-name

The XA node name used by the transaction manager

string

quarkus.transaction-manager.default-transaction-timeout

The default transaction timeout

Duration

60

Neo4j client Type Default

quarkus.neo4j.uri

The uri this driver should connect to. The driver supports bolt, bolt+routing or neo4j as schemes.

string

bolt://localhost:7687

Authentication Type Default

quarkus.neo4j.authentication.username

The login of the user connecting to the database.

string

neo4j

quarkus.neo4j.authentication.password

The password of the user connecting to the database.

string

neo4j

quarkus.neo4j.authentication.disabled

Set this to true to disable authentication.

boolean

false

Connection pool Type Default

quarkus.neo4j.pool.metrics-enabled

Flag, if metrics are enabled.

boolean

false

quarkus.neo4j.pool.log-leaked-sessions

Flag, if leaked sessions logging is enabled.

boolean

false

quarkus.neo4j.pool.max-connection-pool-size

The maximum amount of connections in the connection pool towards a single database.

int

100

quarkus.neo4j.pool.idle-time-before-connection-test

Pooled connections that have been idle in the pool for longer than this timeout will be tested before they are used again. The value 0 means connections will always be tested for validity and negative values mean connections will never be tested.

Duration

-0.001S

quarkus.neo4j.pool.max-connection-lifetime

Pooled connections older than this threshold will be closed and removed from the pool.

Duration

1H

quarkus.neo4j.pool.connection-acquisition-timeout

Acquisition of new connections will be attempted for at most configured timeout.

Duration

1M

OpenID Connect Type Default

quarkus.oidc.enabled

If the OIDC extension is enabled.

boolean

true

quarkus.oidc.auth-server-url

The base URL of the OpenID Connect (OIDC) server, for example, 'https://host:port/auth'. All the other OIDC server page and service URLs are derived from this URL. Note if you work with Keycloak OIDC server, make sure the base URL is in the following format: 'https://host:port/auth/realms/{realm}' where '{realm}' has to be replaced by the name of the Keycloak realm.

string

required

quarkus.oidc.introspection-path

Relative path of the RFC7662 introspection service.

string

quarkus.oidc.jwks-path

Relative path of the OIDC service returning a JWK set.

string

quarkus.oidc.public-key

Public key for the local JWT token verification.

string

quarkus.oidc.client-id

The client-id of the application. Each application has a client-id that is used to identify the application

string

quarkus.oidc.connection-delay

The maximum amount of time the adapter will try connecting to the currently unavailable OIDC server for. For example, setting it to '20S' will let the adapter keep requesting the connection for up to 20 seconds.

Duration

quarkus.oidc.roles.role-claim-path

Path to the claim containing an array of groups. It starts from the top level JWT JSON object and can contain multiple segments where each segment represents a JSON object name only, example: "realm/groups". This property can be used if a token has no 'groups' claim but has the groups set in a different claim.

string

quarkus.oidc.roles.role-claim-separator

Separator for splitting a string which may contain multiple group values. It will only be used if the "role-claim-path" property points to a custom claim whose value is a string. A single space will be used by default because the standard 'scope' claim may contain a space separated sequence.

string

quarkus.oidc.credentials.secret

The client secret

string

quarkus.oidc.authentication.scopes

Defines a fixed list of scopes which should be added to authorization requests when authenticating users using the Authorization Code Grant Type.

list of string

required

quarkus.oidc.application-type

The application type, which can be one of the following values from enum ApplicationType..

web-app, service

service

Properties File based Security Type Default

Property Files Realm Configuration Type Default

quarkus.security.users.file.realm-name

The realm name. This is used when generating a hashed password

string

Quarkus

quarkus.security.users.file.enabled

Determine whether security via the file realm is enabled.

boolean

false

quarkus.security.users.file.plain-text

If the properties are stored in plain text. If this is false (the default) then it is expected that the passwords are of the form HEX( MD5( username ":" realm ":" password ) )

boolean

false

quarkus.security.users.file.users

Classpath resource name of properties file containing user to password mappings. See Users.properties.

string

users.properties

quarkus.security.users.file.roles

Classpath resource name of properties file containing user to role mappings. See Roles.properties.

string

roles.properties

Embedded Realm Configuration Type Default

quarkus.security.users.embedded.realm-name

The realm name. This is used when generating a hashed password

string

Quarkus

quarkus.security.users.embedded.plain-text

If the properties are stored in plain text. If this is false (the default) then it is expected that the passwords are of the form HEX( MD5( username ":" realm ":" password ) )

boolean

false

quarkus.security.users.embedded.enabled

Determine whether security via the embedded realm is enabled.

boolean

false

quarkus.security.users.embedded.users

The realm users user1=password\nuser2=password2… mapping. See Embedded Users.

Map<String,String>

none

quarkus.security.users.embedded.roles

The realm roles user1=role1,role2,…\nuser2=role1,role2,… mapping See Embedded Roles.

Map<String,String>

none

Quarkus - Core Type Default

quarkus.package.type

The requested output type. The default built in types are jar and native

string

jar

quarkus.package.uber-jar

If the java runner should be packed as an uberjar

boolean

false

quarkus.package.manifest.add-implementation-entries

If the Implementation information should be included in the runner jar’s MANIFEST.MF.

boolean

true

quarkus.package.main-class

The entry point of the application. In most cases this should not be modified.

string

io.quarkus.runner.GeneratedMain

quarkus.package.user-configured-ignored-entries

Files that should not be copied to the output artifact

list of string

required

quarkus.package.runner-suffix

The suffix that is applied to the runner jar and native images

string

-runner

quarkus.application.name

The name of the application. If not set, defaults to the name of the project.

string

required

quarkus.application.version

The version of the application. If not set, defaults to the version of the project

string

required

quarkus.ssl.native

Enable native SSL support.

boolean

quarkus.native.additional-build-args

Additional arguments to pass to the build process

list of string

required

quarkus.native.enable-http-url-handler

If the HTTP url handler should be enabled, allowing you to do URL.openConnection() for HTTP URLs

boolean

true

quarkus.native.enable-https-url-handler

If the HTTPS url handler should be enabled, allowing you to do URL.openConnection() for HTTPS URLs

boolean

false

quarkus.native.enable-all-security-services

If all security services should be added to the native image

boolean

false

quarkus.native.enable-jni

If JNI should be enabled

boolean

false

quarkus.native.add-all-charsets

If all character sets should be added to the native image. This increases image size

boolean

false

quarkus.native.graalvm-home

The location of the Graal distribution

string

${GRAALVM_HOME:}

quarkus.native.java-home

The location of the JDK

File

${java.home}

quarkus.native.native-image-xmx

The default maximum old generation size of the native image

string

quarkus.native.debug-symbols

If debug symbols should be included

boolean

false

quarkus.native.debug-build-process

If the native image build should wait for a debugger to be attached before running. This is an advanced option and is generally only intended for those familiar with Substrate internals

boolean

false

quarkus.native.publish-debug-build-process-port

If the debug port should be published when building with docker and debug-build-process is true

boolean

true

quarkus.native.cleanup-server

If the native image server should be restarted

boolean

false

quarkus.native.enable-retained-heap-reporting

This will report on the size of the retained heap after image build

boolean

false

quarkus.native.enable-code-size-reporting

This enables reporting of the code size of the native image

boolean

false

quarkus.native.enable-isolates

If isolates should be enabled

boolean

true

quarkus.native.enable-fallback-images

If a JVM based 'fallback image' should be created if native image fails. This is not recommended, as this is functionally the same as just running the application in a JVM

boolean

false

quarkus.native.enable-server

If the native image server should be used. This can speed up compilation but can result in changes not always being picked up due to cache invalidation not working 100%

boolean

false

quarkus.native.auto-service-loader-registration

If all META-INF/services entries should be automatically registered

boolean

false

quarkus.native.dump-proxies

If the bytecode of all proxies should be dumped for inspection

boolean

false

quarkus.native.container-build

If this build should be done using a container runtime. If this is set docker will be used by default, unless container-runtime is also set.

boolean

false

quarkus.native.builder-image

The docker image to use to do the image build

string

quay.io/quarkus/ubi-quarkus-native-image:19.2.1

quarkus.native.container-runtime

The container runtime (e.g. docker) that is used to do an image based build. If this is set then a container build is always done.

string

required

quarkus.native.container-runtime-options

Options to pass to the container runtime

list of string

required

quarkus.native.enable-vm-inspection

If the resulting image should allow VM introspection

boolean

false

quarkus.native.full-stack-traces

If full stack traces are enabled in the resulting image

boolean

true

quarkus.native.enable-reports

If reporting on call paths should be enabled

boolean

false

quarkus.native.report-exception-stack-traces

If exceptions should be reported with a full stack trace

boolean

true

quarkus.native.report-errors-at-runtime

If errors should be reported at runtime. This is a more relaxed setting, however it is not recommended as it means your application may fail at runtime if an unsupported feature is used by accident.

boolean

false

quarkus.jni.library-paths

Paths of library to load.

list of string

required

quarkus.jni.enable

Enable JNI support.

boolean

false

quarkus.log.level

The default log level

Level

quarkus.log.min-level

The default minimum log level

Level

INFO

quarkus.thread-pool.core-threads

The core thread pool size. This number of threads will always be kept alive.

int

1

quarkus.thread-pool.max-threads

The maximum number of threads. If this is not specified then it will be automatically sized to 8 * the number of available processors

int

quarkus.thread-pool.queue-size

The queue size. For most applications this should be unbounded

int

quarkus.thread-pool.growth-resistance

The executor growth resistance. A resistance factor applied after the core pool is full; values applied here will cause that fraction of submissions to create new threads when no idle thread is available. A value of 0.0f implies that threads beyond the core size should be created as aggressively as threads within it; a value of 1.0f implies that threads beyond the core size should never be created.

float

0

quarkus.thread-pool.shutdown-timeout

The shutdown timeout. If all pending work has not been completed by this time then additional threads will be spawned to attempt to finish any pending tasks, and the shutdown process will continue

Duration

1M

quarkus.thread-pool.shutdown-interrupt

The amount of time to wait for thread pool shutdown before tasks should be interrupted. If this value is greater than or equal to the value for shutdown-timeout, then tasks will not be interrupted before the shutdown timeout occurs.

Duration

10

quarkus.thread-pool.shutdown-check-interval

The frequency at which the status of the thread pool should be checked during shutdown. Information about waiting tasks and threads will be checked and possibly logged at this interval. Setting this key to an empty value disables the shutdown check interval.

Duration

5

quarkus.thread-pool.keep-alive-time

The amount of time a thread will stay alive with no work.

Duration

30

quarkus.index-dependency."index-dependency".group-id

The maven groupId of the artifact to index

string

required

quarkus.index-dependency."index-dependency".artifact-id

The maven artifactId of the artifact to index

string

required

quarkus.index-dependency."index-dependency".classifier

The maven classifier of the artifact to index

string

required

Logging categories Type Default

quarkus.log.category."categories".min-level

The minimum level that this category can be set to

string

inherit

quarkus.log.category."categories".level

The log level level for this category

string

inherit

Console logging Type Default

quarkus.log.console.enable

If console logging should be enabled

boolean

true

quarkus.log.console.format

The log format

string

%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n

quarkus.log.console.level

The console log level

Level

ALL

quarkus.log.console.color

If the console logging should be in color. If undefined quarkus takes best guess based on operating system and environment.

boolean

quarkus.log.console.darken

Specify how much the colors should be darkened

int

0

quarkus.log.console.async

Indicates whether to log asynchronously

boolean

false

quarkus.log.console.async.queue-length

The queue length to use before flushing writing

int

512

quarkus.log.console.async.overflow

Determine whether to block the publisher (rather than drop the message) when the queue is full

block, discard

block

File logging Type Default

quarkus.log.file.enable

If file logging should be enabled

boolean

false

quarkus.log.file.format

The log format

string

%d{yyyy-MM-dd HH:mm:ss,SSS} %h %N[%i] %-5p [%c{3.}] (%t) %s%e%n

quarkus.log.file.level

The level of logs to be written into the file.

Level

ALL

quarkus.log.file.path

The name of the file in which logs will be written.

File

quarkus.log

quarkus.log.file.async

Indicates whether to log asynchronously

boolean

false

quarkus.log.file.async.queue-length

The queue length to use before flushing writing

int

512

quarkus.log.file.async.overflow

Determine whether to block the publisher (rather than drop the message) when the queue is full

block, discard

block

quarkus.log.file.rotation.max-file-size

The maximum file size of the log file after which a rotation is executed.

MemorySize

quarkus.log.file.rotation.max-backup-index

The maximum number of backups to keep.

int

1

quarkus.log.file.rotation.file-suffix

File handler rotation file suffix. Example fileSuffix: .yyyy-MM-dd

string

quarkus.log.file.rotation.rotate-on-boot

Indicates whether to rotate log files on server initialization.

boolean

true

Syslog logging Type Default

quarkus.log.syslog.enable

If syslog logging should be enabled

boolean

false

quarkus.log.syslog.endpoint

The IP address and port of the syslog server

host:port

localhost:514

quarkus.log.syslog.app-name

The app name used when formatting the message in RFC5424 format

string

quarkus.log.syslog.hostname

The name of the host the messages are being sent from

string

quarkus.log.syslog.facility

Sets the facility used when calculating the priority of the message as defined by RFC-5424 and RFC-3164

kernel, user-level, mail-system, system-daemons, security, syslogd, line-printer, network-news, uucp, clock-daemon, security2, ftp-daemon, ntp, log-audit, log-alert, clock-daemon2, local-use-0, local-use-1, local-use-2, local-use-3, local-use-4, local-use-5, local-use-6, local-use-7

user-level

quarkus.log.syslog.syslog-type

Set the SyslogType syslog type this handler should use to format the message sent

rfc5424, rfc3164

rfc5424

quarkus.log.syslog.protocol

Sets the protocol used to connect to the syslog server

tcp, udp, ssl-tcp

tcp

quarkus.log.syslog.use-counting-framing

Set to true if the message being sent should be prefixed with the size of the message

boolean

false

quarkus.log.syslog.truncate

Set to true if the message should be truncated

boolean

true

quarkus.log.syslog.block-on-reconnect

Enables or disables blocking when attempting to reconnect a org.jboss.logmanager.handlers.SyslogHandler.Protocol#TCPTCP or org.jboss.logmanager.handlers.SyslogHandler.Protocol#SSL_TCP SSL TCP protocol

boolean

false

quarkus.log.syslog.format

The log message format

string

%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p [%c{3.}] (%t) %s%e%n

quarkus.log.syslog.level

The log level specifying, which message levels will be logged by syslog logger

Level

ALL

quarkus.log.syslog.async

Indicates whether to log asynchronously

boolean

false

quarkus.log.syslog.async.queue-length

The queue length to use before flushing writing

int

512

quarkus.log.syslog.async.overflow

Determine whether to block the publisher (rather than drop the message) when the queue is full

block, discard

block

Log cleanup filters - internal use Type Default

quarkus.log.filter."filters".if-starts-with

The message starts to match

list of string

inherit

RESTEasy JAX-RS Type Default

quarkus.security.jaxrs.deny-unannotated-endpoints

if set to true, access to all JAX-RS resources will be denied by default

boolean

false

RESTEasy JAX-RS Common Type Default

quarkus.resteasy.gzip.enabled

If gzip is enabled

boolean

false

quarkus.resteasy.gzip.max-input

Maximum deflated file bytes size If the limit is exceeded, Resteasy will return Response with status 413("Request Entity Too Large")

MemorySize

10M

RESTEasy Server Common Type Default

quarkus.resteasy.singleton-resources

If this is true then JAX-RS will use only a single instance of a resource class to service all requests. If this is false then it will create a new instance of the resource per request. If the resource class has an explicit CDI scope annotation then the value of this annotation will always be used to control the lifecycle of the resource class. IMPLEMENTATION NOTE: javax.ws.rs.Path turns into a CDI stereotype with singleton scope. As a result, if a user annotates a JAX-RS resource with a stereotype which has a different default scope the deployment fails with IllegalStateException.

boolean

true

quarkus.resteasy.path

Set this to override the default path for JAX-RS resources if there are no annotated application classes.

string

/

Reactive MySQL client Type Default

quarkus.datasource.url

The datasource URL.

string

quarkus.datasource.username

The datasource username.

string

quarkus.datasource.password

The datasource password.

string

quarkus.datasource.max-size

The datasource pool maximum size.

int

quarkus.reactive-mysql-client.cache-prepared-statements

Whether prepared statements should be cached on the client side.

boolean

quarkus.reactive-mysql-client.charset

Charset for connections.

string

quarkus.reactive-mysql-client.collation

Collation for connections.

string

Reactive PostgreSQL client Type Default

quarkus.reactive-pg-client.cache-prepared-statements

Whether prepared statements should be cached on the client side.

boolean

quarkus.reactive-pg-client.pipelining-limit

The maximum number of inflight database commands that can be pipelined.

int

quarkus.datasource.url

The datasource URL.

string

quarkus.datasource.username

The datasource username.

string

quarkus.datasource.password

The datasource password.

string

quarkus.datasource.max-size

The datasource pool maximum size.

int

Security Type Default

quarkus.security.security-providers

List of security providers to enable for reflection

list of string

required

quarkus.security.deny-unannotated-members

If set to true, access to all methods of beans that have any security annotations on other members will be denied by default. E.g. if enabled, in the following bean, methodB will be denied. @ApplicationScoped public class A { @RolesAllowed("admin") public void methodA() { … } public void methodB() { … } }

boolean

false

SmallRye Health Type Default

quarkus.smallrye-health.root-path

Root path for health-checking servlets.

string

/health

quarkus.smallrye-health.liveness-path

The relative path of the liveness health-checking servlet.

string

/live

quarkus.smallrye-health.readiness-path

The relative path of the readiness health-checking servlet.

string

/ready

quarkus.health.extensions.enabled

Whether or not extensions published health check should be enabled.

boolean

true

SmallRye JWT Type Default

quarkus.smallrye-jwt.enabled

The MP-JWT configuration object

boolean

true

quarkus.smallrye-jwt.rsa-sig-provider

The name of the java.security.Provider that supports SHA256withRSA signatures

string

SunRsaSign

SmallRye Metrics Type Default

quarkus.smallrye-metrics.path

The path to the metrics handler.

string

/metrics

SmallRye OpenAPI Type Default

quarkus.smallrye-openapi.path

The path at which to register the OpenAPI Servlet.

string

/openapi

Swagger UI Type Default

quarkus.swagger-ui.path

The path of the swagger-ui servlet. The value / is not allowed as it blocks the application from serving anything else.

string

/swagger-ui

quarkus.swagger-ui.always-include

If this should be included every time. By default this is only included when the application is running in dev mode.

boolean

false

Undertow Servlet Type Default

quarkus.servlet.context-path

The context path to serve all Servlet context from. This will also affect any resources that run as a Servlet, e.g. JAX-RS. Note that this is relative to the HTTP root path set in quarkus.http.root-path, so if the context path is /bar and the http root is /foo then the actual Servlet path will be /foo/bar.

string

quarkus.servlet.buffer-size

The buffer size to use for Servlet. If this is not specified the default will depend on the amount of available memory. If there is less than 64mb it will default to 512b heap buffer, less that 128mb 1k direct buffer and otherwise 16k direct buffers.

MemorySize

quarkus.servlet.direct-buffers

If Servlet should use direct buffers, this gives maximum performance but can be problematic in memory constrained environments

boolean

Undertow WebSockets Type Default

quarkus.hot-reload.password

string

required

quarkus.hot-reload.url

string

required

Vault Type Default

quarkus.vault.url

Vault server url. Example: https://localhost:8200

URL

quarkus.vault.authentication.client-token

Vault token, bypassing Vault authentication (kubernetes, userpass or approle). This is useful in development where an authentication mode might not have been set up. In production we will usually prefer some authentication such as userpass, or preferably kubernetes, where Vault tokens get generated with a TTL and some ability to revoke them.

string

quarkus.vault.authentication.app-role.role-id

Role Id for AppRole auth method. This property is required when selecting the app-role authentication type.

string

quarkus.vault.authentication.app-role.secret-id

Secret Id for AppRole auth method. This property is required when selecting the app-role authentication type.

string

quarkus.vault.authentication.userpass.username

User for userpass auth method. This property is required when selecting the userpass authentication type.

string

quarkus.vault.authentication.userpass.password

Password for userpass auth method. This property is required when selecting the userpass authentication type.

string

quarkus.vault.authentication.kubernetes.role

Kubernetes authentication role that has been created in Vault to associate Vault policies, with Kubernetes service accounts and/or Kubernetes namespaces. This property is required when selecting the Kubernetes authentication type.

string

quarkus.vault.authentication.kubernetes.jwt-token-path

Location of the file containing the Kubernetes JWT token to authenticate against in Kubernetes authentication mode.

string

/var/run/secrets/kubernetes.io/serviceaccount/token

quarkus.vault.renew-grace-period

Renew grace period duration. This value if used to extend a lease before it expires its ttl, or recreate a new lease before the current lease reaches its max_ttl. By default Vault leaseDuration is equal to 7 days (ie: 168h or 604800s). If a connection pool maxLifetime is set, it is reasonable to set the renewGracePeriod to be greater than the maxLifetime, so that we are sure we get a chance to renew leases before we reach the ttl. In any case you need to make sure there will be attempts to fetch secrets within the renewGracePeriod, because that is when the renewals will happen. This particularly important for db dynamic secrets because if the lease reaches its ttl or max_ttl, the password of the db user will become invalid and it will be not longer possible to log in. This value should also be smaller than the ttl, otherwise that would mean that we would try to recreate leases all the time.

Duration

1H

quarkus.vault.secret-config-cache-period

Vault config source cache period. Properties fetched from vault as MP config will be kept in a cache, and will not be fetched from vault again until the expiration of that period. This property is ignored if secret-config-kv-path is not set.

Duration

10M

quarkus.vault.secret-config-kv-path

Vault path in kv store, where all properties will be available as MP config.

string

quarkus.vault.log-confidentiality-level

Used to hide confidential infos, for logging in particular. Possible values are: - low: display all secrets. medium: display only usernames and lease ids (ie: passwords and tokens are masked). high: hide lease ids and dynamic credentials username.

low, medium, high

medium

quarkus.vault.kv-secret-engine-version

Kv secret engine version. see https://www.vaultproject.io/docs/secrets/kv/index.html

int

1

quarkus.vault.kv-secret-engine-mount-path

Kv secret engine path. see https://www.vaultproject.io/docs/secrets/kv/index.html

string

secret

quarkus.vault.tls.skip-verify

Allows to bypass certificate validation on TLS communications. If true this will allow TLS communications with Vault, without checking the validity of the certificate presented by Vault. This is discouraged in production because it allows man in the middle type of attacks.

boolean

false

quarkus.vault.tls.ca-cert

Certificate bundle used to validate TLS communications with Vault. The path to a pem bundle file, if TLS is required, and trusted certificates are not set through javax.net.ssl.trustStore system property.

string

quarkus.vault.tls.use-kubernetes-ca-cert

If true and Vault authentication type is kubernetes, TLS will be active and the cacert path will be set to /var/run/secrets/kubernetes.io/serviceaccount/ca.crt. If set, this setting will take precedence over property quarkus.vault.tls.ca-cert. This means that if Vault authentication type is kubernetes and we want to use quarkus.vault.tls.ca-cert or system property javax.net.ssl.trustStore, then this property should be set to false.

boolean

true

quarkus.vault.connect-timeout

Timeout to establish a connection with Vault.

Duration

5S

quarkus.vault.read-timeout

Request timeout on Vault.

Duration

1S

quarkus.vault.credentials-provider."credentials-provider".database-credentials-role

Database credentials role, as defined by https://www.vaultproject.io/docs/secrets/databases/index.html One of database-credentials-role or kv-path needs to be defined. not both.

string

quarkus.vault.credentials-provider."credentials-provider".kv-path

A path in vault kv store, where we will find the kv-key. One of database-credentials-role or kv-path needs to be defined. not both. see https://www.vaultproject.io/docs/secrets/kv/index.html

string

quarkus.vault.credentials-provider."credentials-provider".kv-key

Key name to search in vault path kv-path. The value for that key is the credential. kv-key should not be defined if kv-path is not. see https://www.vaultproject.io/docs/secrets/kv/index.html

string

password

About the Duration formatThe format for durations uses the standard java.time.Duration format.You can learn more about it in the Duration#parse() javadoc.You can also provide duration values starting with a number.In this case, if the value consists only of a number, the converter treats the value as seconds.Otherwise, PT is implicitly prepended to the value to obtain a standard java.time.Duration format.

About the MemorySize formatA size configuration option recognises string in this format (shown as a regular expression): [0-9]+[KkMmGgTtPpEeZzYy]?.If no suffix is given, assume bytes.

All Configuration Properties

All Config