# Mercureact default configuration file
# Please make a copy of me before editing

server:
  # Listen address
  address: 0.0.0.0:9000
  # Enable websocket support (experimental)
  websockets: false
  
  # Setup CORS headers
  cors:
    # Access-Control-Allow-Origin
    allow_origin: '*'
    # Content-Security-Policy
    csp: "default-src * 'self' http: 'unsafe-eval' 'unsafe-inline'; connect-src * 'self'"

  # Setup encryption context, see PHPs TLS context options
  #encryption:
    #local_cert: foo.pem
    #locak_pk: foo.key
    #passphrase: somepassphrase

publish:
  # Assign a UUID to published messages even if one is already set in the message
  overwrite_ids: false
  # Reject messages with previously seen IDs
  reject_duplicates: true

subscribe:
  # Allow anonymous subscription for public updates
  allow_anonymous: true

security:
  jwt_secret: "!ChangeThisMercureHubJWTSecretKey!"