server:
  port: ${GATEWAY_SERVER_PORT:8081}

spring:
  application:
    name: "gateway"
  autoconfigure:
    exclude:
      - "org.springframework.cloud.client.loadbalancer.LoadBalancerAutoConfiguration"
  # --- VALKEY (Redis-protokollkompatibel, Spring nutzt spring.data.redis.*) ---
  data:
    redis:
      host: ${SPRING_DATA_VALKEY_HOST:localhost}
      port: ${SPRING_DATA_VALKEY_PORT:6379}
      password: ${SPRING_DATA_VALKEY_PASSWORD:}

  # --- CONSUL (Service Discovery) ---
  cloud:
    consul:
      host: ${SPRING_CLOUD_CONSUL_HOST:localhost}
      port: ${SPRING_CLOUD_CONSUL_PORT:8500}
      discovery:
        enabled: true
        register: true
        prefer-ip-address: true
        health-check-path: /actuator/health
        health-check-interval: 10s
        health-check-port: 8081
        instance-id: ${spring.application.name}:${server.port}:${random.uuid}
        service-name: ${spring.application.name}

    gateway:
      httpclient: { }
      # Routen sind in GatewayConfig.kt via Service-Discovery (lb://) definiert

  # --- SECURITY (OAuth2 Resource Server) ---
  security:
    oauth2:
      resourceserver:
        jwt:
          # Keycloak URL. Lokal: localhost:8080 (oder 8180 je nach Mapping).
          # Im Docker: keycloak:8080.
          # Wir nutzen hier localhost:8180 als Default (siehe docker-compose Port Mapping).
          issuer-uri: ${SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI:http://localhost:8180/realms/meldestelle}
          jwk-set-uri: ${SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI:http://localhost:8180/realms/meldestelle/protocol/openid-connect/certs}

gateway:
  security:
    cors:
      allowed-origin-patterns:
        - "http://localhost:*"
        - "https://*.meldestelle.at"
        - "https://*.mo-code.at"
        - "https://*.postman.co"
        - "postman://*"
      allowed-methods:
        - "GET"
        - "POST"
        - "PUT"
        - "DELETE"
        - "OPTIONS"
        - "PATCH"
      allowed-headers:
        - "*"
      allow-credentials: true
      max-age: 3600s

management:
  endpoints:
    web:
      exposure:
        include: "health,info,prometheus"
  endpoint:
    health:
      show-details: always
      probes:
        enabled: true # Aktiviert /actuator/health/liveness und /readiness
  tracing:
    sampling:
      probability: ${TRACING_SAMPLING_PROBABILITY:1.0}
    propagation:
      # B3 ist das native Format von Brave/Zipkin. W3C wäre für OpenTelemetry.
      # Alle Services nutzen Brave (via monitoring-client), daher muss das Gateway ebenfalls B3 verwenden.
      type: "b3"
  zipkin:
    tracing:
      # Lokal: Zipkin auf Port 9411. In Docker via ENV MANAGEMENT_ZIPKIN_TRACING_ENDPOINT überschrieben.
      endpoint: ${MANAGEMENT_ZIPKIN_TRACING_ENDPOINT:http://localhost:9411/api/v2/spans}