chore: optimize HikariCP pool and JVM memory for Raspberry Pi

refactor(bootstrap): replace PostConstruct validator with ApplicationContextInitializer
feat(config): add AppPropertiesValidator to validate required environment variables at startup
2025-09-20 10:07:11 +02:00 · 2025-09-19 17:20:02 +02:00 · 2025-09-19 17:09:28 +02:00 · 2025-09-19 17:09:09 +02:00
9 changed files with 113 additions and 4 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,6 +1,7 @@
 SPRING_PROFILES_ACTIVE=dev

 APP_ENCRYPTION_SECRET=123456789
+APP_ALLOWED_ORIGINS=http://localhost:8080

 DB_NAME=EXAMPLE_DB
 DB_USER=EXAMPLE
--- a/2
+++ b/2
@@ -10,4 +10,4 @@ COPY --from=build /app/bootstrap/target/*.jar app.jar
 EXPOSE 8080
 EXPOSE 5005

-ENTRYPOINT ["java", "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005", "-jar", "app.jar"]
+ENTRYPOINT ["java", "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005", "-Xmx512m", "-Xms256m", "-jar", "app.jar"]
--- a/bootstrap/src/main/java/com/pablotj/restemailbridge/bootstrap/EnvironmentValidatorInitializer.java
+++ b/bootstrap/src/main/java/com/pablotj/restemailbridge/bootstrap/EnvironmentValidatorInitializer.java
@@ -0,0 +1,29 @@
+package com.pablotj.restemailbridge.bootstrap;
+
+import org.springframework.context.ApplicationContextInitializer;
+import org.springframework.context.ConfigurableApplicationContext;
+
+public class EnvironmentValidatorInitializer implements ApplicationContextInitializer<ConfigurableApplicationContext> {
+
+    @Override
+    public void initialize(ConfigurableApplicationContext ctx) {
+        String[] requiredProperties = {
+                "APP_ENCRYPTION_SECRET",
+                "APP_ALLOWED_ORIGINS",
+                "DB_NAME",
+                "DB_USER",
+                "DB_PASSWORD",
+                "DB_HOST",
+                "DB_PORT",
+                "GMAIL_OAUTH_CLIENT_ID",
+                "GMAIL_OAUTH_CLIENT_SECRET"
+        };
+
+        for (String prop : requiredProperties) {
+            String value = ctx.getEnvironment().getProperty(prop);
+            if (value == null || value.isEmpty()) {
+                throw new IllegalStateException("ERROR: Property '" + prop + "' is not defined or empty");
+            }
+        }
+    }
+}
--- a/bootstrap/src/main/java/com/pablotj/restemailbridge/bootstrap/RestEmailBridgeApplication.java
+++ b/bootstrap/src/main/java/com/pablotj/restemailbridge/bootstrap/RestEmailBridgeApplication.java
@@ -11,6 +11,8 @@ import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
 public class RestEmailBridgeApplication {

    public static void main(String[] args) {
-        SpringApplication.run(RestEmailBridgeApplication.class, args);
+        SpringApplication app = new SpringApplication(RestEmailBridgeApplication.class);
+        app.addInitializers(new EnvironmentValidatorInitializer());
+        app.run(args);
    }
 }
--- a/bootstrap/src/main/resources/application.yml
+++ b/bootstrap/src/main/resources/application.yml
@@ -5,6 +5,8 @@ info:
 app:
  encryption:
    secret:  ${APP_ENCRYPTION_SECRET}
+  cors:
+    allowed-origins: ${APP_ALLOWED_ORIGINS:http://localhost:8080}

 server:
  port: 8080
@@ -25,8 +27,11 @@ spring:
    password: ${DB_PASSWORD:postgres}
    driver-class-name: org.postgresql.Driver
    hikari:
-      maximum-pool-size: 20
-      minimum-idle: 5
+      maximum-pool-size: 3
+      minimum-idle: 1
+      idle-timeout: 30000
+      connection-timeout: 10000
+      leak-detection-threshold: 10000

  jpa:
    hibernate:
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,6 +14,7 @@ services:
      DB_USER: ${DB_USER}
      DB_PASSWORD: ${DB_PASSWORD}
      APP_ENCRYPTION_SECRET: ${APP_ENCRYPTION_SECRET}
+      APP_ALLOWED_ORIGINS: ${APP_ALLOWED_ORIGINS}
      GMAIL_OAUTH_CLIENT_ID: ${GMAIL_OAUTH_CLIENT_ID}
      GMAIL_OAUTH_CLIENT_SECRET: ${GMAIL_OAUTH_CLIENT_SECRET}
    networks:
--- a/infrastructure/pom.xml
+++ b/infrastructure/pom.xml
@@ -49,6 +49,11 @@
            <artifactId>spring-boot-starter-validation</artifactId>
        </dependency>

+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        
        <dependency>
            <groupId>org.reflections</groupId>
            <artifactId>reflections</artifactId>
--- a/infrastructure/src/main/java/com/pablotj/restemailbridge/infrastructure/config/CorsConfig.java
+++ b/infrastructure/src/main/java/com/pablotj/restemailbridge/infrastructure/config/CorsConfig.java
@@ -0,0 +1,35 @@
+package com.pablotj.restemailbridge.infrastructure.config;
+
+import java.util.Arrays;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.CorsConfigurationSource;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+
+import java.util.List;
+
+@Configuration
+public class CorsConfig {
+
+    @Value("${app.cors.allowed-origins}")
+    private String allowedOriginsString;
+
+    @Bean
+    public CorsConfigurationSource corsConfigurationSource() {
+        CorsConfiguration config = new CorsConfiguration();
+
+        List<String> allowedOrigins = Arrays.asList(allowedOriginsString.split(","));
+        config.setAllowedOriginPatterns(allowedOrigins);
+
+        config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
+        config.setAllowedHeaders(List.of("*"));
+        config.setAllowCredentials(true);
+
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        source.registerCorsConfiguration("/**", config);
+
+        return source;
+    }
+}
--- a/infrastructure/src/main/java/com/pablotj/restemailbridge/infrastructure/config/SecurityConfig.java
+++ b/infrastructure/src/main/java/com/pablotj/restemailbridge/infrastructure/config/SecurityConfig.java
@@ -0,0 +1,31 @@
+package com.pablotj.restemailbridge.infrastructure.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
+import org.springframework.security.web.SecurityFilterChain;
+import org.springframework.web.cors.CorsConfigurationSource;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig {
+
+    private final CorsConfigurationSource corsConfigurationSource;
+
+    public SecurityConfig(CorsConfigurationSource corsConfigurationSource) {
+        this.corsConfigurationSource = corsConfigurationSource;
+    }
+
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http
+                .csrf(AbstractHttpConfigurer::disable)
+                .cors(cors -> cors.configurationSource(corsConfigurationSource))
+                .authorizeHttpRequests(auth -> auth
+                        .anyRequest().permitAll()
+                );
+        return http.build();
+    }
+}
Author	SHA1	Message	Date
Pablo de la Torre Jamardo	a42a8dd3a5	chore: optimize HikariCP pool and JVM memory for Raspberry Pi	2025-09-20 10:07:11 +02:00
Pablo de la Torre Jamardo	ab0e2ffa68	refactor(bootstrap): replace PostConstruct validator with ApplicationContextInitializer	2025-09-19 17:20:02 +02:00
Pablo de la Torre Jamardo	e0692f7913	feat(config): add AppPropertiesValidator to validate required environment variables at startup	2025-09-19 17:09:28 +02:00
Pablo de la Torre Jamardo	bcb97312cd	fix(cors): allow origins from environment variable	2025-09-19 17:09:09 +02:00