The framework supports optional consumer config files in config/. Missing files are ignored and replaced by code-level defaults defined in src/Config/.
config/app.phpDefined by Marwa\Framework\Config\AppConfig.
Supported keys:
providers: list of service provider class namesmiddlewares: list of middleware class namesdebugbar: boolean flag for debug bar registrationuseDebugPanel: enable the marwa-db debug panel on the shared connection managercollectors: list of debug bar collector class namesExample:
return [
'providers' => [
App\Providers\AppServiceProvider::class,
],
'middlewares' => [
App\Http\Middleware\TrustProxies::class,
],
'debugbar' => false,
'useDebugPanel' => false,
'collectors' => [],
];
config/view.phpDefined by Marwa\Framework\Config\ViewConfig.
Supported keys:
viewsPath: absolute or base-path-resolved views directorycachePath: writable compiled-template cache directorydebug: enable template debug behaviorthemePath: theme root directoryactiveTheme: currently selected theme namefallbackTheme: fallback theme nameExample:
return [
'viewsPath' => resources_path('views'),
'cachePath' => storage_path('cache/views'),
'debug' => false,
'themePath' => resources_path('views/themes'),
'activeTheme' => 'default',
'fallbackTheme' => 'default',
];
config/event.phpDefined by Marwa\Framework\Config\EventConfig.
Supported keys:
listeners: event-to-listener mapsubscribers: list of subscriber classesExample:
return [
'listeners' => [
Marwa\Framework\Adapters\Event\AppBooted::class => [
[App\Listeners\LogApplicationBoot::class, 'handle'],
],
Marwa\Framework\Adapters\Event\RequestHandled::class => [
[App\Listeners\LogRequestHandled::class, 'handle'],
],
],
'subscribers' => [
App\Listeners\RuntimeSubscriber::class,
],
];
Lifecycle events available out of the box:
ApplicationStartedApplicationBootstrappingProvidersBootstrappedErrorHandlerBootstrappedModulesBootstrappedAppBootedRequestHandlingStartedRequestHandledAppTerminatedConsoleBootstrappedconfig/logger.phpDefined by Marwa\Framework\Config\LoggerConfig.
Supported keys:
enable: boolean logging togglefilter: list of sensitive keys to redactstorage.driver: sink driver such as filestorage.path: log output directorystorage.prefix: file name prefixconfig/mail.phpDefined by Marwa\Framework\Config\MailConfig.
Supported keys:
enabled: enable the mail servicedriver: smtp, sendmail, or mailcharset: message charsetfrom.address: default sender email addressfrom.name: default sender display namesmtp.host: SMTP hostsmtp.port: SMTP portsmtp.encryption: optional SMTP encryption mode such as tlssmtp.username: SMTP usernamesmtp.password: SMTP passwordsmtp.authMode: optional authentication modesmtp.timeout: SMTP timeout in secondssendmail.path: sendmail executable pathExample:
return [
'enabled' => true,
'driver' => 'smtp',
'charset' => 'UTF-8',
'from' => [
'address' => 'no-reply@example.com',
'name' => 'MarwaPHP',
],
'smtp' => [
'host' => '127.0.0.1',
'port' => 1025,
'encryption' => null,
'username' => null,
'password' => null,
'authMode' => null,
'timeout' => 30,
],
'sendmail' => [
'path' => '/usr/sbin/sendmail -bs',
],
];
config/http.phpDefined by Marwa\Framework\Config\HttpConfig.
Supported keys:
enabled: enable the shared HTTP client wrapperdefault: default client profile nameclients: named client profiles keyed by profile nameclients.*.base_uri: base URI for that client profileclients.*.timeout: request timeout in secondsclients.*.connect_timeout: connection timeout in secondsclients.*.http_errors: let Guzzle throw on 4xx/5xx responsesclients.*.verify: TLS verification flag or CA pathclients.*.headers: default request headers for that profileExample:
return [
'enabled' => true,
'default' => 'github',
'clients' => [
'github' => [
'base_uri' => 'https://api.github.com',
'timeout' => 15,
'connect_timeout' => 5,
'http_errors' => false,
'verify' => true,
'headers' => [
'Accept' => 'application/vnd.github+json',
],
],
],
];
config/notification.phpDefined by Marwa\Framework\Config\NotificationConfig.
Supported keys:
enabled: enable the notification managerdefault: default channel list used when a notification does not declare channelschannels.mail.enabled: enable or disable mail deliverychannels.database.enabled: enable or disable database persistencechannels.database.connection: marwa-db connection namechannels.database.table: database notifications table namechannels.http.enabled: enable outbound HTTP/webhook deliverychannels.http.client: HTTP client profile namechannels.http.method: HTTP method such as POSTchannels.http.url: default webhook URLchannels.http.headers: default HTTP headerschannels.sms.enabled: enable SMS deliverychannels.sms.client: HTTP client profile name used by the SMS gatewaychannels.sms.method: HTTP method for the SMS gatewaychannels.sms.url: SMS gateway URLchannels.kafka.enabled: enable Kafka publishingchannels.kafka.publisher: service id implementing Marwa\Framework\Contracts\KafkaPublisherInterfacechannels.kafka.consumer: service id implementing Marwa\Framework\Contracts\KafkaConsumerInterfacechannels.kafka.topic: default Kafka topicchannels.kafka.topics: default Kafka topic list for consumerschannels.kafka.groupId: default Kafka consumer group IDchannels.kafka.key: optional Kafka message keychannels.kafka.headers: Kafka record headerschannels.kafka.options: extra publisher optionschannels.broadcast.enabled: enable event broadcast dispatchingchannels.broadcast.event: broadcast event class nameExample:
return [
'enabled' => true,
'default' => ['mail', 'database'],
'channels' => [
'http' => [
'enabled' => true,
'url' => 'https://hooks.example.test/notify',
],
'kafka' => [
'enabled' => true,
'publisher' => App\Kafka\MarwaKafkaPublisher::class,
'consumer' => App\Kafka\MarwaKafkaConsumer::class,
'topic' => 'notifications',
'topics' => ['notifications'],
'groupId' => 'app',
],
'sms' => [
'enabled' => true,
'url' => 'https://sms.example.test/send',
],
],
];
config/cache.phpDefined by Marwa\Framework\Config\CacheConfig.
Supported keys:
enabled: enable the framework cache servicedriver: sqlite, memory, or apcunamespace: collection/prefix namespace for application keysbuffered: enable Scrapbook local bufferingtransactional: wrap the store in Scrapbook transactionsstampede.enabled: enable Scrapbook stampede protectionstampede.sla: protection window in millisecondssqlite.path: SQLite cache database pathsqlite.table: cache table namememory.limit: optional in-memory store limitExample:
return [
'enabled' => true,
'driver' => 'sqlite',
'namespace' => 'app',
'buffered' => true,
'transactional' => false,
'stampede' => [
'enabled' => true,
'sla' => 1000,
],
'sqlite' => [
'path' => storage_path('cache/framework.sqlite'),
'table' => 'framework_cache',
],
];
config/error.phpDefined by Marwa\Framework\Config\ErrorConfig.
Supported keys:
enabled: register the global PHP error, exception, and shutdown handlersappName: application name shown in fallback output and logsenvironment: environment passed to marwa-error-handleruseLogger: forward uncaught errors to the shared PSR-3 loggeruseDebugReporter: report uncaught exceptions to the debug bar when availablerenderer: custom Marwa\ErrorHandler\Contracts\RendererInterface implementationExample:
return [
'enabled' => true,
'appName' => 'My App',
'environment' => env('APP_ENV', 'production'),
'useLogger' => true,
'useDebugReporter' => true,
'renderer' => Marwa\ErrorHandler\Support\FallbackRenderer::class,
];
config/security.phpDefined by Marwa\Framework\Config\SecurityConfig.
Supported keys:
enabled: master toggle for the security layercsrf.enabled: enable CSRF validation for unsafe HTTP methodscsrf.field: hidden form field name used by csrf_field()csrf.header: header name checked by the middlewarecsrf.token: session key used to store the CSRF tokencsrf.methods: HTTP methods subject to CSRF checkscsrf.except: list of path patterns exempt from CSRFtrustedHosts: list of trusted hostnames or wildcard patternstrustedOrigins: list of trusted origin URLs or wildcard patternsthrottle.enabled: enable cache-backed request throttlingthrottle.prefix: cache key prefix for throttle countersthrottle.limit: request limit per windowthrottle.window: throttle window in secondsrisk.enabled: enable security risk journalingrisk.logPath: JSONL journal file for risk signalsrisk.pruneAfterDays: default retention window in daysrisk.topCount: number of latest signals shown in reportsExample:
return [
'enabled' => true,
'csrf' => [
'enabled' => true,
'except' => ['webhook/*'],
],
'trustedHosts' => ['example.com'],
'trustedOrigins' => ['https://example.com'],
'throttle' => [
'enabled' => true,
'prefix' => 'security',
'limit' => 60,
'window' => 60,
],
'risk' => [
'enabled' => true,
'logPath' => storage_path('security/risk.jsonl'),
'pruneAfterDays' => 30,
'topCount' => 10,
],
];
config/database.phpDefined by Marwa\Framework\Config\DatabaseConfig.
Supported keys:
enabled: enable shared marwa-db bootstrapdefault: default connection nameconnections: named connection map in the marwa-db package formatdebug: default debug flag applied to connections unless overriddenmigrationsPath: application migrations directoryseedersPath: application seeders directoryseedersNamespace: namespace used by seeder discovery and scaffoldingThe debug panel toggle lives in config/app.php as useDebugPanel.
Example:
return [
'enabled' => true,
'default' => 'sqlite',
'connections' => [
'sqlite' => [
'driver' => 'sqlite',
'database' => base_path('database/database.sqlite'),
'debug' => false,
],
],
'migrationsPath' => base_path('database/migrations'),
'seedersPath' => base_path('database/seeders'),
'seedersNamespace' => 'Database\\Seeders',
];
config/bootstrap.phpDefined by Marwa\Framework\Config\BootstrapConfig.
Supported keys:
configCache: full path to cached merged config outputrouteCache: full path to compiled route cache outputmoduleCache: full path to module manifest cache outputDefault paths:
bootstrap/cache/config.phpbootstrap/cache/routes.phpbootstrap/cache/modules.phpconfig/session.phpDefined by Marwa\Framework\Config\SessionConfig.
Supported keys:
enabled: enable the framework session serviceautoStart: start the session automatically through middleware on every HTTP requestname: cookie/session namelifetime: session lifetime in secondspath: cookie pathdomain: cookie domainsecure: mark the cookie as HTTPS-onlyhttpOnly: prevent JavaScript access to the cookiesameSite: cookie SameSite value such as Lax, Strict, or Noneencrypt: encrypt stored session payloads with APP_KEYExample:
return [
'enabled' => true,
'autoStart' => false,
'name' => 'marwa_session',
'lifetime' => 7200,
'path' => '/',
'domain' => '',
'secure' => env('APP_ENV') === 'production',
'httpOnly' => true,
'sameSite' => 'Lax',
'encrypt' => true,
];
Encrypted sessions require APP_KEY to be configured.
The session service also supports flash data through flash(), now(), reflash(), and keep().
config/schedule.phpDefined by Marwa\Framework\Config\ScheduleConfig.
Supported keys:
enabled: enable the scheduler runtimedriver: file, cache, or databaselockPath: legacy alias for file.pathfile.path: directory used for file-based lock and state recordscache.namespace: cache key prefix used for scheduler state and locksdatabase.connection: marwa-db connection name used by the scheduler storedatabase.table: table used for scheduler state and overlap locksdefaultLoopSeconds: default schedule:run --for durationdefaultSleepSeconds: default schedule:run --sleep durationExample:
return [
'enabled' => true,
'driver' => 'cache',
'file' => [
'path' => storage_path('framework/schedule'),
],
'cache' => [
'namespace' => 'schedule',
],
'database' => [
'connection' => 'sqlite',
'table' => 'schedule_jobs',
],
'defaultLoopSeconds' => 60,
'defaultSleepSeconds' => 1,
];
Use php marwa schedule:table to create a migration stub for the configured scheduler table when the database driver is enabled.
config/storage.phpDefined by Marwa\Framework\Config\StorageConfig.
Supported keys:
default: default storage disk namedisks: configured disk definitionsdisks.<name>.driver: currently localdisks.<name>.root: root directory for the diskdisks.<name>.visibility: default Flysystem visibilityExample:
return [
'default' => 'local',
'disks' => [
'local' => [
'driver' => 'local',
'root' => storage_path('app'),
'visibility' => 'private',
],
'public' => [
'driver' => 'local',
'root' => storage_path('app/public'),
'visibility' => 'public',
],
],
];
config/module.phpDefined by Marwa\Framework\Config\ModuleConfig.
Supported keys:
enabled: enable module-aware starter behaviorpaths: list of module root directoriescache: full path to the module manifest cache fileforceRefresh: ignore the module cache and rescan the filesystemcommandPaths: manifest paths keys that should be treated as command directoriescommandConventions: module-relative fallback directories for command discoveryconfig/queue.phpDefined by Marwa\Framework\Config\QueueConfig.
Supported keys:
enabled: enable the shared file-backed queuedefault: default queue namepath: queue storage rootretryAfter: retry visibility timeout in seconds for user-defined workersExample:
return [
'enabled' => true,
'default' => 'default',
'path' => storage_path('queue'),
'retryAfter' => 90,
];
config/schedule.phpDefined by Marwa\Framework\Config\ScheduleConfig.
Supported keys:
enabled: enable the scheduler runtimelockPath: directory for overlap-prevention lock filesdefaultLoopSeconds: default schedule:run --for valuedefaultSleepSeconds: default schedule:run --sleep valueExample:
return [
'enabled' => true,
'lockPath' => storage_path('framework/schedule'),
'defaultLoopSeconds' => 60,
'defaultSleepSeconds' => 1,
];
Example:
return [
'enabled' => true,
'paths' => [
base_path('modules'),
],
'cache' => base_path('bootstrap/cache/modules.php'),
'forceRefresh' => false,
'commandPaths' => ['commands'],
'commandConventions' => ['Console/Commands', 'src/Console/Commands'],
];