2026-01-14 03:16:00 +00:00
|
|
|
# Service Configuration Templates\n\nNickel-based configuration templates that export to TOML format for provisioning platform services.\n\n## Overview\n\nThis directory contains Nickel templates that generate TOML configuration files for the provisioning platform services:\n\n- **orchestrator-config.toml.ncl** - Workflow engine configuration\n- **control-center-config.toml.ncl** - Policy and RBAC management configuration\n- **mcp-server-config.toml.ncl** - Model Context Protocol server configuration\n\nThese templates support all four deployment modes:\n\n- **solo**: Single developer, minimal configuration\n- **multiuser**: Team collaboration with full features\n- **cicd**: CI/CD pipelines with ephemeral configuration\n- **enterprise**: Production with advanced security and monitoring\n\n## Templates\n\n### orchestrator-config.toml.ncl\n\nOrchestrator workflow engine configuration with sections for:\n\n- **Workspace**: Workspace name, path, and multi-workspace support\n- **Server**: HTTP server configuration (host, port, workers)\n- **Storage**: Backend selection (filesystem, SurrealDB embedded, SurrealDB server)\n- **Queue**: Task concurrency, retries, timeouts, deadletter queue\n- **Batch**: Parallel limits, operation timeouts, checkpointing, rollback\n- **Monitoring**: Metrics collection, health checks, resource tracking\n- **Logging**: Log levels, outputs, rotation\n- **Security**: JWT auth, CORS, TLS, rate limiting\n- **Extensions**: Auto-loading from OCI registry\n- **Database**: Connection pooling for non-filesystem storage\n- **Features**: Feature flags for experimental functionality\n\n**Key Parameters**:\n- `max_concurrent_tasks`: 1-100 (constrained)\n- `batch.parallel_limit`: 1-50 (constrained)\n- Storage backend: filesystem, surrealdb_server, surrealdb_cluster\n- Logging format: json or text\n\n### control-center-config.toml.ncl\n\nControl Center policy and RBAC management configuration with sections for:\n\n- **Server**: HTTP server configuration\n- **Database**: Backend selection (RocksDB, PostgreSQL, PostgreSQL HA)\n- **Auth**: JWT, OAUTH2, LDAP authentication methods\n- **RBAC**: Role-based access control with roles and permissions\n- **MFA**: Multi-factor authentication (TOTP, Email OTP)\n- **Policies**: Password policy, session policy, audit, compliance\n- **Rate Limiting**: Global and per-user rate limits\n- **CORS**: Cross-origin resource sharing configuration\n- **TLS**: SSL/TLS configuration\n- **Monitoring**: Metrics, health checks, tracing\n- **Logging**: Log outputs and rotation\n- **Orchestrator Integration**: Connection to orchestrator service\n- **Features**: Feature flags\n\n**Key Parameters**:\n- `database.backend`: rocksdb, postgres, postgres_ha\n- `mfa.required`: false for solo/multiuser, true for enterprise\n- `policies.password.min_length`: 12\n- `policies.compliance`: SOC2, HIPAA support\n\n### mcp-server-config.toml.ncl\n\nModel Context Protocol server configuration for AI/LLM integration with sections for:\n\n- **Server**: HTTP/Stdio protocol configuration\n- **Capabilities**: Tools, resources, prompts, sampling\n- **Tools**: Tool categories and configurations (orchestrator, provisioning, workspace)\n- **Resources**: File system, database, external API resources\n- **Prompts**: System prompts and user prompt configuration\n- **Integration**: Orchestrator, Control Center, Claude API integration\n- **Security**: Authentication, authorization, rate limiting, input validation\n- **Monitoring**: Metrics, health checks, audit logging\n- **Logging**: Log outputs and configuration\n- **Features**: Feature flags\n- **Performance**: Thread pools, timeouts, caching\n\n**Key Parameters**:\n- `server.protocol`: stdio (process-based) or http (network-based)\n- `capabilities.tools.enabled`: true/false\n- `capabilities.resources.max_size`: 1GB default\n- `integration.claude.model`: claude-3-opus (latest)\n\n## Usage\n\n### Exporting to TOML\n\nEach template exports to TOML format:\n\n```\n# Export orchestrator configuration\nnickel export --format toml orchestrator-config.toml.ncl > orchestrator.to
|
