provisioning/schemas/platform/configs/extension-registry.enterprise.ncl

# Extension Registry - Enterprise Mode
# High-availability multi-source, multi-registry configuration
let registry_schema = import "../schemas/extension-registry.ncl" in
{
  extension_registry | registry_schema.RegistryConfig = {
    server = {
      host = "0.0.0.0",
      port = 8081,
      workers = 16,
      enable_cors = true,
      enable_compression = true,
    },
    sources = {
      # Primary and secondary Gitea instances (failover)
      gitea = [
        {
          id = "primary-gitea",
          url = "https://gitea-primary.company.prod:443",
          organization = "provisioning",
          token_path = "/etc/secrets/gitea-primary-token.txt",
          timeout_seconds = 30,
          verify_ssl = true,
        },
        {
          id = "secondary-gitea",
          url = "https://gitea-secondary.company.prod:443",
          organization = "provisioning",
          token_path = "/etc/secrets/gitea-secondary-token.txt",
          timeout_seconds = 30,
          verify_ssl = true,
        },
      ],
      # Forgejo for community extensions
      forgejo = [
        {
          id = "community-forgejo",
          url = "https://forge.company.prod:443",
          organization = "provisioning",
          token_path = "/etc/secrets/forgejo-token.txt",
          timeout_seconds = 30,
          verify_ssl = true,
        },
      ],
      # GitHub organization
      github = [
        {
          id = "company-github",
          organization = "company-provisioning",
          token_path = "/etc/secrets/github-token.txt",
          timeout_seconds = 30,
          verify_ssl = true,
        },
      ],
    },
    distributions = {
      # Multiple OCI registries for distribution
      oci = [
        {
          id = "primary-zot",
          registry = "zot-primary.company.prod:5000",
          namespace = "provisioning/extensions",
          timeout_seconds = 30,
          verify_ssl = true,
        },
        {
          id = "secondary-harbor",
          registry = "harbor-secondary.company.prod:443",
          namespace = "provisioning",
          auth_token_path = "/etc/secrets/harbor-token.txt",
          timeout_seconds = 30,
          verify_ssl = true,
        },
        {
          id = "public-docker",
          registry = "docker.io",
          namespace = "company-provisioning",
          auth_token_path = "/etc/secrets/docker-hub-token.txt",
          timeout_seconds = 30,
          verify_ssl = true,
        },
      ],
    },
    cache = {
      capacity = 10000,
      ttl_seconds = 1800,
      enable_metadata_cache = true,
      enable_list_cache = true,
    },
  },
}
chore: complete nickel migration and consolidate legacy configs - Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/ 2026-01-08 09:55:37 +00:00			`# Extension Registry - Enterprise Mode`
			`# High-availability multi-source, multi-registry configuration`
			`let registry_schema = import "../schemas/extension-registry.ncl" in`
			`{`
			`extension_registry \| registry_schema.RegistryConfig = {`
			`server = {`
			`host = "0.0.0.0",`
			`port = 8081,`
			`workers = 16,`
			`enable_cors = true,`
			`enable_compression = true,`
			`},`
			`sources = {`
			`# Primary and secondary Gitea instances (failover)`
			`gitea = [`
			`{`
			`id = "primary-gitea",`
			`url = "https://gitea-primary.company.prod:443",`
			`organization = "provisioning",`
			`token_path = "/etc/secrets/gitea-primary-token.txt",`
			`timeout_seconds = 30,`
			`verify_ssl = true,`
			`},`
			`{`
			`id = "secondary-gitea",`
			`url = "https://gitea-secondary.company.prod:443",`
			`organization = "provisioning",`
			`token_path = "/etc/secrets/gitea-secondary-token.txt",`
			`timeout_seconds = 30,`
			`verify_ssl = true,`
			`},`
			`],`
			`# Forgejo for community extensions`
			`forgejo = [`
			`{`
			`id = "community-forgejo",`
			`url = "https://forge.company.prod:443",`
			`organization = "provisioning",`
			`token_path = "/etc/secrets/forgejo-token.txt",`
			`timeout_seconds = 30,`
			`verify_ssl = true,`
			`},`
			`],`
			`# GitHub organization`
			`github = [`
			`{`
			`id = "company-github",`
			`organization = "company-provisioning",`
			`token_path = "/etc/secrets/github-token.txt",`
			`timeout_seconds = 30,`
			`verify_ssl = true,`
			`},`
			`],`
			`},`
			`distributions = {`
			`# Multiple OCI registries for distribution`
			`oci = [`
			`{`
			`id = "primary-zot",`
			`registry = "zot-primary.company.prod:5000",`
			`namespace = "provisioning/extensions",`
			`timeout_seconds = 30,`
			`verify_ssl = true,`
			`},`
			`{`
			`id = "secondary-harbor",`
			`registry = "harbor-secondary.company.prod:443",`
			`namespace = "provisioning",`
			`auth_token_path = "/etc/secrets/harbor-token.txt",`
			`timeout_seconds = 30,`
			`verify_ssl = true,`
			`},`
			`{`
			`id = "public-docker",`
			`registry = "docker.io",`
			`namespace = "company-provisioning",`
			`auth_token_path = "/etc/secrets/docker-hub-token.txt",`
			`timeout_seconds = 30,`
			`verify_ssl = true,`
			`},`
			`],`
			`},`
			`cache = {`
			`capacity = 10000,`
			`ttl_seconds = 1800,`
			`enable_metadata_cache = true,`
			`enable_list_cache = true,`
			`},`
			`},`
			`}`