jesus/provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: add configs

Browse Source
This commit is contained in:
Jesús Pérez 2026-01-12 05:19:06 +00:00
parent 1508d9a96b
commit 52904472de
Signed by: jesus
GPG Key ID: 9F243E355E0BC939
7 changed files with 755 additions and 755 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1006
config/ai.toml
View File

File diff suppressed because it is too large Load Diff

152
config/examples/control-center.solo.example.toml
View File

@ -2,21 +2,21 @@
enabled = false enabled = false
redact_sensitive = true redact_sensitive = true
[control_center.audit.storage] [control_center.audit.storage]
immutable = false immutable = false
retention_days = 90 retention_days = 90
[control_center.compliance] [control_center.compliance]
enabled = false enabled = false
encryption_required = false encryption_required = false
[control_center.compliance.data_retention] [control_center.compliance.data_retention]
audit_log_days = 2555 audit_log_days = 2555
policy_years = 7 policy_years = 7
[control_center.compliance.validation] [control_center.compliance.validation]
enabled = false enabled = false
interval_hours = 24 interval_hours = 24
[control_center.database] [control_center.database]
backend = "rocksdb" backend = "rocksdb"
@ -40,78 +40,78 @@ format = "&"
level = "&" level = "&"
outputs = ["stdout"] outputs = ["stdout"]
[control_center.logging.fields] [control_center.logging.fields]
caller = false caller = false
hostname = true hostname = true
pid = true pid = true
service_name = true service_name = true
stack_trace = false stack_trace = false
timestamp = true timestamp = true
[control_center.logging.file] [control_center.logging.file]
compress = false compress = false
max_age = 30 max_age = 30
max_backups = 10 max_backups = 10
max_size = 104857600 max_size = 104857600
path = "/var/log/provisioning/service.log" path = "/var/log/provisioning/service.log"
[control_center.logging.performance] [control_center.logging.performance]
enabled = false enabled = false
memory_info = false memory_info = false
slow_threshold = 1000 slow_threshold = 1000
[control_center.logging.sampling] [control_center.logging.sampling]
enabled = false enabled = false
initial = 100 initial = 100
thereafter = 100 thereafter = 100
[control_center.logging.syslog] [control_center.logging.syslog]
protocol = "udp" protocol = "udp"
[control_center.monitoring] [control_center.monitoring]
enabled = false enabled = false
[control_center.monitoring.alerting] [control_center.monitoring.alerting]
enabled = false enabled = false
[control_center.monitoring.health_check] [control_center.monitoring.health_check]
enabled = false enabled = false
endpoint = "/health" endpoint = "/health"
healthy_threshold = 2 healthy_threshold = 2
interval = 30 interval = 30
timeout = 5000 timeout = 5000
type = "&" type = "&"
unhealthy_threshold = 3 unhealthy_threshold = 3
[control_center.monitoring.metrics] [control_center.monitoring.metrics]
buffer_size = 1000 buffer_size = 1000
enabled = false enabled = false
interval = 60 interval = 60
prometheus_path = "/metrics" prometheus_path = "/metrics"
retention_days = 30 retention_days = 30
[control_center.monitoring.resources] [control_center.monitoring.resources]
alert_threshold = 80 alert_threshold = 80
cpu = false cpu = false
disk = false disk = false
memory = false memory = false
network = false network = false
[control_center.monitoring.tracing] [control_center.monitoring.tracing]
enabled = false enabled = false
sample_rate = 0.1 sample_rate = 0.1
[control_center.policy] [control_center.policy]
enabled = true enabled = true
[control_center.policy.cache] [control_center.policy.cache]
enabled = true enabled = true
max_policies = 10000 max_policies = 10000
ttl = 3600 ttl = 3600
[control_center.policy.versioning] [control_center.policy.versioning]
enabled = true enabled = true
max_versions = 20 max_versions = 20
[control_center.rbac] [control_center.rbac]
attribute_based = false attribute_based = false
@ -120,10 +120,10 @@ dynamic_roles = false
enabled = true enabled = true
hierarchy = true hierarchy = true
[control_center.rbac.roles] [control_center.rbac.roles]
admin = true admin = true
operator = true operator = true
viewer = true viewer = true
[control_center.security.cors] [control_center.security.cors]
allow_credentials = false allow_credentials = false
@ -176,15 +176,15 @@ workers = 4
audit_enabled = false audit_enabled = false
enabled = true enabled = true
[control_center.users.registration] [control_center.users.registration]
auto_assign_role = "user" auto_assign_role = "user"
enabled = true enabled = true
requires_approval = false requires_approval = false
[control_center.users.sessions] [control_center.users.sessions]
absolute_timeout = 86400 absolute_timeout = 86400
idle_timeout = 3600 idle_timeout = 3600
max_active = 5 max_active = 5
[control_center.workspace] [control_center.workspace]
enabled = true enabled = true

42
config/examples/extension-registry.enterprise.example.toml
View File

@ -2,85 +2,85 @@
# High-availability, multi-source, multi-registry production deployment # High-availability, multi-source, multi-registry production deployment
[server] [server]
enable_compression = true
enable_cors = true
host = "0.0.0.0" host = "0.0.0.0"
port = 8082 port = 8082
workers = 8 workers = 8
enable_cors = true
enable_compression = true
# Primary internal Gitea instance # Primary internal Gitea instance
[[sources.gitea]] [[sources.gitea]]
id = "primary-internal-gitea" id = "primary-internal-gitea"
url = "https://gitea.internal.company.com"
organization = "platform-extensions" organization = "platform-extensions"
token_path = "/etc/secrets/gitea-primary-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/gitea-primary-token.txt"
url = "https://gitea.internal.company.com"
verify_ssl = true verify_ssl = true
# Secondary internal Gitea (failover) # Secondary internal Gitea (failover)
[[sources.gitea]] [[sources.gitea]]
id = "secondary-internal-gitea" id = "secondary-internal-gitea"
url = "https://gitea-secondary.internal.company.com"
organization = "platform-extensions" organization = "platform-extensions"
token_path = "/etc/secrets/gitea-secondary-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/gitea-secondary-token.txt"
url = "https://gitea-secondary.internal.company.com"
verify_ssl = true verify_ssl = true
# Forgejo for community extensions # Forgejo for community extensions
[[sources.forgejo]] [[sources.forgejo]]
id = "enterprise-forgejo" id = "enterprise-forgejo"
url = "https://forge.company.com"
organization = "platform" organization = "platform"
token_path = "/etc/secrets/forgejo-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/forgejo-token.txt"
url = "https://forge.company.com"
verify_ssl = true verify_ssl = true
# GitHub organization # GitHub organization
[[sources.github]] [[sources.github]]
id = "company-github" id = "company-github"
organization = "company-platform" organization = "company-platform"
token_path = "/etc/secrets/github-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/github-token.txt"
verify_ssl = true verify_ssl = true
# Primary enterprise OCI registry (Zot) # Primary enterprise OCI registry (Zot)
[[distributions.oci]] [[distributions.oci]]
id = "primary-oci-zot" id = "primary-oci-zot"
registry = "zot.internal.company.com"
namespace = "platform/extensions" namespace = "platform/extensions"
registry = "zot.internal.company.com"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# Secondary enterprise OCI registry (Harbor) # Secondary enterprise OCI registry (Harbor)
[[distributions.oci]] [[distributions.oci]]
id = "secondary-oci-harbor"
registry = "harbor.internal.company.com"
namespace = "platform"
auth_token_path = "/etc/secrets/harbor-token.txt" auth_token_path = "/etc/secrets/harbor-token.txt"
id = "secondary-oci-harbor"
namespace = "platform"
registry = "harbor.internal.company.com"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# Public Docker Hub for external distribution # Public Docker Hub for external distribution
[[distributions.oci]] [[distributions.oci]]
id = "public-docker-hub"
registry = "docker.io"
namespace = "company-open-source"
auth_token_path = "/etc/secrets/docker-hub-token.txt" auth_token_path = "/etc/secrets/docker-hub-token.txt"
id = "public-docker-hub"
namespace = "company-open-source"
registry = "docker.io"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# Public GHCR for open-source projects # Public GHCR for open-source projects
[[distributions.oci]] [[distributions.oci]]
id = "public-ghcr"
registry = "ghcr.io"
namespace = "company-open-source"
auth_token_path = "/etc/secrets/ghcr-token.txt" auth_token_path = "/etc/secrets/ghcr-token.txt"
id = "public-ghcr"
namespace = "company-open-source"
registry = "ghcr.io"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# Caching configuration for high-traffic enterprise environment # Caching configuration for high-traffic enterprise environment
[cache] [cache]
capacity = 5000 capacity = 5000
ttl_seconds = 600
enable_metadata_cache = true
enable_list_cache = true enable_list_cache = true
enable_metadata_cache = true
ttl_seconds = 600

42
config/examples/extension-registry.multi-backend.example.toml
View File

@ -3,87 +3,87 @@
# multiple Git-based sources (Gitea, Forgejo, GitHub) and multiple OCI registries # multiple Git-based sources (Gitea, Forgejo, GitHub) and multiple OCI registries
[server] [server]
enable_compression = true
enable_cors = false
host = "0.0.0.0" host = "0.0.0.0"
port = 8082 port = 8082
workers = 4 workers = 4
enable_cors = false
enable_compression = true
# Multiple Git-based source backends # Multiple Git-based source backends
# Internal Gitea instance for private extensions # Internal Gitea instance for private extensions
[[sources.gitea]] [[sources.gitea]]
id = "internal-gitea" id = "internal-gitea"
url = "https://gitea.internal.example.com"
organization = "provisioning" organization = "provisioning"
token_path = "/etc/secrets/gitea-internal-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/gitea-internal-token.txt"
url = "https://gitea.internal.example.com"
verify_ssl = true verify_ssl = true
# Public Gitea instance for community extensions # Public Gitea instance for community extensions
[[sources.gitea]] [[sources.gitea]]
id = "public-gitea" id = "public-gitea"
url = "https://gitea.public.example.com"
organization = "provisioning-extensions" organization = "provisioning-extensions"
token_path = "/etc/secrets/gitea-public-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/gitea-public-token.txt"
url = "https://gitea.public.example.com"
verify_ssl = true verify_ssl = true
# Forgejo sources (Git-compatible) # Forgejo sources (Git-compatible)
[[sources.forgejo]] [[sources.forgejo]]
id = "community-forgejo" id = "community-forgejo"
url = "https://forgejo.community.example.com"
organization = "provisioning" organization = "provisioning"
token_path = "/etc/secrets/forgejo-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/forgejo-token.txt"
url = "https://forgejo.community.example.com"
verify_ssl = true verify_ssl = true
# GitHub sources # GitHub sources
[[sources.github]] [[sources.github]]
id = "org-github" id = "org-github"
organization = "my-organization" organization = "my-organization"
token_path = "/etc/secrets/github-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/github-token.txt"
verify_ssl = true verify_ssl = true
# Multiple OCI distribution registries # Multiple OCI distribution registries
# Internal Zot registry # Internal Zot registry
[[distributions.oci]] [[distributions.oci]]
id = "internal-zot" id = "internal-zot"
registry = "zot.internal.example.com"
namespace = "provisioning/extensions" namespace = "provisioning/extensions"
registry = "zot.internal.example.com"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# Public Harbor registry # Public Harbor registry
[[distributions.oci]] [[distributions.oci]]
id = "public-harbor"
registry = "harbor.public.example.com"
namespace = "provisioning"
auth_token_path = "/etc/secrets/harbor-token.txt" auth_token_path = "/etc/secrets/harbor-token.txt"
id = "public-harbor"
namespace = "provisioning"
registry = "harbor.public.example.com"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# Docker Hub # Docker Hub
[[distributions.oci]] [[distributions.oci]]
id = "docker-hub"
registry = "docker.io"
namespace = "myorg"
auth_token_path = "/etc/secrets/docker-hub-token.txt" auth_token_path = "/etc/secrets/docker-hub-token.txt"
id = "docker-hub"
namespace = "myorg"
registry = "docker.io"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# GHCR (GitHub Container Registry) # GHCR (GitHub Container Registry)
[[distributions.oci]] [[distributions.oci]]
id = "ghcr"
registry = "ghcr.io"
namespace = "my-organization"
auth_token_path = "/etc/secrets/ghcr-token.txt" auth_token_path = "/etc/secrets/ghcr-token.txt"
id = "ghcr"
namespace = "my-organization"
registry = "ghcr.io"
timeout_seconds = 30 timeout_seconds = 30
verify_ssl = true verify_ssl = true
# Caching configuration # Caching configuration
[cache] [cache]
capacity = 1000 capacity = 1000
ttl_seconds = 300
enable_metadata_cache = true
enable_list_cache = true enable_list_cache = true
enable_metadata_cache = true
ttl_seconds = 300

12
config/examples/extension-registry.solo.example.toml
View File

@ -3,23 +3,23 @@
# Old single-instance format (auto-migrated to multi-instance on startup) # Old single-instance format (auto-migrated to multi-instance on startup)
[server] [server]
enable_compression = true
enable_cors = false
host = "127.0.0.1" host = "127.0.0.1"
port = 8082 port = 8082
workers = 2 workers = 2
enable_cors = false
enable_compression = true
# Single Gitea backend (auto-migrated to sources.gitea[0]) # Single Gitea backend (auto-migrated to sources.gitea[0])
[gitea] [gitea]
url = "http://localhost:3000"
organization = "provisioning" organization = "provisioning"
token_path = "/etc/secrets/gitea-token.txt"
timeout_seconds = 30 timeout_seconds = 30
token_path = "/etc/secrets/gitea-token.txt"
url = "http://localhost:3000"
verify_ssl = false verify_ssl = false
# Caching configuration # Caching configuration
[cache] [cache]
capacity = 100 capacity = 100
ttl_seconds = 300
enable_metadata_cache = true
enable_list_cache = true enable_list_cache = true
enable_metadata_cache = true
ttl_seconds = 300

128
config/examples/orchestrator.enterprise.example.toml
View File

@ -3,15 +3,15 @@ metrics = false
operation_timeout = 1800000 operation_timeout = 1800000
parallel_limit = 5 parallel_limit = 5
[orchestrator.batch.checkpointing] [orchestrator.batch.checkpointing]
enabled = true enabled = true
interval = 100 interval = 100
max_checkpoints = 10 max_checkpoints = 10
[orchestrator.batch.rollback] [orchestrator.batch.rollback]
enabled = true enabled = true
max_rollback_depth = 5 max_rollback_depth = 5
strategy = "checkpoint_based" strategy = "checkpoint_based"
[orchestrator.extensions] [orchestrator.extensions]
auto_load = false auto_load = false
@ -25,66 +25,66 @@ format = "&"
level = "&" level = "&"
outputs = ["stdout"] outputs = ["stdout"]
[orchestrator.logging.fields] [orchestrator.logging.fields]
caller = false caller = false
hostname = true hostname = true
pid = true pid = true
service_name = true service_name = true
stack_trace = false stack_trace = false
timestamp = true timestamp = true
[orchestrator.logging.file] [orchestrator.logging.file]
compress = false compress = false
max_age = 30 max_age = 30
max_backups = 10 max_backups = 10
max_size = 104857600 max_size = 104857600
path = "/var/log/provisioning/service.log" path = "/var/log/provisioning/service.log"
[orchestrator.logging.performance] [orchestrator.logging.performance]
enabled = false enabled = false
memory_info = false memory_info = false
slow_threshold = 1000 slow_threshold = 1000
[orchestrator.logging.sampling] [orchestrator.logging.sampling]
enabled = false enabled = false
initial = 100 initial = 100
thereafter = 100 thereafter = 100
[orchestrator.logging.syslog] [orchestrator.logging.syslog]
protocol = "udp" protocol = "udp"
[orchestrator.monitoring] [orchestrator.monitoring]
enabled = false enabled = false
[orchestrator.monitoring.alerting] [orchestrator.monitoring.alerting]
enabled = false enabled = false
[orchestrator.monitoring.health_check] [orchestrator.monitoring.health_check]
enabled = false enabled = false
endpoint = "/health" endpoint = "/health"
healthy_threshold = 2 healthy_threshold = 2
interval = 30 interval = 30
timeout = 5000 timeout = 5000
type = "&" type = "&"
unhealthy_threshold = 3 unhealthy_threshold = 3
[orchestrator.monitoring.metrics] [orchestrator.monitoring.metrics]
buffer_size = 1000 buffer_size = 1000
enabled = false enabled = false
interval = 60 interval = 60
prometheus_path = "/metrics" prometheus_path = "/metrics"
retention_days = 30 retention_days = 30
[orchestrator.monitoring.resources] [orchestrator.monitoring.resources]
alert_threshold = 80 alert_threshold = 80
cpu = false cpu = false
disk = false disk = false
memory = false memory = false
network = false network = false
[orchestrator.monitoring.tracing] [orchestrator.monitoring.tracing]
enabled = false enabled = false
sample_rate = 0.1 sample_rate = 0.1
[orchestrator.queue] [orchestrator.queue]
max_concurrent_tasks = 5 max_concurrent_tasks = 5
@ -95,9 +95,9 @@ retry_attempts = 3
retry_delay = 5000 retry_delay = 5000
task_timeout = 3600000 task_timeout = 3600000
[orchestrator.queue.dead_letter_queue] [orchestrator.queue.dead_letter_queue]
enabled = true enabled = true
max_size = 1000 max_size = 1000
[orchestrator.server] [orchestrator.server]
graceful_shutdown = true graceful_shutdown = true
@ -113,11 +113,11 @@ workers = 4
backend = "filesystem" backend = "filesystem"
path = "/var/lib/provisioning/orchestrator/data" path = "/var/lib/provisioning/orchestrator/data"
[orchestrator.storage.cache] [orchestrator.storage.cache]
enabled = true enabled = true
eviction_policy = "lru" eviction_policy = "lru"
ttl = 3600 ttl = 3600
type = "in_memory" type = "in_memory"
[orchestrator.workspace] [orchestrator.workspace]
enabled = true enabled = true

128
config/examples/orchestrator.solo.example.toml
View File

@ -3,15 +3,15 @@ metrics = false
operation_timeout = 1800000 operation_timeout = 1800000
parallel_limit = 5 parallel_limit = 5
[orchestrator.batch.checkpointing] [orchestrator.batch.checkpointing]
enabled = true enabled = true
interval = 100 interval = 100
max_checkpoints = 10 max_checkpoints = 10
[orchestrator.batch.rollback] [orchestrator.batch.rollback]
enabled = true enabled = true
max_rollback_depth = 5 max_rollback_depth = 5
strategy = "checkpoint_based" strategy = "checkpoint_based"
[orchestrator.extensions] [orchestrator.extensions]
auto_load = false auto_load = false
@ -25,66 +25,66 @@ format = "&"
level = "&" level = "&"
outputs = ["stdout"] outputs = ["stdout"]
[orchestrator.logging.fields] [orchestrator.logging.fields]
caller = false caller = false
hostname = true hostname = true
pid = true pid = true
service_name = true service_name = true
stack_trace = false stack_trace = false
timestamp = true timestamp = true
[orchestrator.logging.file] [orchestrator.logging.file]
compress = false compress = false
max_age = 30 max_age = 30
max_backups = 10 max_backups = 10
max_size = 104857600 max_size = 104857600
path = "/var/log/provisioning/service.log" path = "/var/log/provisioning/service.log"
[orchestrator.logging.performance] [orchestrator.logging.performance]
enabled = false enabled = false
memory_info = false memory_info = false
slow_threshold = 1000 slow_threshold = 1000
[orchestrator.logging.sampling] [orchestrator.logging.sampling]
enabled = false enabled = false
initial = 100 initial = 100
thereafter = 100 thereafter = 100
[orchestrator.logging.syslog] [orchestrator.logging.syslog]
protocol = "udp" protocol = "udp"
[orchestrator.monitoring] [orchestrator.monitoring]
enabled = false enabled = false
[orchestrator.monitoring.alerting] [orchestrator.monitoring.alerting]
enabled = false enabled = false
[orchestrator.monitoring.health_check] [orchestrator.monitoring.health_check]
enabled = false enabled = false
endpoint = "/health" endpoint = "/health"
healthy_threshold = 2 healthy_threshold = 2
interval = 30 interval = 30
timeout = 5000 timeout = 5000
type = "&" type = "&"
unhealthy_threshold = 3 unhealthy_threshold = 3
[orchestrator.monitoring.metrics] [orchestrator.monitoring.metrics]
buffer_size = 1000 buffer_size = 1000
enabled = false enabled = false
interval = 60 interval = 60
prometheus_path = "/metrics" prometheus_path = "/metrics"
retention_days = 30 retention_days = 30
[orchestrator.monitoring.resources] [orchestrator.monitoring.resources]
alert_threshold = 80 alert_threshold = 80
cpu = false cpu = false
disk = false disk = false
memory = false memory = false
network = false network = false
[orchestrator.monitoring.tracing] [orchestrator.monitoring.tracing]
enabled = false enabled = false
sample_rate = 0.1 sample_rate = 0.1
[orchestrator.queue] [orchestrator.queue]
max_concurrent_tasks = 5 max_concurrent_tasks = 5
@ -95,9 +95,9 @@ retry_attempts = 3
retry_delay = 5000 retry_delay = 5000
task_timeout = 3600000 task_timeout = 3600000
[orchestrator.queue.dead_letter_queue] [orchestrator.queue.dead_letter_queue]
enabled = true enabled = true
max_size = 1000 max_size = 1000
[orchestrator.server] [orchestrator.server]
graceful_shutdown = true graceful_shutdown = true
@ -113,11 +113,11 @@ workers = 4
backend = "filesystem" backend = "filesystem"
path = "/var/lib/provisioning/orchestrator/data" path = "/var/lib/provisioning/orchestrator/data"
[orchestrator.storage.cache] [orchestrator.storage.cache]
enabled = true enabled = true
eviction_policy = "lru" eviction_policy = "lru"
ttl = 3600 ttl = 3600
type = "in_memory" type = "in_memory"
[orchestrator.workspace] [orchestrator.workspace]
enabled = true enabled = true