# Extension Registry - Enterprise Mode # High-availability multi-source, multi-registry configuration let registry_schema = import "../schemas/extension-registry.ncl" in { extension_registry | registry_schema.RegistryConfig = { server = { host = "0.0.0.0", port = 8081, workers = 16, enable_cors = true, enable_compression = true, }, sources = { # Primary and secondary Gitea instances (failover) gitea = [ { id = "primary-gitea", url = "https://gitea-primary.company.prod:443", organization = "provisioning", token_path = "/etc/secrets/gitea-primary-token.txt", timeout_seconds = 30, verify_ssl = true, }, { id = "secondary-gitea", url = "https://gitea-secondary.company.prod:443", organization = "provisioning", token_path = "/etc/secrets/gitea-secondary-token.txt", timeout_seconds = 30, verify_ssl = true, }, ], # Forgejo for community extensions forgejo = [ { id = "community-forgejo", url = "https://forge.company.prod:443", organization = "provisioning", token_path = "/etc/secrets/forgejo-token.txt", timeout_seconds = 30, verify_ssl = true, }, ], # GitHub organization github = [ { id = "company-github", organization = "company-provisioning", token_path = "/etc/secrets/github-token.txt", timeout_seconds = 30, verify_ssl = true, }, ], }, distributions = { # Multiple OCI registries for distribution oci = [ { id = "primary-zot", registry = "zot-primary.company.prod:5000", namespace = "provisioning/extensions", timeout_seconds = 30, verify_ssl = true, }, { id = "secondary-harbor", registry = "harbor-secondary.company.prod:443", namespace = "provisioning", auth_token_path = "/etc/secrets/harbor-token.txt", timeout_seconds = 30, verify_ssl = true, }, { id = "public-docker", registry = "docker.io", namespace = "company-provisioning", auth_token_path = "/etc/secrets/docker-hub-token.txt", timeout_seconds = 30, verify_ssl = true, }, ], }, cache = { capacity = 10000, ttl_seconds = 1800, enable_metadata_cache = true, enable_list_cache = true, }, }, }