# Modes MultiUser Defaults # Default configuration for multi-user deployment mode let base_defaults = import "../base/defaults.ncl" in { multiuser_mode = { mode_name = 'multi_user, description = "Team collaboration with shared services", authentication = base_defaults.token_auth, services = { orchestrator = { deployment = 'remote, remote_config = { endpoint = "orchestrator.company.local", port = 8080, tls_enabled = true, verify_ssl = true, timeout = 30, retries = 3, }, }, control_center = { deployment = 'remote, remote_config = { endpoint = "control.company.local", port = 8081, tls_enabled = true, }, }, coredns = { deployment = 'remote, remote_config = { endpoint = "dns.company.local", port = 53, tls_enabled = false, }, }, gitea = { deployment = 'remote, remote_config = { endpoint = "git.company.local", port = 443, tls_enabled = true, }, }, oci_registry = { deployment = 'remote, type = 'harbor, endpoint = "harbor.company.local", tls_enabled = true, auth_required = true, remote = { timeout = 30, retries = 3, verify_ssl = true, }, namespaces = { extensions = "provisioning-extensions", kcl_packages = "provisioning-kcl", platform_images = "provisioning-platform", test_images = "provisioning-test", }, }, }, extensions = { source = 'oci, oci_registry = { enabled = true, endpoint = "harbor.company.local", namespace = "provisioning-extensions", auth_token_path = "~/.provisioning/tokens/oci", tls_enabled = true, verify_ssl = true, cache_dir = "~/.provisioning/oci-cache", }, }, workspaces = base_defaults.user_locking, security = base_defaults.standard_security, resource_limits = { max_servers_per_user = 10, max_cpu_cores_per_user = 32, max_memory_gb_per_user = 128, max_storage_gb_per_user = 500, max_total_servers = 100, max_total_cpu_cores = 320, max_total_memory_gb = 1024, }, }, }