provisioning/schemas/platform/extension-registry.ncl

# Extension Registry Schema
# Multi-instance extension distribution via Git sources (Gitea, Forgejo, GitHub) and OCI registries

let constraints = import "schemas/platform/common/constraints.ncl" in
let docker_build_schema = import "schemas/platform/docker-build.ncl" in

{
    # Gitea/Forgejo/GitHub source backend configuration
    SourceBackendConfig = {
        id | String | optional,
        url | String,
        organization | String,
        token_path | String,
        timeout_seconds | Number | default = 30,
        verify_ssl | Bool | default = true,
    },

    # OCI registry distribution backend configuration
    DistributionBackendConfig = {
        id | String | optional,
        registry | String,
        namespace | String,
        auth_token_path | String | optional,
        timeout_seconds | Number | default = 30,
        verify_ssl | Bool | default = true,
    },

    # Multi-instance source backends configuration
    SourcesConfig = {
        gitea | Array SourceBackendConfig | default = [],
        forgejo | Array SourceBackendConfig | default = [],
        github | Array SourceBackendConfig | default = [],
    },

    # Multi-instance distribution backends configuration
    DistributionsConfig = {
        oci | Array DistributionBackendConfig | default = [],
    },

    # Server configuration
    ServerConfig = {
        host | String | default = "0.0.0.0",
        port | Number | default = 9005 | constraints.port_high,
        workers | Number | default = 4,
        enable_cors | Bool | default = false,
        enable_compression | Bool | default = true,
    },

    # Cache configuration
    CacheConfig = {
        capacity | Number | default = 1000,
        ttl_seconds | Number | default = 300,
        enable_metadata_cache | Bool | default = true,
        enable_list_cache | Bool | default = true,
        extensions_dir | String | optional,
        ttl_hours | Number | optional,
    },

    # Legacy single-instance configuration (auto-migrated to multi-instance)
    LegacySourceConfig = {
        url | String,
        organization | String,
        token_path | String,
        timeout_seconds | Number | optional,
        verify_ssl | Bool | optional,
    },

    LegacyDistributionConfig = {
        registry | String | optional,
        namespace | String | optional,
        auth_token_path | String | optional,
        timeout_seconds | Number | optional,
        verify_ssl | Bool | optional,
        registry_url | String | optional,
        auth | {
            enabled | Bool | optional,
        } | optional,
        tls_verify | Bool | optional,
    },

    # Main registry configuration
    RegistryConfig = {
        server | ServerConfig | default = {},

        # New multi-instance format (recommended)
        sources | SourcesConfig | default = {},
        distributions | DistributionsConfig | default = {},

        # Legacy single-instance format (auto-migrated on startup)
        gitea | LegacySourceConfig | optional,
        oci | LegacyDistributionConfig | optional,

        # Cache configuration
        cache | CacheConfig | default = {},

        # Docker build configuration
        build | docker_build_schema.DockerBuildConfig | optional,
    },
}