44648e3206
- Remove KCL ecosystem (~220 files deleted) - Migrate all infrastructure to Nickel schema system - Consolidate documentation: legacy docs → provisioning/docs/src/ - Add CI/CD workflows (.github/) and Rust build config (.cargo/) - Update core system for Nickel schema parsing - Update README.md and CHANGES.md for v5.0.0 release - Fix pre-commit hooks: end-of-file, trailing-whitespace - Breaking changes: KCL workspaces require migration - Migration bridge available in docs/src/development/
255 lines
7.8 KiB
Django/Jinja
255 lines
7.8 KiB
Django/Jinja
# Control Center Configuration - Nickel Format
|
|
# Auto-generated by provisioning TypeDialog
|
|
# Edit via: nu provisioning/.typedialog/provisioning/platform/scripts/configure.nu control-center {mode}
|
|
|
|
let control_center_schema = import "../schemas/control-center.ncl" in
|
|
|
|
{
|
|
control_center | control_center_schema.ControlCenterConfig = {
|
|
# Workspace Configuration
|
|
workspace = {
|
|
{%- if workspace_name %}
|
|
name = "{{ workspace_name }}",
|
|
{%- endif %}
|
|
{%- if workspace_path %}
|
|
path = "{{ workspace_path }}",
|
|
{%- endif %}
|
|
{%- if workspace_enabled is defined %}
|
|
enabled = {{ workspace_enabled | lower }},
|
|
{%- endif %}
|
|
{%- if multi_workspace_mode is defined %}
|
|
multi_workspace = {{ multi_workspace_mode | lower }},
|
|
{%- endif %}
|
|
},
|
|
|
|
# HTTP Server Configuration
|
|
server = {
|
|
{%- if server_host %}
|
|
host = "{{ server_host }}",
|
|
{%- endif %}
|
|
{%- if server_port %}
|
|
port = {{ server_port }},
|
|
{%- endif %}
|
|
{%- if server_workers %}
|
|
workers = {{ server_workers }},
|
|
{%- endif %}
|
|
{%- if server_keep_alive %}
|
|
keep_alive = {{ server_keep_alive }},
|
|
{%- endif %}
|
|
{%- if server_max_connections %}
|
|
max_connections = {{ server_max_connections }},
|
|
{%- endif %}
|
|
{%- if server_request_timeout %}
|
|
request_timeout = {{ server_request_timeout }},
|
|
{%- endif %}
|
|
{%- if server_graceful_shutdown is defined %}
|
|
graceful_shutdown = {{ server_graceful_shutdown | lower }},
|
|
{%- endif %}
|
|
{%- if server_shutdown_timeout %}
|
|
shutdown_timeout = {{ server_shutdown_timeout }},
|
|
{%- endif %}
|
|
},
|
|
|
|
# Database Configuration
|
|
database = {
|
|
{%- if database_backend %}
|
|
backend = "{{ database_backend }}",
|
|
{%- endif %}
|
|
{%- if database_path %}
|
|
path = "{{ database_path }}",
|
|
{%- endif %}
|
|
{%- if database_pool_size %}
|
|
pool_size = {{ database_pool_size }},
|
|
{%- endif %}
|
|
{%- if database_timeout %}
|
|
timeout = {{ database_timeout }},
|
|
{%- endif %}
|
|
{%- if database_retry_attempts %}
|
|
retry_attempts = {{ database_retry_attempts }},
|
|
{%- endif %}
|
|
{%- if database_retry_delay %}
|
|
retry_delay = {{ database_retry_delay }},
|
|
{%- endif %}
|
|
},
|
|
|
|
# Security Configuration (JWT, RBAC, MFA, etc.)
|
|
security = {
|
|
{%- if jwt_enabled is defined %}
|
|
jwt = {
|
|
enabled = {{ jwt_enabled | lower }},
|
|
{%- if jwt_issuer %}
|
|
issuer = "{{ jwt_issuer }}",
|
|
{%- endif %}
|
|
{%- if jwt_audience %}
|
|
audience = "{{ jwt_audience }}",
|
|
{%- endif %}
|
|
{%- if jwt_token_expiration %}
|
|
token_expiration = {{ jwt_token_expiration }},
|
|
{%- endif %}
|
|
{%- if jwt_signing_method %}
|
|
signing_method = "{{ jwt_signing_method }}",
|
|
{%- endif %}
|
|
{%- if jwt_algorithm %}
|
|
algorithm = "{{ jwt_algorithm }}",
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
{%- if rbac_enabled is defined %}
|
|
rbac = {
|
|
enabled = {{ rbac_enabled | lower }},
|
|
{%- if rbac_hierarchy is defined %}
|
|
hierarchy = {{ rbac_hierarchy | lower }},
|
|
{%- endif %}
|
|
{%- if rbac_default_role %}
|
|
default_role = "{{ rbac_default_role }}",
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
},
|
|
|
|
# Policy Engine Configuration
|
|
policy = {
|
|
{%- if policy_enabled is defined %}
|
|
enabled = {{ policy_enabled | lower }},
|
|
{%- endif %}
|
|
{%- if policy_cache_enabled is defined %}
|
|
cache = {
|
|
enabled = {{ policy_cache_enabled | lower }},
|
|
{%- if policy_cache_ttl %}
|
|
ttl = {{ policy_cache_ttl }},
|
|
{%- endif %}
|
|
{%- if policy_cache_max_policies %}
|
|
max_policies = {{ policy_cache_max_policies }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
{%- if policy_versioning_enabled is defined %}
|
|
versioning = {
|
|
enabled = {{ policy_versioning_enabled | lower }},
|
|
{%- if policy_versioning_max_versions %}
|
|
max_versions = {{ policy_versioning_max_versions }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
},
|
|
|
|
# RBAC Configuration
|
|
rbac = {
|
|
{%- if rbac_roles_admin is defined %}
|
|
enabled = true,
|
|
hierarchy = true,
|
|
{%- if rbac_dynamic_roles is defined %}
|
|
dynamic_roles = {{ rbac_dynamic_roles | lower }},
|
|
{%- endif %}
|
|
{%- if rbac_default_role_name %}
|
|
default_role = "{{ rbac_default_role_name }}",
|
|
{%- endif %}
|
|
roles = {
|
|
{%- if rbac_roles_admin is defined %}
|
|
admin = {{ rbac_roles_admin | lower }},
|
|
{%- endif %}
|
|
{%- if rbac_roles_operator is defined %}
|
|
operator = {{ rbac_roles_operator | lower }},
|
|
{%- endif %}
|
|
{%- if rbac_roles_viewer is defined %}
|
|
viewer = {{ rbac_roles_viewer | lower }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
},
|
|
|
|
# User Management
|
|
users = {
|
|
{%- if users_enabled is defined %}
|
|
enabled = {{ users_enabled | lower }},
|
|
{%- endif %}
|
|
{%- if users_registration_enabled is defined %}
|
|
registration = {
|
|
enabled = {{ users_registration_enabled | lower }},
|
|
{%- if users_registration_requires_approval is defined %}
|
|
requires_approval = {{ users_registration_requires_approval | lower }},
|
|
{%- endif %}
|
|
{%- if users_registration_auto_role %}
|
|
auto_assign_role = "{{ users_registration_auto_role }}",
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
{%- if users_sessions_max_active %}
|
|
sessions = {
|
|
max_active = {{ users_sessions_max_active }},
|
|
{%- if users_sessions_idle_timeout %}
|
|
idle_timeout = {{ users_sessions_idle_timeout }},
|
|
{%- endif %}
|
|
{%- if users_sessions_absolute_timeout %}
|
|
absolute_timeout = {{ users_sessions_absolute_timeout }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
{%- if users_audit_enabled is defined %}
|
|
audit_enabled = {{ users_audit_enabled | lower }},
|
|
{%- endif %}
|
|
},
|
|
|
|
# Audit Logging Configuration
|
|
{%- if audit_enabled is defined %}
|
|
audit = {
|
|
enabled = {{ audit_enabled | lower }},
|
|
{%- if audit_retention_days %}
|
|
storage = {
|
|
retention_days = {{ audit_retention_days }},
|
|
{%- if audit_immutable is defined %}
|
|
immutable = {{ audit_immutable | lower }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
{%- if audit_redact_sensitive is defined %}
|
|
redact_sensitive = {{ audit_redact_sensitive | lower }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
|
|
# Compliance Configuration
|
|
{%- if compliance_enabled is defined %}
|
|
compliance = {
|
|
enabled = {{ compliance_enabled | lower }},
|
|
{%- if compliance_validation_enabled is defined %}
|
|
validation = {
|
|
enabled = {{ compliance_validation_enabled | lower }},
|
|
{%- if compliance_validation_interval %}
|
|
interval_hours = {{ compliance_validation_interval }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
{%- if compliance_data_retention_years %}
|
|
data_retention = {
|
|
policy_years = {{ compliance_data_retention_years }},
|
|
{%- if compliance_audit_log_days %}
|
|
audit_log_days = {{ compliance_audit_log_days }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
{%- if compliance_encryption_required is defined %}
|
|
encryption_required = {{ compliance_encryption_required | lower }},
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
|
|
# Monitoring Configuration (optional)
|
|
{%- if monitoring_enabled is defined %}
|
|
monitoring = {
|
|
enabled = {{ monitoring_enabled | lower }},
|
|
},
|
|
{%- endif %}
|
|
|
|
# Logging Configuration (optional)
|
|
{%- if logging_level %}
|
|
logging = {
|
|
level = "{{ logging_level }}",
|
|
{%- if logging_format %}
|
|
format = "{{ logging_format }}",
|
|
{%- endif %}
|
|
},
|
|
{%- endif %}
|
|
},
|
|
}
|