provisioning-platform/templates/control-center.ncl.j2

90 lines
3.3 KiB
Django/Jinja

# Control Center Configuration
# Generated by TypeDialog - Edit via configure-control-center.sh
# Rust struct: platform/crates/control-center/src/config.rs::ControlCenterConfig
{
server = {
host = "{{ server_host }}",
port = {{ server_port }},
cors_origins = {{ server_cors_origins | json }},
request_timeout_ms = {{ server_request_timeout_ms }},
max_request_size = {{ server_max_request_size }},
},
database = {
url = "{{ database_url }}",
namespace = "{{ database_namespace }}",
database = "{{ database_database }}",
{% if database_username %}
username = "{{ database_username }}",
{% endif %}
{% if database_password %}
password = "{{ database_password }}",
{% endif %}
connection_timeout_ms = {{ database_connection_timeout_ms }},
},
policies = {
policy_dir = "{{ policies_policy_dir }}",
schema_dir = "{{ policies_schema_dir }}",
templates_dir = "{{ policies_templates_dir }}",
enable_versioning = {{ policies_enable_versioning }},
enable_caching = {{ policies_enable_caching }},
cache_ttl_seconds = {{ policies_cache_ttl_seconds }},
validation_strict = {{ policies_validation_strict }},
hooks = {
pre_execution = {{ policies_hooks_pre_execution | json }},
post_execution = {{ policies_hooks_post_execution | json }},
on_policy_violation = {{ policies_hooks_on_policy_violation | json }},
},
},
auth = {
jwt_secret = "{{ auth_jwt_secret }}",
jwt_expiry_hours = {{ auth_jwt_expiry_hours }},
require_mfa = {{ auth_require_mfa }},
password_policy = {
min_length = {{ auth_password_policy_min_length }},
require_uppercase = {{ auth_password_policy_require_uppercase }},
require_lowercase = {{ auth_password_policy_require_lowercase }},
require_numbers = {{ auth_password_policy_require_numbers }},
require_special_chars = {{ auth_password_policy_require_special_chars }},
max_age_days = {{ auth_password_policy_max_age_days }},
},
session_timeout_minutes = {{ auth_session_timeout_minutes }},
},
compliance = {
soc2 = {
enabled = {{ compliance_soc2_enabled }},
audit_log_retention_days = {{ compliance_soc2_audit_log_retention_days }},
require_approval_for_production = {{ compliance_soc2_require_approval_for_production }},
sensitive_data_encryption = {{ compliance_soc2_sensitive_data_encryption }},
},
hipaa = {
enabled = {{ compliance_hipaa_enabled }},
require_data_minimization = {{ compliance_hipaa_require_data_minimization }},
audit_all_access = {{ compliance_hipaa_audit_all_access }},
encrypt_at_rest = {{ compliance_hipaa_encrypt_at_rest }},
encrypt_in_transit = {{ compliance_hipaa_encrypt_in_transit }},
},
reports = {
enabled = {{ compliance_reports_enabled }},
frequency = "{{ compliance_reports_frequency }}",
email_recipients = {{ compliance_reports_email_recipients | json }},
},
},
anomaly = {
enabled = {{ anomaly_enabled }},
threshold = {{ anomaly_threshold }},
check_interval_seconds = {{ anomaly_check_interval_seconds }},
},
logging = {
level = "{{ logging_level }}",
format = "{{ logging_format }}",
max_file_size = "{{ logging_max_file_size }}",
max_files = {{ logging_max_files }},
},
}