evan.jarrett.net / at-container-registry
A container registry that uses the AT Protocol for manifest storage and S3 for blob storage. atcr.io
docker container atproto go
72
fork

Configure Feed

Select the types of activity you want to include in your feed.

at-container-registry / config-appview.example.yaml
at main 164 lines 7.6 kB view raw
Evan Jarrett large list of ui fixes for accessibility/hardening etc.
f057f169
1# ATCR AppView Configuration 2# Generated with defaults — edit as needed. 3 4# Configuration format version. 5version: "0.1" 6# Log level: debug, info, warn, error. 7log_level: info 8# Remote log shipping settings. 9log_shipper: 10 # Log shipping backend: "victoria", "opensearch", or "loki". Empty disables shipping. 11 backend: "" 12 # Remote log service endpoint, e.g. "http://victorialogs:9428". 13 url: "" 14 # Number of log entries to buffer before flushing to the remote service. 15 batch_size: 100 16 # Maximum time between flushes, even if batch is not full. 17 flush_interval: 5s 18 # Basic auth username for the log service (optional). 19 username: "" 20 # Basic auth password for the log service (optional). 21 password: "" 22# HTTP server and identity settings. 23server: 24 # Listen address, e.g. ":5000" or "127.0.0.1:5000". 25 addr: :5000 26 # Public-facing URL for OAuth callbacks and JWT realm. Auto-detected if empty. 27 base_url: "" 28 # DID of the hold service for blob storage, e.g. "did:web:hold01.atcr.io" (REQUIRED). 29 default_hold_did: "" 30 # Allows HTTP (not HTTPS) for DID resolution and uses transition:generic OAuth scope. 31 test_mode: false 32 # Path to P-256 private key for OAuth client authentication. Auto-generated on first run. 33 oauth_key_path: /var/lib/atcr/oauth/client.key 34 # Display name shown on OAuth authorization screens. 35 client_name: AT Container Registry 36 # Short name used in page titles and browser tabs. 37 client_short_name: ATCR 38 # Separate domains for OCI registry API (e.g. ["buoy.cr"]). First is primary. Browser visits redirect to BaseURL. 39 registry_domains: [] 40 # DIDs of holds this appview manages billing for. Tier updates are pushed to these holds. 41 managed_holds: 42 - did:web:172.28.0.3%3A8080 43# Web UI settings. 44ui: 45 # SQLite/libSQL database for OAuth sessions, stars, pull counts, and device approvals. 46 database_path: /var/lib/atcr/ui.db 47 # Visual theme name (e.g. "seamark"). Empty uses default atcr.io branding. 48 theme: "seamark" 49 # libSQL sync URL (libsql://...). Works with Turso cloud or self-hosted libsql-server. Leave empty for local-only SQLite. 50 libsql_sync_url: "" 51 # Auth token for libSQL sync. Required if libsql_sync_url is set. 52 libsql_auth_token: "" 53 # How often to sync with remote libSQL server. Default: 60s. 54 libsql_sync_interval: 1m0s 55 # Source code URL displayed in the footer "Source" link. Defaults to the upstream ATCR project. 56 source_url: https://tangled.org/evan.jarrett.net/at-container-registry 57# Health check and cache settings. 58health: 59 # How long to cache hold health check results. 60 cache_ttl: 15m0s 61 # How often to refresh hold health checks. 62 check_interval: 15m0s 63# ATProto Jetstream event stream settings. 64jetstream: 65 # Jetstream WebSocket endpoints, tried in order on failure. 66 urls: 67 - wss://jetstream2.us-west.bsky.network/subscribe 68 - wss://jetstream1.us-west.bsky.network/subscribe 69 - wss://jetstream2.us-east.bsky.network/subscribe 70 - wss://jetstream1.us-east.bsky.network/subscribe 71 # Sync existing records from PDS on startup. 72 backfill_enabled: true 73 # How often to re-run backfill to catch missed events. Set to 0 to only backfill on startup. 74 backfill_interval: 24h0m0s 75 # Relay endpoints for backfill, tried in order on failure. 76 relay_endpoints: 77 - https://relay1.us-east.bsky.network 78 - https://relay1.us-west.bsky.network 79# JWT authentication settings. 80auth: 81 # RSA private key for signing registry JWTs issued to Docker clients. 82 key_path: /var/lib/atcr/auth/private-key.pem 83 # X.509 certificate matching the JWT signing key. 84 cert_path: /var/lib/atcr/auth/private-key.crt 85# Legal page customization for self-hosted instances. 86legal: 87 # Organization name for Terms of Service and Privacy Policy. Defaults to server.client_name. 88 company_name: "" 89 # Governing law jurisdiction for legal terms. 90 jurisdiction: "" 91# AI-powered image advisor settings. 92ai: 93 # Anthropic API key for AI Image Advisor. Also reads CLAUDE_API_KEY env var as fallback. 94 api_key: "" 95# Stripe billing integration (requires -tags billing build). 96billing: 97 # Stripe secret key. Can also be set via STRIPE_SECRET_KEY env var (takes precedence). Billing is enabled automatically when set. 98 stripe_secret_key: "" 99 # Stripe webhook signing secret. Can also be set via STRIPE_WEBHOOK_SECRET env var (takes precedence). 100 webhook_secret: "" 101 # ISO 4217 currency code (e.g. "usd"). 102 currency: usd 103 # Redirect URL after successful checkout. Use {base_url} placeholder. 104 success_url: '{base_url}/settings/billing' 105 # Redirect URL after cancelled checkout. Use {base_url} placeholder. 106 cancel_url: '{base_url}/settings/billing' 107 # Subscription tiers ordered by rank (lowest to highest). 108 tiers: 109 - # Tier name. Position in list determines rank (0-based). 110 name: free 111 # Short description shown on the plan card. 112 description: Get started with basic storage 113 # List of features included in this tier. 114 features: [] 115 # Stripe price ID for monthly billing. Empty = free tier. 116 stripe_price_monthly: "" 117 # Stripe price ID for yearly billing. 118 stripe_price_yearly: "" 119 # Maximum webhooks for this tier (-1 = unlimited). 120 max_webhooks: 1 121 # Allow all webhook trigger types (not just first-scan). 122 webhook_all_triggers: false 123 # Enable AI Image Advisor for this tier. 124 ai_advisor: false 125 # Show supporter badge on user profiles for subscribers at this tier. 126 supporter_badge: false 127 - # Tier name. Position in list determines rank (0-based). 128 name: Supporter 129 # Short description shown on the plan card. 130 description: Get started with basic storage 131 # List of features included in this tier. 132 features: [] 133 # Stripe price ID for monthly billing. Empty = free tier. 134 stripe_price_monthly: "" 135 # Stripe price ID for yearly billing. 136 stripe_price_yearly: "price_1SmK1mRROAC4bYmSwhTQ7RY9" 137 # Maximum webhooks for this tier (-1 = unlimited). 138 max_webhooks: 1 139 # Allow all webhook trigger types (not just first-scan). 140 webhook_all_triggers: true 141 # Enable AI Image Advisor for this tier. 142 ai_advisor: true 143 # Show supporter badge on user profiles for subscribers at this tier. 144 supporter_badge: true 145 - # Tier name. Position in list determines rank (0-based). 146 name: bosun 147 # Short description shown on the plan card. 148 description: More storage with scan-on-push 149 # List of features included in this tier. 150 features: [] 151 # Stripe price ID for monthly billing. Empty = free tier. 152 stripe_price_monthly: "price_1SmK4QRROAC4bYmSxpr35HUl" 153 # Stripe price ID for yearly billing. 154 stripe_price_yearly: "price_1SmJuLRROAC4bYmSUgVCwZWo" 155 # Maximum webhooks for this tier (-1 = unlimited). 156 max_webhooks: 10 157 # Allow all webhook trigger types (not just first-scan). 158 webhook_all_triggers: true 159 # Enable AI Image Advisor for this tier. 160 ai_advisor: true 161 # Show supporter badge on user profiles for subscribers at this tier. 162 supporter_badge: true 163 # Show supporter badge on hold owner profiles. 164 owner_badge: true