willdot.net / at-container-registry
forked from evan.jarrett.net/at-container-registry
A container registry that uses the AT Protocol for manifest storage and S3 for blob storage.
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

at-container-registry / config-appview.example.yaml
at 7d8e1951899ff780b3b8d08f941e21a413d7cfa1 166 lines 7.6 kB view raw
Evan Jarrett update seamark theme, add 'delete all untagged' option on record page. add garbage collection flag for untagged
e886192a
1# ATCR AppView Configuration 2# Generated with defaults — edit as needed. 3 4# Configuration format version. 5version: "0.1" 6# Log level: debug, info, warn, error. 7log_level: info 8# Remote log shipping settings. 9log_shipper: 10 # Log shipping backend: "victoria", "opensearch", or "loki". Empty disables shipping. 11 backend: "" 12 # Remote log service endpoint, e.g. "http://victorialogs:9428". 13 url: "" 14 # Number of log entries to buffer before flushing to the remote service. 15 batch_size: 100 16 # Maximum time between flushes, even if batch is not full. 17 flush_interval: 5s 18 # Basic auth username for the log service (optional). 19 username: "" 20 # Basic auth password for the log service (optional). 21 password: "" 22# HTTP server and identity settings. 23server: 24 # Listen address, e.g. ":5000" or "127.0.0.1:5000". 25 addr: :5000 26 # Public-facing URL for OAuth callbacks and JWT realm. Auto-detected if empty. 27 base_url: "" 28 # DID of the hold service for blob storage, e.g. "did:web:hold01.atcr.io" (REQUIRED). 29 default_hold_did: "" 30 # Allows HTTP (not HTTPS) for DID resolution and uses transition:generic OAuth scope. 31 test_mode: false 32 # Path to P-256 private key for OAuth client authentication. Auto-generated on first run. 33 oauth_key_path: /var/lib/atcr/oauth/client.key 34 # Display name shown on OAuth authorization screens. 35 client_name: AT Container Registry 36 # Short name used in page titles and browser tabs. 37 client_short_name: ATCR 38 # Separate domains for OCI registry API (e.g. ["buoy.cr"]). First is primary. Browser visits redirect to BaseURL. 39 registry_domains: [] 40 # DIDs of holds this appview manages billing for. Tier updates are pushed to these holds. 41 managed_holds: 42 - did:web:172.28.0.3%3A8080 43# Web UI settings. 44ui: 45 # SQLite/libSQL database for OAuth sessions, stars, pull counts, and device approvals. 46 database_path: /var/lib/atcr/ui.db 47 # Visual theme name (e.g. "seamark"). Empty uses default atcr.io branding. 48 theme: "seamark" 49 # libSQL sync URL (libsql://...). Works with Turso cloud or self-hosted libsql-server. Leave empty for local-only SQLite. 50 libsql_sync_url: "" 51 # Auth token for libSQL sync. Required if libsql_sync_url is set. 52 libsql_auth_token: "" 53 # How often to sync with remote libSQL server. Default: 60s. 54 libsql_sync_interval: 1m0s 55# Health check and cache settings. 56health: 57 # How long to cache hold health check results. 58 cache_ttl: 15m0s 59 # How often to refresh hold health checks. 60 check_interval: 15m0s 61# ATProto Jetstream event stream settings. 62jetstream: 63 # Jetstream WebSocket endpoints, tried in order on failure. 64 urls: 65 - wss://jetstream2.us-west.bsky.network/subscribe 66 - wss://jetstream1.us-west.bsky.network/subscribe 67 - wss://jetstream2.us-east.bsky.network/subscribe 68 - wss://jetstream1.us-east.bsky.network/subscribe 69 # Sync existing records from PDS on startup. 70 backfill_enabled: true 71 # How often to re-run backfill to catch missed events. Set to 0 to only backfill on startup. 72 backfill_interval: 24h0m0s 73 # Relay endpoints for backfill, tried in order on failure. 74 relay_endpoints: 75 - https://relay1.us-east.bsky.network 76 - https://relay1.us-west.bsky.network 77 - https://zlay.waow.tech 78# JWT authentication settings. 79auth: 80 # RSA private key for signing registry JWTs issued to Docker clients. 81 key_path: /var/lib/atcr/auth/private-key.pem 82 # X.509 certificate matching the JWT signing key. 83 cert_path: /var/lib/atcr/auth/private-key.crt 84# Credential helper download settings. 85credential_helper: 86 # Tangled repository URL for credential helper downloads. 87 tangled_repo: "" 88# Legal page customization for self-hosted instances. 89legal: 90 # Organization name for Terms of Service and Privacy Policy. Defaults to server.client_name. 91 company_name: "" 92 # Governing law jurisdiction for legal terms. 93 jurisdiction: "" 94# Stripe billing integration (requires -tags billing build). 95billing: 96 # Stripe secret key. Can also be set via STRIPE_SECRET_KEY env var (takes precedence). Billing is enabled automatically when set. 97 stripe_secret_key: "" 98 # Stripe webhook signing secret. Can also be set via STRIPE_WEBHOOK_SECRET env var (takes precedence). 99 webhook_secret: "" 100 # ISO 4217 currency code (e.g. "usd"). 101 currency: usd 102 # Redirect URL after successful checkout. Use {base_url} placeholder. 103 success_url: '{base_url}/settings#storage' 104 # Redirect URL after cancelled checkout. Use {base_url} placeholder. 105 cancel_url: '{base_url}/settings#storage' 106 # Subscription tiers ordered by rank (lowest to highest). 107 tiers: 108 - # Tier name. Position in list determines rank (0-based). 109 name: free 110 # Short description shown on the plan card. 111 description: Get started with basic storage 112 # List of features included in this tier. 113 features: [] 114 # Stripe price ID for monthly billing. Empty = free tier. 115 stripe_price_monthly: "" 116 # Stripe price ID for yearly billing. 117 stripe_price_yearly: "" 118 # Maximum webhooks for this tier (-1 = unlimited). 119 max_webhooks: 1 120 # Allow all webhook trigger types (not just first-scan). 121 webhook_all_triggers: false 122 supporter_badge: false 123 - # Tier name. Position in list determines rank (0-based). 124 name: Supporter 125 # Short description shown on the plan card. 126 description: Get started with basic storage 127 # List of features included in this tier. 128 features: [] 129 # Stripe price ID for monthly billing. Empty = free tier. 130 stripe_price_monthly: "" 131 # Stripe price ID for yearly billing. 132 stripe_price_yearly: "price_1SmK1mRROAC4bYmSwhTQ7RY9" 133 # Maximum webhooks for this tier (-1 = unlimited). 134 max_webhooks: 1 135 # Allow all webhook trigger types (not just first-scan). 136 webhook_all_triggers: false 137 supporter_badge: true 138 - # Tier name. Position in list determines rank (0-based). 139 name: bosun 140 # Short description shown on the plan card. 141 description: More storage with scan-on-push 142 # List of features included in this tier. 143 features: [] 144 # Stripe price ID for monthly billing. Empty = free tier. 145 stripe_price_monthly: "price_1SmK4QRROAC4bYmSxpr35HUl" 146 # Stripe price ID for yearly billing. 147 stripe_price_yearly: "price_1SmJuLRROAC4bYmSUgVCwZWo" 148 # Maximum webhooks for this tier (-1 = unlimited). 149 max_webhooks: 10 150 # Allow all webhook trigger types (not just first-scan). 151 webhook_all_triggers: true 152 supporter_badge: true 153 # - # Tier name. Position in list determines rank (0-based). 154 # name: quartermaster 155 # # Short description shown on the plan card. 156 # description: Maximum storage for power users 157 # # List of features included in this tier. 158 # features: [] 159 # # Stripe price ID for monthly billing. Empty = free tier. 160 # stripe_price_monthly: price_xxx 161 # # Stripe price ID for yearly billing. 162 # stripe_price_yearly: price_yyy 163 # # Maximum webhooks for this tier (-1 = unlimited). 164 # max_webhooks: -1 165 # # Allow all webhook trigger types (not just first-scan). 166 # webhook_all_triggers: true