-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathconfig-docker.yaml
More file actions
74 lines (62 loc) · 2.25 KB
/
config-docker.yaml
File metadata and controls
74 lines (62 loc) · 2.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
# Docker Compose configuration for ToolHive Registry API
#
# This configuration is designed for use with docker-compose.yaml in the repository root.
# It demonstrates database-backed registry with PostgreSQL using the two-user security model.
#
# Prerequisites:
# - Docker and Docker Compose installed
# - pgpass file mounted at /root/.pgpass with credentials for both users
#
# Usage:
# docker-compose up
#
# The docker-compose setup includes:
# 1. postgres - PostgreSQL 18 database server
# 2. registry-api - Main API server (runs migrations automatically on startup)
#
# Two-User Security Model:
# - db_app: Application user with limited privileges (SELECT, INSERT, UPDATE, DELETE)
# - db_migrator: Migration user with elevated privileges (CREATE, ALTER, DROP)
#
# Password management via pgpass file (mounted at /root/.pgpass):
# postgres:5432:registry:db_app:app_password
# postgres:5432:registry:db_migrator:migration_password
# Sources configuration (can have multiple sources)
sources:
- name: local-file
# Local file configuration
# Use file source for docker-compose demo
# The registry file is available in the mounted examples directory
file:
path: /examples/upstream-registry.json
# Per-registry automatic synchronization policy
syncPolicy:
# Check for file changes every 5 minutes
interval: "5m"
registries:
- name: default
sources: ["local-file"]
auth:
mode: anonymous
# PostgreSQL database configuration
# Uses two-user security model: separate users for operations and migrations
database:
# Use service name from docker-compose as hostname
host: postgres
# PostgreSQL default port
port: 5432
# Application user (limited privileges: SELECT, INSERT, UPDATE, DELETE)
# Credentials provided via pgpass file
user: db_app
# Migration user (elevated privileges: CREATE, ALTER, DROP)
# Used for running database schema migrations
# Credentials provided via pgpass file
migrationUser: db_migrator
# Database name (must match POSTGRES_DB in docker-compose.yaml)
database: registry
# Disable SSL for local Docker network (NOT for production!)
sslMode: disable
# Connection pool settings optimized for local development
maxOpenConns: 10
maxIdleConns: 2
connMaxLifetime: "30m"