1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
|
################################
# 🦎 KOMODO PERIPHERY CONFIG 🦎 #
################################
## This is the offical "Default" config file for Komodo Periphery.
## It serves as documentation for the meaning of the fields.
## It is located at `https://github.com/moghtech/komodo/blob/main/config/periphery.config.toml`.
## All fields with a "Default" provided are optional. If they are
## left out of the file, the "Default" value will be used.
## If Periphery was installed on the host (systemd install script), this
## file will be located either in `/etc/komodo/periphery.config.toml`,
## or for user installs, `$HOME/.config/komodo/periphery.config.toml`.
## Optional. The port the server runs on.
## Env: PERIPHERY_PORT
## Default: 8120
port = 8120
## The IP address the periphery server will bind to.
## The default will allow it to accept external IPv4 and IPv6 connections.
## Env: PERIPHERY_BIND_IP
## Default: [::]
bind_ip = "[::]"
## The directory periphery will use as the default base for the directories it uses.
## The periphery user must have write access to this directory.
## Env: PERIPHERY_ROOT_DIRECTORY
## Default: /etc/komodo
root_directory = "/srv/komodo"
## Optional. Override the directory periphery will use to manage repos.
## The periphery user must have write access to this directory.
## Env: PERIPHERY_REPO_DIR
## Default: ${root_directory}/repos
# repo_dir = "/etc/komodo/repos"
## Optional. Override the directory periphery will use to manage stacks.
## The periphery user must have write access to this directory.
## Env: PERIPHERY_STACK_DIR
## Default: ${root_directory}/stacks
# stack_dir = "/etc/komodo/stacks"
## Optional. Override the directory periphery will use to manage builds.
## The periphery user must have write access to this directory.
## Env: PERIPHERY_BUILD_DIR
## Default: ${root_directory}/builds
# build_dir = "/etc/komodo/builds"
## Disable the terminal APIs and disallow remote shell access through Periphery.
## Env: PERIPHERY_DISABLE_TERMINALS
## Default: false
disable_terminals = false
## How often Periphery polls the host for system stats,
## like CPU / memory usage. To effectively disable polling,
## set this to something like 1-hr.
## Env: PERIPHERY_STATS_POLLING_RATE
## Options: 1-sec, 5-sec, 10-sec, 30-sec, 1-min, 5-min, 30-min, 1-hr
## Default: 5-sec
stats_polling_rate = "5-sec"
## Whether stack actions should use `docker-compose ...`
## instead of `docker compose ...`.
## Env: PERIPHERY_LEGACY_COMPOSE_CLI
## Default: false
legacy_compose_cli = false
## Optional. Only include mounts at specific paths in the disk report.
## Env: PERIPHERY_INCLUDE_DISK_MOUNTS
## Default: empty, which won't filter down the disks.
include_disk_mounts = []
## Optional. Don't include these mounts in the disk report.
## Env: PERIPHERY_EXCLUDE_DISK_MOUNTS
## Default: empty, which won't exclude any disks.
exclude_disk_mounts = []
########
# AUTH #
########
## Optional. Limit the ip addresses which can call the periphery api.
## Env: PERIPHERY_ALLOWED_IPS
## Default: empty, which will not block any request by ip.
allowed_ips = []
## Optional. Require callers to provide on of the provided passkeys to access the periphery api.
## Env: PERIPHERY_PASSKEYS or PERIPHERY_PASSKEYS_FILE
## Default: empty, which will not require any passkey to be passed by core.
passkeys = []
############
# Security #
############
## Enable HTTPS server using the given key and cert.
## If true and a key / cert at the given paths are not found,
## self signed keys will be generated using openssl.
## Env: PERIPHERY_SSL_ENABLED
## Default: false (will change to `true` in later release)
ssl_enabled = true
## Path to the ssl key.
## Env: PERIPHERY_SSL_KEY_FILE
## Default: /etc/komodo/ssl/key.pem
ssl_key_file = "/srv/komodo-periphery/ssl/key.pem"
## Path to the ssl cert.
## Env: PERIPHERY_SSL_CERT_FILE
## Default: /etc/komodo/ssl/cert.pem
ssl_cert_file = "/srv/komodo-periphery/ssl/cert.pem"
###########
# LOGGING #
###########
## Specify the logging verbosity
## Options: off, error, warn, info, debug, trace
## Default: info
## Env: PERIPHERY_LOGGING_LEVEL
logging.level = "info"
## Specify the logging format for stdout / stderr.
## Env: PERIPHERY_LOGGING_STDIO
## Options: standard, json, none
## Default: standard
logging.stdio = "standard"
## Specify whether logging is more human readable.
## Note. Single logs will span multiple lines.
## Env: PERIPHERY_LOGGING_PRETTY
## Default: false
logging.pretty = false
## Specify a opentelemetry otlp endpoint to send traces to.
## Example: http://localhost:4317.
## Env: PERIPHERY_LOGGING_OTLP_ENDPOINT
## Optional, no default
logging.otlp_endpoint = ""
## Set the opentelemetry service name attached to the telemetry Periphery will send.
## Env: PERIPHERY_LOGGING_OPENTELEMETRY_SERVICE_NAME
## Default: "Komodo"
logging.opentelemetry_service_name = "Periphery"
#################
# GIT PROVIDERS #
#################
## configure Periphery based git providers
# [[git_provider]]
# domain = "github.com"
# accounts = [
# { username = "mbecker20", token = "access_token_for_account" },
# { username = "moghtech", token = "access_token_for_other_account" },
# ]
# [[git_provider]]
# domain = "git.mogh.tech" # use a custom provider, like self-hosted gitea
# accounts = [
# { username = "mbecker20", token = "access_token_for_account" },
# ]
# [[git_provider]]
# domain = "localhost:8000" # use a custom provider, like self-hosted gitea
# https = false # use http://localhost:8000 as base-url for clone
# accounts = [
# { username = "mbecker20", token = "access_token_for_account" },
# ]
######################
# REGISTRY PROVIDERS #
######################
## Configure Periphery based docker registries
# [[docker_registry]]
# domain = "docker.io"
# accounts = [
# { username = "mbecker2020", token = "access_token_for_account" }
# ]
# organizations = ["DockerhubOrganization"]
# [[docker_registry]]
# domain = "git.mogh.tech" # use a custom provider, like self-hosted gitea
# accounts = [
# { username = "mbecker20", token = "access_token_for_account" },
# ]
# organizations = ["Mogh"] # These become available in the UI
###########
# SECRETS #
###########
## Provide periphery-based secrets
# [secrets]
# SECRET_1 = "value_1"
# SECRET_2 = "value_2"
|