alexei.dolgolyov/tiny-forge
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5e366fb2abb86261f796f0db452b1ed3efb434e4
tiny-forge/docker-watcher.example.yaml
T
alexei.dolgolyov cdf21682d6 feat(docker-watcher): phase 2 - crypto & config seed loader 
AES-256-GCM encryption for credential storage, YAML seed config
parser with validation, and transactional import into SQLite.
Credentials (registry tokens, NPM password) encrypted before storage.
2026-03-27 21:01:16 +03:00

79 lines
2.1 KiB
YAML
Raw Blame History

# Docker Watcher — Seed Configuration
#
# This file is read ONCE on first launch to populate the SQLite database.
# After import, all configuration is managed via the Web UI.
# The only required env var is ENCRYPTION_KEY (used to encrypt credentials in DB).
#
# Place this file as ./docker-watcher.yaml (or set SEED_FILE env var)
# and start Docker Watcher. Once imported, the file is never read again.
global:
# Your base domain — must have a Cloudflare wildcard DNS record (*.domain)
domain: example.com
# The IP address of your Docker host
server_ip: 192.168.1.100
# Docker network that containers will be attached to
network: staging-net
# Pattern for generating subdomains. Available placeholders: {stage}, {project}
subdomain_pattern: "stage-{stage}-{project}"
# Webhook URL for deploy notifications (optional)
notification_url: https://notify.example.com/webhook
# Nginx Proxy Manager connection
npm:
url: http://npm:81
email: admin@example.com
password: "your-npm-password-here"
# Container registries — referenced by name in project definitions
registries:
gitea:
url: https://git.example.com
type: gitea
token: "your-registry-token-here"
# github:
# url: https://ghcr.io
# type: github
# token: "ghp_your-github-token-here"
# Projects to deploy — each project has an image and one or more stages
projects:
my-web-app:
registry: gitea
image: git.example.com/org/my-web-app
port: 3000
healthcheck: /api/health
# Environment variables passed to the container
env:
NODE_ENV: production
# Volume mounts (host:container)
# volumes:
# /data/uploads: /app/uploads
stages:
dev:
tag_pattern: "dev-*"
auto_deploy: true
max_instances: 5
rel:
tag_pattern: "v*"
auto_deploy: false
max_instances: 2
prod:
tag_pattern: "v*"
auto_deploy: false
confirm: true
promote_from: rel
max_instances: 2
# Custom subdomain (instead of the pattern-generated one)
subdomain: my-app
Reference in New Issue View Git Blame Copy Permalink