mirror of
https://github.com/BetterCorp/BetterFrame.git
synced 2026-05-26 17:56:34 +00:00
ffe448463a
Bind 0.0.0.0 (not 127.0.0.1) so services are reachable across containers. Use Docker container hostnames (nodered, server, postgres) instead of localhost. Added missing cookieName + totpIssuer to api-http and coordinator-ws configs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
99 lines
2.9 KiB
YAML
99 lines
2.9 KiB
YAML
# BSB runtime configuration for BetterFrame server.
|
|
#
|
|
# This file is bind-mounted into the container at /home/bsb/sec-config.yaml.
|
|
# All server config lives here — no env vars in the application code.
|
|
#
|
|
# For native (non-Docker) installs, adjust hostnames to 127.0.0.1 and
|
|
# set driver: sqlite if not using PostgreSQL.
|
|
|
|
default:
|
|
observable:
|
|
observable-default:
|
|
plugin: observable-default
|
|
enabled: true
|
|
config: {}
|
|
events:
|
|
events-default:
|
|
plugin: events-default
|
|
enabled: true
|
|
services:
|
|
# ----- Data layer -----
|
|
service-store:
|
|
plugin: service-store
|
|
enabled: true
|
|
config:
|
|
driver: postgres
|
|
# SQLite (native installs)
|
|
sqlitePath: /var/lib/betterframe/betterframe.db
|
|
# PostgreSQL (Docker / production)
|
|
pgHost: postgres
|
|
pgPort: 5432
|
|
pgDatabase: betterframe
|
|
pgUser: betterframe
|
|
pgPassword: betterframe
|
|
pgPoolMax: 10
|
|
|
|
# ----- Admin UI + API -----
|
|
service-admin-http:
|
|
plugin: service-admin-http
|
|
enabled: true
|
|
config:
|
|
host: 0.0.0.0
|
|
port: 18080
|
|
dataDir: /var/lib/betterframe
|
|
# Auth
|
|
sessionIdleSeconds: 43200
|
|
sessionMaxSeconds: 2592000
|
|
loginLockoutThreshold: 8
|
|
loginLockoutSeconds: 900
|
|
argon2Memory: 65536
|
|
argon2TimeCost: 3
|
|
argon2Parallelism: 2
|
|
cookieName: betterframe_session
|
|
totpIssuer: BetterFrame
|
|
# Inter-service URLs (Docker container names)
|
|
noderedUrl: http://nodered:1880
|
|
selfUrl: http://server:18080
|
|
# Systemd credentials directory (native installs only)
|
|
systemdCredsDir: ""
|
|
# Firmware signing key (PEM). Leave empty to auto-generate on disk.
|
|
firmwareSigningKey: ""
|
|
# Bearer tokens for CI import endpoints. Generate with: openssl rand -base64 32
|
|
firmwareImportApiKey: ""
|
|
otaImportApiKey: ""
|
|
|
|
# ----- Kiosk-facing REST API -----
|
|
service-api-http:
|
|
plugin: service-api-http
|
|
enabled: true
|
|
config:
|
|
host: 0.0.0.0
|
|
port: 18081
|
|
codeTtlSeconds: 600
|
|
dataDir: /var/lib/betterframe
|
|
argon2Memory: 65536
|
|
argon2TimeCost: 3
|
|
argon2Parallelism: 2
|
|
cookieName: betterframe_session
|
|
totpIssuer: BetterFrame
|
|
noderedUrl: http://nodered:1880
|
|
# MQTT telemetry bridge (optional)
|
|
mqttUrl: ""
|
|
mqttUsername: ""
|
|
mqttPassword: ""
|
|
mqttTopicPrefix: betterframe
|
|
|
|
# ----- Live kiosk WebSocket channel -----
|
|
service-coordinator-ws:
|
|
plugin: service-coordinator-ws
|
|
enabled: true
|
|
config:
|
|
host: 0.0.0.0
|
|
port: 18082
|
|
dataDir: /var/lib/betterframe
|
|
argon2Memory: 65536
|
|
argon2TimeCost: 3
|
|
argon2Parallelism: 2
|
|
cookieName: betterframe_session
|
|
totpIssuer: BetterFrame
|
|
noderedUrl: http://nodered:1880
|