342c35f8ce
Removes legacy MongoDB options and code paths from the AOC verification command, enforcing PostgreSQL as the required backend. Updates environment examples and documentation to reflect Valkey and RustFS as defaults, replacing Redis and MinIO references.
76 lines
2.0 KiB
Plaintext
76 lines
2.0 KiB
Plaintext
# Substitutions for docker-compose.airgap.yaml
|
|
|
|
# PostgreSQL Database
|
|
POSTGRES_USER=stellaops
|
|
POSTGRES_PASSWORD=airgap-password
|
|
POSTGRES_DB=stellaops_platform
|
|
POSTGRES_PORT=25432
|
|
|
|
# Valkey (Redis-compatible cache and messaging)
|
|
VALKEY_PORT=26379
|
|
|
|
# RustFS Object Storage
|
|
RUSTFS_HTTP_PORT=8080
|
|
|
|
# Authority
|
|
AUTHORITY_ISSUER=https://authority.airgap.local
|
|
AUTHORITY_PORT=8440
|
|
AUTHORITY_OFFLINE_CACHE_TOLERANCE=00:45:00
|
|
|
|
# Signer
|
|
SIGNER_POE_INTROSPECT_URL=file:///offline/poe/introspect.json
|
|
SIGNER_PORT=8441
|
|
|
|
# Attestor
|
|
ATTESTOR_PORT=8442
|
|
|
|
# Issuer Directory
|
|
ISSUER_DIRECTORY_PORT=8447
|
|
ISSUER_DIRECTORY_SEED_CSAF=true
|
|
|
|
# Concelier
|
|
CONCELIER_PORT=8445
|
|
|
|
# Scanner
|
|
SCANNER_WEB_PORT=8444
|
|
SCANNER_QUEUE_BROKER=valkey://valkey:6379
|
|
SCANNER_EVENTS_ENABLED=false
|
|
SCANNER_EVENTS_DRIVER=valkey
|
|
SCANNER_EVENTS_DSN=valkey:6379
|
|
SCANNER_EVENTS_STREAM=stella.events
|
|
SCANNER_EVENTS_PUBLISH_TIMEOUT_SECONDS=5
|
|
SCANNER_EVENTS_MAX_STREAM_LENGTH=10000
|
|
|
|
# Scanner Surface.Env Configuration
|
|
SCANNER_SURFACE_FS_ENDPOINT=http://rustfs:8080/api/v1
|
|
SCANNER_SURFACE_CACHE_ROOT=/var/lib/stellaops/surface
|
|
SCANNER_SURFACE_SECRETS_PROVIDER=file
|
|
SCANNER_SURFACE_SECRETS_NAMESPACE=
|
|
SCANNER_SURFACE_SECRETS_ROOT=/etc/stellaops/secrets
|
|
SCANNER_SURFACE_SECRETS_FALLBACK_PROVIDER=
|
|
SURFACE_SECRETS_HOST_PATH=./offline/surface-secrets
|
|
|
|
# Zastava (inherits Scanner defaults; override if Observer/Webhook diverge)
|
|
ZASTAVA_SURFACE_FS_ENDPOINT=${SCANNER_SURFACE_FS_ENDPOINT}
|
|
ZASTAVA_SURFACE_CACHE_ROOT=${SCANNER_SURFACE_CACHE_ROOT}
|
|
|
|
# Scheduler (Valkey default, NATS optional)
|
|
SCHEDULER_QUEUE_KIND=Valkey
|
|
SCHEDULER_QUEUE_VALKEY_URL=valkey:6379
|
|
# SCHEDULER_QUEUE_NATS_URL=nats://nats:4222
|
|
SCHEDULER_STORAGE_DATABASE=stellaops_platform
|
|
SCHEDULER_SCANNER_BASEADDRESS=http://scanner-web:8444
|
|
|
|
# NATS (Optional - only if using NATS instead of Valkey for queues)
|
|
NATS_CLIENT_PORT=24222
|
|
|
|
# Advisory AI
|
|
ADVISORY_AI_WEB_PORT=8448
|
|
ADVISORY_AI_SBOM_BASEADDRESS=http://scanner-web:8444
|
|
ADVISORY_AI_INFERENCE_MODE=Local
|
|
ADVISORY_AI_REMOTE_BASEADDRESS=
|
|
ADVISORY_AI_REMOTE_APIKEY=
|
|
|
|
# Web UI
|
|
UI_PORT=9443
|