feat(07-01): create config/ folder and YAML example files

- Added backend.yaml.example with AI, DB, auth, and logging schema
- Added frontend.yaml.example with API and feature flag schema
- Added network.yaml.example with ports and SSL schema
- Added docker.yaml.example with resource and volume schema
- Added secrets.yaml.example as a template for sensitive data
- All files include comprehensive comments documenting every variable
This commit is contained in:
2026-04-23 12:42:07 +03:00
parent 7b29749806
commit 095df98ceb
5 changed files with 341 additions and 0 deletions

110
config/backend.yaml.example Normal file
View File

@@ -0,0 +1,110 @@
# =============================================================================
# TFM aInventory - Backend Configuration Schema (v1.12.0)
# =============================================================================
# Purpose: Configuration for the FastAPI backend, database, AI, and logging.
# Load order: system environment variables > config/backend.yaml > code defaults.
# Required/Optional: Most are optional; defaults in code provide sensible behavior.
# =============================================================================
# --- Database & Storage ---
database:
# Path to SQLite database file (relative to backend/ folder)
# Default: data/inventory.db
# Environment: BACKEND_DATABASE_SQLITE_PATH
sqlite_path: "data/inventory.db"
# Keep database logs for performance auditing?
# Default: true
# Environment: BACKEND_DATABASE_WAL_MODE
wal_mode: true
# How many days of audit logs to keep?
# Default: 30
# Environment: BACKEND_DATABASE_LOG_RETENTION_DAYS
log_retention_days: 30
# --- AI & Vision Services ---
ai:
# Primary provider for image OCR and classification (gemini|claude)
# Default: gemini
# Environment: BACKEND_AI_PRIMARY_AI_PROVIDER
primary_ai_provider: "gemini"
# Fallback provider if primary fails
# Default: claude
# Environment: BACKEND_AI_FALLBACK_PROVIDER
fallback_provider: "claude"
# Gemini API Key (obtain from https://aistudio.google.com/)
# Environment: BACKEND_AI_GEMINI_API_KEY or GEMINI_API_KEY
gemini_api_key: "your-gemini-api-key"
# Claude API Key (obtain from Anthropic Console)
# Environment: BACKEND_AI_CLAUDE_API_KEY or CLAUDE_API_KEY
claude_api_key: "your-claude-api-key"
# --- Authentication & LDAP ---
auth:
# JWT Secret Key (min 32 chars)
# Generate with: openssl rand -hex 32
# Environment: BACKEND_AUTH_JWT_SECRET_KEY or JWT_SECRET_KEY
jwt_secret_key: "change_me_in_production"
# LDAP Server address (optional)
# Example: "ldap://192.168.1.100"
# Environment: BACKEND_AUTH_LDAP_SERVER
ldap_server: ""
# LDAP Base DN for user search
# Example: "dc=example,dc=com"
# Environment: BACKEND_AUTH_LDAP_BASE_DN
ldap_base_dn: ""
# Path to store hashed passwords for offline use
# Environment: BACKEND_AUTH_PASSWORD_CACHE_PATH
password_cache_path: "data/.passwords"
# --- Logging & Diagnostics ---
logging:
# Log level (DEBUG|INFO|WARNING|ERROR)
# Default: INFO
# Environment: BACKEND_LOGGING_LOG_LEVEL or LOG_LEVEL
log_level: "INFO"
# Log file rotation size in megabytes
# Default: 10
# Environment: BACKEND_LOGGING_LOG_ROTATION_SIZE_MB
log_rotation_size_mb: 10
# Number of rotated log files to keep
# Default: 5
# Environment: BACKEND_LOGGING_LOG_ROTATION_COUNT
log_rotation_count: 5
# --- Application ---
application:
# Directory for persistent data
# Environment: BACKEND_APPLICATION_DATA_DIR or DATA_DIR
data_dir: "./data"
# Directory for log files
# Environment: BACKEND_APPLICATION_LOGS_DIR or LOGS_DIR
logs_dir: "./logs"
# Comma-separated list of extra allowed CORS origins (IPs/FQDNs)
# Environment: BACKEND_APPLICATION_CORS_ORIGINS or EXTRA_ALLOWED_ORIGINS
cors_origins: "http://localhost:8917"
# --- Feature Flags ---
features:
# Enable AI image extraction and OCR?
# Default: true
ai_extraction_enabled: true
# Enable offline synchronization features?
# Default: true
offline_sync_enabled: true
# Enable detailed audit logging for each API request?
# Default: true
audit_logging_enabled: true

View File

@@ -0,0 +1,61 @@
# =============================================================================
# TFM aInventory - Docker Configuration Schema (v1.12.0)
# =============================================================================
# Purpose: Resource limits, image tags, and volume management for Docker.
# =============================================================================
# --- Image Management ---
images:
# Backend container image name and tag
# Default: backend:latest
backend_image: "backend:latest"
# Frontend container image name and tag
# Default: frontend:latest
frontend_image: "frontend:latest"
# Proxy container image name and tag
# Default: caddy:latest
proxy_image: "caddy:latest"
# --- Resource Constraints ---
resources:
# CPU limit for the backend container
# Default: 1.0 (1 core)
backend_cpu_limit: "1.0"
# Memory limit for the backend container
# Default: 1G
backend_memory_limit: "1G"
# CPU limit for the frontend container
# Default: 0.5 (0.5 core)
frontend_cpu_limit: "0.5"
# Memory limit for the frontend container
# Default: 512M
frontend_memory_limit: "512M"
# --- Volume Management ---
volumes:
# Driver to use for data volume
# Default: local
data_volume_driver: "local"
# Driver to use for logs volume
# Default: local
logs_volume_driver: "local"
# Use named volumes instead of bind mounts for persistence?
# Default: true
use_named_volumes: true
# --- Networking ---
network:
# Internal Docker network name
# Default: inventory-net
network_name: "inventory-net"
# Internal Docker network driver
# Default: bridge
network_driver: "bridge"

View File

@@ -0,0 +1,63 @@
# =============================================================================
# TFM aInventory - Frontend Configuration Schema (v1.12.0)
# =============================================================================
# Purpose: Configuration for the Next.js frontend application.
# =============================================================================
# --- API Connection ---
api:
# Base URL of the backend API
# Default: http://localhost:8916
# Environment: FRONTEND_API_BACKEND_URL or BACKEND_URL
backend_url: "http://localhost:8916"
# API timeout in milliseconds
# Default: 30000 (30 seconds)
# Environment: FRONTEND_API_TIMEOUT_MS
timeout_ms: 30000
# --- Feature Flags & PWA ---
features:
# Enable PWA service worker?
# Default: true
service_worker_enabled: true
# Enable offline functionality?
# Default: true
offline_enabled: true
# Enable AI image extraction UI features?
# Default: true
ai_extraction_ui_enabled: true
# --- PWA Branding ---
pwa:
# Application long name
# Default: TFM aInventory
app_name: "TFM aInventory"
# Application short name for home screen
# Default: aInventory
short_name: "aInventory"
# Initial URL to open on launch
# Default: /
start_url: "/"
# Display mode (standalone|browser|minimal-ui|fullscreen)
# Default: standalone
display_mode: "standalone"
# --- Feature Toggles ---
toggles:
# Enable built-in QR code scanner?
# Default: true
enable_qr_scanner: true
# Enable built-in barcode scanner?
# Default: true
enable_barcode_scanner: true
# Enable batch import functionality?
# Default: true
enable_batch_import: true

View File

@@ -0,0 +1,73 @@
# =============================================================================
# TFM aInventory - Network Configuration Schema (v1.12.0)
# =============================================================================
# Purpose: Network ports, SSL settings, and proxy configuration.
# =============================================================================
# --- Port Assignments ---
ports:
# Host-side port for HTTP backend
# Default: 8916
# Environment: NETWORK_PORTS_BACKEND_PORT or BACKEND_PORT
backend_port: 8916
# Host-side port for HTTP frontend
# Default: 8917
# Environment: NETWORK_PORTS_FRONTEND_PORT or FRONTEND_PORT
frontend_port: 8917
# Host-side port for HTTPS backend (via Caddy)
# Default: 8918
# Environment: NETWORK_PORTS_BACKEND_SSL_PORT or BACKEND_SSL_PORT
backend_ssl_port: 8918
# Host-side port for HTTPS frontend (via Caddy)
# Default: 8919
# Environment: NETWORK_PORTS_FRONTEND_SSL_PORT or FRONTEND_SSL_PORT
frontend_ssl_port: 8919
# --- SSL & Security ---
ssl:
# Enable SSL/TLS termination via reverse proxy?
# Default: true
# Environment: NETWORK_SSL_ENABLED
ssl_enabled: true
# Path to SSL certificate (if not using Caddy's auto-HTTPS)
# Environment: NETWORK_SSL_CERTIFICATE_PATH
certificate_path: ""
# Path to SSL private key
# Environment: NETWORK_SSL_KEY_PATH
key_path: ""
# --- Proxy (Caddy) Configuration ---
proxy:
# Caddy log level (debug|info|warn|error)
# Default: info
# Environment: NETWORK_PROXY_CADDY_LOG_LEVEL
caddy_log_level: "info"
# Maximum timeout for reading requests in seconds
# Default: 60
# Environment: NETWORK_PROXY_READ_TIMEOUT_S
proxy_read_timeout_s: 60
# Maximum request body size in MB
# Default: 10
# Environment: NETWORK_PROXY_MAX_REQUEST_SIZE_MB
max_request_size_mb: 10
# --- CORS Policies ---
cors:
# Comma-separated list of allowed origins
# Environment: NETWORK_CORS_ALLOWED_ORIGINS or EXTRA_ALLOWED_ORIGINS
allowed_origins: "*"
# Allowed HTTP methods
# Environment: NETWORK_CORS_ALLOWED_METHODS
allowed_methods: "GET,POST,PUT,DELETE,OPTIONS"
# Allowed HTTP headers
# Environment: NETWORK_CORS_ALLOWED_HEADERS
allowed_headers: "Authorization,Content-Type,Accept"

View File

@@ -0,0 +1,34 @@
# =============================================================================
# TFM aInventory - Secrets Configuration Template (v1.12.0)
# =============================================================================
# Purpose: Sensitive configuration (API keys, passwords, secret keys).
# Security: 'config/secrets.yaml' is ignored by Git. Do NOT commit actual secrets.
# Setup: Copy this file to 'config/secrets.yaml' and fill in actual values.
# =============================================================================
# --- JWT Secrets ---
# Secret key used for signing JSON Web Tokens.
# Generate a strong random key for production use:
# python3 -c "import secrets; print(secrets.token_urlsafe(64))"
# Environment override: BACKEND_AUTH_JWT_SECRET_KEY or JWT_SECRET_KEY
JWT_SECRET_KEY: "CHANGE_ME_IN_PRODUCTION_MIN_32_CHARS"
# --- AI API Keys ---
# Google Gemini API Key (Required for AI image processing)
# Get one at: https://aistudio.google.com/
# Environment override: BACKEND_AI_GEMINI_API_KEY or GEMINI_API_KEY
GEMINI_API_KEY: "your-gemini-api-key"
# Anthropic Claude API Key (Required for fallback/enhanced processing)
# Get one at: https://console.anthropic.com/
# Environment override: BACKEND_AI_CLAUDE_API_KEY or CLAUDE_API_KEY
CLAUDE_API_KEY: "your-claude-api-key"
# --- External Services ---
# Database password (if using an external DB instead of SQLite)
# Environment override: BACKEND_DATABASE_PASSWORD
DATABASE_PASSWORD: ""
# LDAP password for the service account
# Environment override: BACKEND_AUTH_LDAP_PASSWORD
LDAP_PASSWORD: ""