# ============================================================================= # TFM aInventory - Network Configuration Schema (v1.12.0) # ============================================================================= # Purpose: Network ports, SSL settings, and proxy configuration. # ============================================================================= # --- Port Assignments --- ports: # Host-side port for HTTP backend # Default: 8916 # Environment: NETWORK_PORTS_BACKEND_PORT or BACKEND_PORT backend_port: 8916 # Host-side port for HTTP frontend # Default: 8917 # Environment: NETWORK_PORTS_FRONTEND_PORT or FRONTEND_PORT frontend_port: 8917 # Host-side port for HTTPS backend (via Caddy) # Default: 8918 # Environment: NETWORK_PORTS_BACKEND_SSL_PORT or BACKEND_SSL_PORT backend_ssl_port: 8918 # Host-side port for HTTPS frontend (via Caddy) # Default: 8919 # Environment: NETWORK_PORTS_FRONTEND_SSL_PORT or FRONTEND_SSL_PORT frontend_ssl_port: 8919 # --- SSL & Security --- ssl: # Enable SSL/TLS termination via reverse proxy? # Default: true # Environment: NETWORK_SSL_ENABLED ssl_enabled: true # Path to SSL certificate (if not using Caddy's auto-HTTPS) # Environment: NETWORK_SSL_CERTIFICATE_PATH certificate_path: "" # Path to SSL private key # Environment: NETWORK_SSL_KEY_PATH key_path: "" # --- Proxy (Caddy) Configuration --- proxy: # Caddy log level (debug|info|warn|error) # Default: info # Environment: NETWORK_PROXY_CADDY_LOG_LEVEL caddy_log_level: "info" # Maximum timeout for reading requests in seconds # Default: 60 # Environment: NETWORK_PROXY_READ_TIMEOUT_S proxy_read_timeout_s: 60 # Maximum request body size in MB # Default: 10 # Environment: NETWORK_PROXY_MAX_REQUEST_SIZE_MB max_request_size_mb: 10 # --- CORS Policies --- cors: # Comma-separated list of allowed origins # Environment: NETWORK_CORS_ALLOWED_ORIGINS or EXTRA_ALLOWED_ORIGINS allowed_origins: "*" # Allowed HTTP methods # Environment: NETWORK_CORS_ALLOWED_METHODS allowed_methods: "GET,POST,PUT,DELETE,OPTIONS" # Allowed HTTP headers # Environment: NETWORK_CORS_ALLOWED_HEADERS allowed_headers: "Authorization,Content-Type,Accept"