[server]
bind_address = "0.0.0.0"
port = 8000
streaming_chunk_size = "5MiB"

[lock_store.redis]
url = "redis://valkey:6379"
ttl = 5

[cache_store.redis]
url = "redis://valkey:6379"
ttl = 5

[storage.fs]
root_dir = "/images"

[observability.tracing]
endpoint = "http://127.0.0.1:4317"
sampling_rate = 1.0

[identity.{{ ci_user }}]
username = "{{ ci_user }}"
password = "{{ ci_user_registry_password_argon_encoded }}"

[identity.readonly]
username = "readonly"
password = "$argon2i$v=19$m=16,t=2,p=1$TjJyTEdIZUJ6dFZkdlZvSg$qf8vG09O93Z/9vUMCgWNtA" # hash for "readonly"

{% for repo in oci_repos %}
[repository."{{ repo }}"]

[repository."{{ repo }}".access_policy]
default_allow = false
rules = [
    'request.action.startsWith("get-") || request.action.startsWith("list-") || identity.id == "ci"'
]
{% endfor %}