jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
fetch_ml/configs/api/homelab-secure.yaml
Jeremie Fraeys 8a7e7695f4
config: consolidate and cleanup configuration files 
- Remove redundant config examples (distributed/, standalone/, examples/)
- Delete dev-local.yaml variants (use dev.yaml with env vars)
- Delete prod.yaml (use multi-user.yaml or homelab-secure.yaml)
- Clean up worker configs: remove docker.yaml, homelab-sandbox.yaml
- Update remaining configs with current best practices
- Simplify config schema and documentation
2026-03-04 13:22:52 -05:00

103 lines
2.3 KiB
YAML
Raw Permalink Blame History

base_path: "/data/experiments"
data_dir: "/data/active"
auth:
enabled: true
api_keys:
homelab_admin:
hash: "CHANGE_ME_SHA256_HOMELAB_ADMIN_KEY"
admin: true
roles:
- admin
permissions:
"*": true
homelab_user:
hash: "CHANGE_ME_SHA256_HOMELAB_USER_KEY"
admin: false
roles:
- researcher
permissions:
experiments: true
datasets: true
jupyter: true
server:
address: ":9101"
tls:
enabled: false
cert_file: "/app/ssl/cert.pem"
key_file: "/app/ssl/key.pem"
security:
production_mode: true
allowed_origins:
- "https://ml-experiments.example.com"
rate_limit:
enabled: true
requests_per_minute: 60
burst_size: 10
ip_whitelist:
- "127.0.0.1"
- "192.168.0.0/16"
monitoring:
prometheus:
enabled: true
port: 9101
path: "/metrics"
health_checks:
enabled: true
interval: "30s"
redis:
url: "redis://:CHANGE_ME_REDIS_PASSWORD@redis:6379"
password: ""
db: 0
database:
type: "sqlite"
connection: "/data/experiments/fetch_ml.sqlite"
logging:
level: "info"
file: "/logs/fetch_ml.log"
# Audit logging (HIPAA-compliant with tamper-evident chain hashing)
audit:
enabled: true
file: "/var/log/fetch_ml/audit.log" # Separate file for audit events
chain_hashing: true # Enable tamper-evident logging
retention_days: 2555 # 7 years for HIPAA compliance
log_ip_address: true # Include source IP in audit events
log_user_agent: true # Include user agent in audit events
# Sensitive events to always log
events:
- "authentication_success"
- "authentication_failure"
- "file_access"
- "file_write"
- "file_delete"
- "job_queued"
- "job_started"
- "job_completed"
- "experiment_created"
- "experiment_deleted"
resources:
max_workers: 2
desired_rps_per_worker: 2
podman_cpus: "2"
podman_memory: "4Gi"
# Scheduler configuration for multi-worker support
scheduler:
enabled: true
strategy: "round-robin"
max_concurrent_jobs: 8
queue:
type: "redis"
redis_addr: "redis:6379"
worker_discovery:
mode: "dynamic"
heartbeat_timeout: "30s"
health_check_interval: "10s"
Reference in a new issue View git blame Copy permalink