Mikkel Georgsen
cd94d99c62
- Create scripts/setup-sandbox.sh to bootstrap Arch base environment - Add BuildSandbox class for container management and build execution - Configure sandbox with network isolation, read-only root, 8GB/4core limits - Add sandbox_root and iso_output_root settings to config
55 lines
1.5 KiB
Python
55 lines
1.5 KiB
Python
"""Application configuration via pydantic-settings."""
|
|
|
|
from pydantic_settings import BaseSettings
|
|
|
|
|
|
class Settings(BaseSettings):
|
|
"""Application settings loaded from environment variables."""
|
|
|
|
# Database
|
|
database_url: str = "postgresql+asyncpg://debate:debate_dev@localhost:5433/debate"
|
|
|
|
# Security
|
|
secret_key: str = "change-me-in-production"
|
|
csrf_secret_key: str = "change-me-in-production"
|
|
|
|
# Environment
|
|
environment: str = "development"
|
|
debug: bool = True
|
|
|
|
# CORS and trusted hosts
|
|
allowed_hosts: str = "localhost,127.0.0.1"
|
|
allowed_origins: str = "http://localhost:3000,http://127.0.0.1:3000"
|
|
|
|
# Cookie settings
|
|
cookie_domain: str = "localhost"
|
|
|
|
# Build sandbox settings
|
|
sandbox_root: str = "/var/lib/debate/sandbox"
|
|
iso_output_root: str = "/var/lib/debate/builds"
|
|
|
|
@property
|
|
def allowed_hosts_list(self) -> list[str]:
|
|
"""Parse allowed hosts as a list."""
|
|
return [h.strip() for h in self.allowed_hosts.split(",") if h.strip()]
|
|
|
|
@property
|
|
def allowed_origins_list(self) -> list[str]:
|
|
"""Parse allowed origins as a list."""
|
|
return [o.strip() for o in self.allowed_origins.split(",") if o.strip()]
|
|
|
|
@property
|
|
def is_production(self) -> bool:
|
|
"""Check if running in production environment."""
|
|
return self.environment == "production"
|
|
|
|
class Config:
|
|
"""Pydantic settings configuration."""
|
|
|
|
env_file = ".env"
|
|
env_file_encoding = "utf-8"
|
|
extra = "ignore"
|
|
|
|
|
|
# Global settings instance
|
|
settings = Settings()
|