RoleForge/app/core/config.py

from functools import lru_cache
from pathlib import Path

from pydantic_settings import BaseSettings, SettingsConfigDict


class Settings(BaseSettings):
    model_config = SettingsConfigDict(env_file=".env", env_file_encoding="utf-8", case_sensitive=False)

    app_name: str = "RoleForge"
    app_tagline: str = "Ansible Orchestrator"
    app_env: str = "dev"
    app_host: str = "0.0.0.0"
    app_port: int = 8000
    app_secret_key: str = "change-me"
    app_access_token_expire_min: int = 30
    app_refresh_token_expire_days: int = 14

    database_dsn: str
    redis_url: str
    celery_broker_url: str
    celery_result_backend: str
    app_runner_image: str = "roleforge-backend:latest"
    # Default Docker Hub repo (ROLEFORGE_OS_DOCKER_HUB_REPOSITORY): pushes docker.io/<repo>:<os_tag>, then pull/tag locally as roleforge-os:<os_tag>.
    roleforge_os_docker_hub_repository: str = "inecs/roleforge"
    # Leave empty to disable Hub pushes (only ROLEFORGE_OS_IMAGE_REGISTRY or local --load may apply).
    # Fallback registry prefix when Docker Hub repo is unset (e.g. localhost:5000).
    roleforge_os_image_registry: str = ""
    # Ephemeral molecule runners need Docker API access to spawn platform containers (same as mounting docker.sock into API).
    app_runner_mount_docker_socket: bool = True
    app_runner_privileged: bool = True
    app_docker_network: str = "roleforge_default"
    app_k8s_namespace: str = "roleforge"
    app_k8s_service_account: str = "default"
    app_runner_poll_interval_sec: float = 1.0
    app_runner_timeout_sec: int = 3600
    app_runner_max_poll_errors: int = 5

    vault_address: str | None = None
    vault_token: str | None = None

    app_data_dir: Path = Path("data")

    @property
    def avatar_storage_path(self) -> Path:
        return self.app_data_dir / "avatars"


@lru_cache(maxsize=1)
def get_settings() -> Settings:
    return Settings()