# Silo Production Configuration # Single-binary deployment: silod serves API + React SPA # # Layout on silo.kindred.internal: # /opt/silo/bin/silod - server binary # /opt/silo/web/dist/ - built React frontend (served automatically) # /opt/silo/schemas/ - part number schemas # /etc/silo/config.yaml - this file # /etc/silo/silod.env - secrets (env vars) # # Credentials via environment variables (set in /etc/silo/silod.env): # SILO_DB_PASSWORD # SILO_MINIO_ACCESS_KEY # SILO_MINIO_SECRET_KEY # SILO_SESSION_SECRET # SILO_ADMIN_PASSWORD server: host: "0.0.0.0" port: 8080 base_url: "https://silo.kindred.internal" database: host: "psql.kindred.internal" port: 5432 name: "silo" user: "silo" password: "" # Set via SILO_DB_PASSWORD sslmode: "require" max_connections: 20 storage: endpoint: "minio.kindred.internal:9000" access_key: "" # Set via SILO_MINIO_ACCESS_KEY secret_key: "" # Set via SILO_MINIO_SECRET_KEY bucket: "silo-files" use_ssl: true region: "us-east-1" schemas: directory: "/opt/silo/schemas" default: "kindred-rd" freecad: uri_scheme: "silo" auth: enabled: true session_secret: "" # Set via SILO_SESSION_SECRET local: enabled: true default_admin_username: "admin" default_admin_password: "" # Set via SILO_ADMIN_PASSWORD ldap: enabled: true url: "ldaps://ipa.kindred.internal" base_dn: "dc=kindred,dc=internal" user_search_dn: "cn=users,cn=accounts,dc=kindred,dc=internal" user_attr: "uid" email_attr: "mail" display_attr: "displayName" group_attr: "memberOf" role_mapping: admin: - "cn=silo-admins,cn=groups,cn=accounts,dc=kindred,dc=internal" editor: - "cn=silo-users,cn=groups,cn=accounts,dc=kindred,dc=internal" - "cn=engineers,cn=groups,cn=accounts,dc=kindred,dc=internal" viewer: - "cn=silo-viewers,cn=groups,cn=accounts,dc=kindred,dc=internal" tls_skip_verify: false oidc: enabled: false cors: allowed_origins: - "https://silo.kindred.internal"