1# arche-server configuration
2# This file is mounted read-only into the container at /app/config/server.toml.
3# Edit it and run `docker compose restart` to apply changes.
4
5[server]
6# HTTP listener. Required. The container exposes this on the host via
7# the "ports" mapping in docker-compose.yml.
8listen_http = ":8080"
9
10# Optional TLS. Uncomment and point at your certificate files
11# (mount them as extra volumes). When enabled, also expose port 8443.
12# listen_https = ":8443"
13# tls_cert = "/app/config/tls/cert.pem"
14# tls_key = "/app/config/tls/key.pem"
15
16# Optional SSH push access (arche+ssh://). Expose port 2222 in compose too.
17# listen_ssh = ":2222"
18
19[storage]
20# All data (server.db, repo objects, packs) lives here.
21# Backed by the "arche-data" Docker volume.
22data_dir = "/app/data"
23
24[auth]
25# Controls who can create accounts:
26# "disabled" — admin creates accounts manually (good for personal forge)
27# "invite" — admin generates invite links
28# "open" — anyone can register (public forge)
29registration = "disabled"
30
31# Server-side shell hooks (admin only). Leave empty to disable.
32[hooks]
33# pre-receive = "/app/hooks/secret-scan.sh"
34# update = "/app/hooks/protect-main.sh"
35# post-receive = ""
36timeout_sec = 30