-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy path.env.darwin.example
More file actions
126 lines (111 loc) · 4.84 KB
/
.env.darwin.example
File metadata and controls
126 lines (111 loc) · 4.84 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
# =============================================================================
# macOS (Darwin) Configuration for Hypeman
# =============================================================================
# Copy this file to .env and customize for your environment.
#
# Key differences from Linux (.env.example):
# - DEFAULT_HYPERVISOR: Use "vz" (Virtualization.framework) instead of cloud-hypervisor/qemu
# - DATA_DIR: Uses macOS conventions (~/Library/Application Support)
# - Network settings: BRIDGE_NAME, SUBNET_CIDR, etc. are IGNORED (vz uses NAT)
# - Rate limiting: Not supported on macOS (no tc/HTB equivalent)
# - GPU passthrough: Not supported on macOS
# =============================================================================
# Required
JWT_SECRET=dev-secret-change-me
# Data directory - use macOS conventions
# Note: ~ expands to $HOME at runtime
DATA_DIR=~/Library/Application Support/hypeman
# Server configuration
PORT=8080
# Logging
LOG_LEVEL=debug
# =============================================================================
# Hypervisor Configuration (IMPORTANT FOR MACOS)
# =============================================================================
# On macOS, use "vz" (Virtualization.framework)
# - "cloud-hypervisor" and "qemu" are NOT supported on macOS
DEFAULT_HYPERVISOR=vz
# =============================================================================
# Network Configuration (DIFFERENT ON MACOS)
# =============================================================================
# On macOS with vz, network is handled automatically via NAT:
# - VMs get IP addresses from 192.168.64.0/24 via DHCP
# - No TAP devices, bridges, or iptables needed
# - The following settings are IGNORED on macOS:
# BRIDGE_NAME, SUBNET_CIDR, SUBNET_GATEWAY, UPLINK_INTERFACE
# DNS Server for VMs (used by guest for resolution)
DNS_SERVER=8.8.8.8
# =============================================================================
# Caddy / Ingress Configuration
# =============================================================================
CADDY_LISTEN_ADDRESS=0.0.0.0
CADDY_ADMIN_ADDRESS=127.0.0.1
CADDY_ADMIN_PORT=2019
# Note: 5353 is used by mDNSResponder (Bonjour) on macOS, using 5354 instead
INTERNAL_DNS_PORT=5354
CADDY_STOP_ON_SHUTDOWN=false
# =============================================================================
# Build System Configuration
# =============================================================================
# For builds on macOS with vz, the registry URL needs to be accessible from
# NAT VMs. Since vz uses 192.168.64.0/24 for NAT, the host is at 192.168.64.1.
#
# IMPORTANT: "host.docker.internal" does NOT work in vz VMs - that's a Docker
# Desktop-specific hostname. Use the NAT gateway IP instead.
#
# Registry URL (the host's hypeman API, accessible from VMs)
REGISTRY_URL=192.168.64.1:8080
# Use HTTP (not HTTPS) since hypeman's internal registry uses plaintext
REGISTRY_INSECURE=true
BUILDER_IMAGE=hypeman/builder:latest
MAX_CONCURRENT_SOURCE_BUILDS=2
BUILD_TIMEOUT=600
# =============================================================================
# Resource Limits (same as Linux)
# =============================================================================
# Per-instance limits
MAX_VCPUS_PER_INSTANCE=4
MAX_MEMORY_PER_INSTANCE=8GB
# Aggregate limits (0 or empty = unlimited)
# MAX_TOTAL_VOLUME_STORAGE=
# =============================================================================
# OpenTelemetry (optional, same as Linux)
# =============================================================================
# OTEL_ENABLED=false
# OTEL_ENDPOINT=127.0.0.1:4317
# OTEL_SERVICE_NAME=hypeman
# OTEL_INSECURE=true
# OTEL__METRIC_EXPORT_INTERVAL=60s
# METRICS__LISTEN_ADDRESS=127.0.0.1
# METRICS__PORT=9464
# METRICS__VM_LABEL_BUDGET=200
# ENV=dev
# =============================================================================
# TLS / ACME Configuration (same as Linux)
# =============================================================================
# ACME_EMAIL=admin@example.com
# ACME_DNS_PROVIDER=cloudflare
# TLS_ALLOWED_DOMAINS=*.example.com
# CLOUDFLARE_API_TOKEN=
# =============================================================================
# macOS Limitations
# =============================================================================
# The following features are NOT AVAILABLE on macOS:
#
# 1. GPU Passthrough (VFIO, mdev)
# - GPU_PROFILE_CACHE_TTL is ignored
# - Device registration/binding will fail
#
# 2. Network Rate Limiting
# - UPLOAD_BURST_MULTIPLIER, DOWNLOAD_BURST_MULTIPLIER are ignored
# - No tc/HTB equivalent on macOS
#
# 3. CPU/Memory Hotplug
# - Resize operations not supported
#
# 4. Disk I/O Limiting
# - DISK_IO_LIMIT, OVERSUB_DISK_IO are ignored
#
# 5. Snapshots (requires macOS 14+ on Apple Silicon)
# - SaveMachineStateToPath/RestoreMachineStateFromURL require macOS 14+
# - Only supported on ARM64 (Apple Silicon) Macs