# Example: Regional multi-cluster control plane (edge-gateway + scheduler) # Deploy the global-service layer separately when running self-hosted multi-region. apiVersion: v1 kind: Namespace metadata: name: sandbox0-system --- apiVersion: infra.sandbox0.ai/v1alpha1 kind: Sandbox0Infra metadata: name: s0cp namespace: sandbox0-system spec: database: # Control plane and data plane should share the same PG instance. type: external external: host: your-db.rds.amazonaws.com port: 5432 database: sandbox0 username: sandbox0 passwordSecret: name: db-credentials key: password publicExposure: enabled: true rootDomain: sandbox0.app regionId: aws-us-east-1 registry: # Builtin registry defaults to NodePort for easy kind debugging. provider: builtin builtin: enabled: true service: type: NodePort port: 30500 # For local kind debug, s0 CLI can push via this endpoint. pushEndpoint: 127.0.0.1:30500 ## Shared regional registry for all data-plane clusters in this region. ## edge-gateway issues upload credentials from this config. #provider: aws #imagePullSecretName: sandbox0-registry-pull #aws: # region: us-east-1 # registryId: "123456789012" # # Optional when registryId+region are set, but explicit host is clearer. # registry: 123456789012.dkr.ecr.us-east-1.amazonaws.com # pullSecret: # name: ecr-pull-secret # key: .dockerconfigjson # credentialsSecret: # name: aws-credentials # accessKeyKey: accessKeyId # secretKeyKey: secretAccessKey services: edgeGateway: enabled: true replicas: 1 # service: # type: ClusterIP # port: 80 service: type: NodePort port: 30080 config: schedulerEnabled: true scheduler: enabled: true replicas: 1 initUser: email: "admin@example.com" # passwordSecret: # name: admin-password # key: password