Application configuration types
This article refers to Platform v3.0.0. The current Platform version is v3.2.0.
Overview
Barbara Panel exposes five distinct ways to inject configuration into a workload running on an edge node. Choosing the right one depends on whether the value is sensitive, whether it is shared across workloads, whether it should be reloaded live or only at app start, and whether the workload is a Docker app or a Marketplace app.
This article is the reference for the five types and when to use each. For the day-to-day operations on each card, follow the dedicated guides:
- Global Config — manage Global Config from its Panel card.
- Secrets — manage Global Secrets from the Secrets card.
- Docker apps — read App Config / Global Config from inside your container.
- Marketplace apps — edit Compose Config, env variables, and App Config of a deployed Marketplace workload.
App Config
App Config is a JSON payload scoped to a single workload. The agent writes the latest payload as /appconfig/appconfig.json inside the container, and the running workload picks up changes at runtime without needing a restart.
Use it for
- Application-specific feature flags or thresholds.
- Parameters that may change between deployments of the same app on different nodes.
Global Config
Global Config is a JSON payload shared across every workload on the same node. The agent writes it as /appconfig/global.json inside every container that mounts appconfig, and changes are detected at runtime.
Use it for
- Operational parameters that several workloads on the node should agree on (logging level, monitoring URL, shared endpoints).
- Avoiding duplication of the same configuration across many workloads.
Compose Config
Compose Config defines the ports and volumes of a Marketplace workload. It is consumed at build time — changing it triggers a rebuild of the Docker Compose stack. Only available for Marketplace apps.
Use it for
- Adjusting the host ports a Marketplace app listens on.
- Adding or removing volumes mounted into the Marketplace app's containers.
Global Secrets
Global Secrets are encrypted key-value pairs shared across every workload on the node. They are injected as environment variables and changes are picked up the next time the workload starts.
Use it for
- Credentials and API keys consumed by several workloads.
- Sensitive values that should never be stored in plain JSON config.
App Environment Secrets
App Environment Secrets are encrypted key-value pairs scoped to a single Marketplace workload. They are injected as environment variables and changes are picked up the next time the workload starts. Only available for Marketplace apps.
Use it for
- Credentials and tokens used by exactly one Marketplace app — no other workload on the node sees them.
- Per-app private certificates or database passwords.
Comparison table
| Configuration type | Scope | Change detection | Encrypted | Available to |
|---|---|---|---|---|
| App Config | Single workload | Runtime | No | Docker & Marketplace apps |
| Global Config | Every workload on the node | Runtime | No | Docker & Marketplace apps |
| Compose Config | Single workload | Build time | No | AI Models & Marketplace apps |
| Global Secrets | Every workload on the node | App start | Yes | Docker apps |
| App Env Secrets | Single workload | App start | Yes | Marketplace apps |
Summary
Pick App Config or Global Config for non-sensitive runtime-updatable values (scoped to one workload vs shared across the node); Compose Config for the Marketplace ports/volumes that need to be applied at build time; and Global Secrets vs App Env Secrets for sensitive values shared across workloads vs scoped to a single Marketplace workload.