# Emissary server configuration # Logger configuration logger: # Logging verbosity # DEBUG: 0 # INFO: 1 # WARN: 2 # ERROR: 3 # CRITICAL: 4 level: 1 # Logging format # Possible values: human, json format: human # Server configuration server: # HTTP server configuration http: # Listening address (0.0.0.0 to listen on all interfaces) host: 0.0.0.0 # Listening port port: 3000 # Database configuration database: # Database driver # Possible values: sqlite driver: sqlite # Database DSN # sqlite: see https://github.com/mattn/go-sqlite3#connection-string dsn: sqlite:///var/lib/emissary/data.sqlite?_pragma=foreign_keys(1)&_pragma=busy_timeout=60000 # CORS configuration # See https://developer.mozilla.org/en/docs/Glossary/CORS cors: allowedOrigins: [] allowCredentials: true allowMethods: - POST - GET - PUT - DELETE allowedHeaders: - Origin - Accept - Content-Type - Authorization - Sentry-Trace # Auth configuration auth: # Local authentication configuration local: privateKeyPath: /var/lib/emissary/server-key.json # Remote authentication configuration # Disabled by default remote: ~ # jwksUrl: https://my-server/.well-known/jwks.json # Role extraction rules # Permit to derivate user's role # from the received JWT. # # The first rule returning a non empty # string will define the role of the user. # # The role should be 'reader' or 'writer'. roleExtractionRules: - "jwt.role != nil ? str(jwt.role) : ''"