emissary/misc/packaging/common/config-server.yml

72 lines
1.6 KiB
YAML

# Emissary server configuration
# Logger configuration
logger:
# Logging verbosity
# DEBUG: 0
# INFO: 1
# WARN: 2
# ERROR: 3
# CRITICAL: 4
level: 1
# Logging format
# Possible values: human, json
format: human
# Server configuration
server:
# HTTP server configuration
http:
# Listening address (0.0.0.0 to listen on all interfaces)
host: 0.0.0.0
# Listening port
port: 3000
# Database configuration
database:
# Database driver
# Possible values: sqlite
driver: sqlite
# Database DSN
# sqlite: see https://github.com/mattn/go-sqlite3#connection-string
dsn: sqlite:///var/lib/emissary/data.sqlite?_pragma=foreign_keys(1)&_pragma=busy_timeout=60000
# CORS configuration
# See https://developer.mozilla.org/en/docs/Glossary/CORS
cors:
allowedOrigins: []
allowCredentials: true
allowMethods:
- POST
- GET
- PUT
- DELETE
allowedHeaders:
- Origin
- Accept
- Content-Type
- Authorization
- Sentry-Trace
# Auth configuration
auth:
# Local authentication configuration
local:
privateKeyPath: /var/lib/emissary/server-key.json
# Remote authentication configuration
# Disabled by default
remote: ~
# jwksUrl: https://my-server/.well-known/jwks.json
# Role extraction rules
# Permit to derivate user's role
# from the received JWT.
#
# The first rule returning a non empty
# string will define the role of the user.
#
# The role should be 'reader' or 'writer'.
roleExtractionRules:
- "jwt.role != nil ? str(jwt.role) : ''"