72 lines
1.6 KiB
YAML
72 lines
1.6 KiB
YAML
# Emissary server configuration
|
|
|
|
# Logger configuration
|
|
logger:
|
|
# Logging verbosity
|
|
# DEBUG: 0
|
|
# INFO: 1
|
|
# WARN: 2
|
|
# ERROR: 3
|
|
# CRITICAL: 4
|
|
level: 1
|
|
# Logging format
|
|
# Possible values: human, json
|
|
format: human
|
|
|
|
# Server configuration
|
|
server:
|
|
# HTTP server configuration
|
|
http:
|
|
# Listening address (0.0.0.0 to listen on all interfaces)
|
|
host: 0.0.0.0
|
|
# Listening port
|
|
port: 3000
|
|
|
|
# Database configuration
|
|
database:
|
|
# Database driver
|
|
# Possible values: sqlite
|
|
driver: sqlite
|
|
# Database DSN
|
|
# sqlite: see https://github.com/mattn/go-sqlite3#connection-string
|
|
dsn: sqlite:///var/lib/emissary/data.sqlite?_pragma=foreign_keys(1)&_pragma=busy_timeout=60000
|
|
|
|
# CORS configuration
|
|
# See https://developer.mozilla.org/en/docs/Glossary/CORS
|
|
cors:
|
|
allowedOrigins: []
|
|
allowCredentials: true
|
|
allowMethods:
|
|
- POST
|
|
- GET
|
|
- PUT
|
|
- DELETE
|
|
allowedHeaders:
|
|
- Origin
|
|
- Accept
|
|
- Content-Type
|
|
- Authorization
|
|
- Sentry-Trace
|
|
|
|
# Auth configuration
|
|
auth:
|
|
# Local authentication configuration
|
|
local:
|
|
privateKeyPath: /var/lib/emissary/server-key.json
|
|
|
|
# Remote authentication configuration
|
|
# Disabled by default
|
|
remote: ~
|
|
# jwksUrl: https://my-server/.well-known/jwks.json
|
|
|
|
# Role extraction rules
|
|
# Permit to derivate user's role
|
|
# from the received JWT.
|
|
#
|
|
# The first rule returning a non empty
|
|
# string will define the role of the user.
|
|
#
|
|
# The role should be 'reader' or 'writer'.
|
|
roleExtractionRules:
|
|
- "jwt.role != nil ? str(jwt.role) : ''"
|