netbird/infrastructure_files/setup.env.example

## example file, you can copy this file to setup.env and update its values
##
# Dashboard domain. e.g. app.mydomain.com
NETBIRD_DOMAIN=""

# -------------------------------------------
# OIDC
#  e.g., https://example.eu.auth0.com/.well-known/openid-configuration
# -------------------------------------------
NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT=""
NETBIRD_AUTH_AUDIENCE=""
# e.g. netbird-client
NETBIRD_AUTH_CLIENT_ID=""
# if you want to use a custom claim for the user ID instead of 'sub', set it here
# NETBIRD_AUTH_USER_ID_CLAIM=""
# indicates whether to use Auth0 or not: true or false
NETBIRD_USE_AUTH0="false"
NETBIRD_AUTH_DEVICE_AUTH_PROVIDER="none"
NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID=""
# Some IDPs requires different audience, scopes and to use id token for device authorization flow
# you can customize here:
NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE=$NETBIRD_AUTH_AUDIENCE
NETBIRD_AUTH_DEVICE_AUTH_SCOPE="openid"
NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN=false
eg. zitadel, auth0, azure, keycloak
NETBIRD_MGMT_IDP="none"
# Some IDPs requires different client id and client secret for management api
NETBIRD_IDP_MGMT_CLIENT_ID=$NETBIRD_AUTH_CLIENT_ID
NETBIRD_IDP_MGMT_CLIENT_SECRET=""

# if your IDP provider doesn't support fragmented URIs, configure custom
# redirect and silent redirect URIs, these will be concatenated into your NETBIRD_DOMAIN domain.
# NETBIRD_AUTH_REDIRECT_URI="/peers"
# NETBIRD_AUTH_SILENT_REDIRECT_URI="/add-peers"
# Updates the preference to use id tokens instead of access token on dashboard
# Okta and Gitlab IDPs can benefit from this
# NETBIRD_TOKEN_SOURCE="idToken"

# -------------------------------------------
# Letsencrypt
# -------------------------------------------
# Disable letsencrypt
#  if disabled, cannot use HTTPS anymore and requires setting up a reverse-proxy to do it instead
NETBIRD_DISABLE_LETSENCRYPT=false
# e.g. hello@mydomain.com
NETBIRD_LETSENCRYPT_EMAIL=""

# Disable anonymous metrics collection, see more information at https://netbird.io/docs/FAQ/metrics-collection
NETBIRD_DISABLE_ANONYMOUS_METRICS=false
# DNS DOMAIN configures the domain name used for peer resolution. By default it is netbird.selfhosted
NETBIRD_MGMT_DNS_DOMAIN=netbird.selfhosted
Update self hosting scripts (#367) split setup.env with example and base add setup.env to .gitignore to avoid overwrite from new versions Added test workflow for docker-compose and validated configure.sh generated variables 2022-06-24 14:50:14 +02:00			`## example file, you can copy this file to setup.env and update its values`
			`##`
			`# Dashboard domain. e.g. app.mydomain.com`
			`NETBIRD_DOMAIN=""`
Add disable letsencrypt (#747) Add NETBIRD_DISABLE_LETSENCRYPT support to explicit disable let's encrypt Organize the setup.env.example variables into sections Add traefik example 2023-04-04 00:21:40 +02:00
			`# -------------------------------------------`
			`# OIDC`
			`# e.g., https://example.eu.auth0.com/.well-known/openid-configuration`
			`# -------------------------------------------`
Update scripts for the self-hosted Oauth 2.0 Device Auth Grant support (#439) Support Oauth 2.0 Device Auth Grant in the self-hosted scripts. 2022-08-24 14:37:18 +02:00			`NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT=""`
			`NETBIRD_AUTH_AUDIENCE=""`
Support new properties for OIDC auth (#426) This PR updates infrastructure_scripts to support self-hosted setup with a generic OIDC provider. 2022-08-17 21:44:20 +02:00			`# e.g. netbird-client`
			`NETBIRD_AUTH_CLIENT_ID=""`
Feature: add custom id claim (#667) This feature allows using the custom claim in the JWT token as a user ID. Refactor claims extractor with options support Add is_current to the user API response 2023-02-03 21:47:20 +01:00			`# if you want to use a custom claim for the user ID instead of 'sub', set it here`
			`# NETBIRD_AUTH_USER_ID_CLAIM=""`
Support new properties for OIDC auth (#426) This PR updates infrastructure_scripts to support self-hosted setup with a generic OIDC provider. 2022-08-17 21:44:20 +02:00			`# indicates whether to use Auth0 or not: true or false`
			`NETBIRD_USE_AUTH0="false"`
Update scripts for the self-hosted Oauth 2.0 Device Auth Grant support (#439) Support Oauth 2.0 Device Auth Grant in the self-hosted scripts. 2022-08-24 14:37:18 +02:00			`NETBIRD_AUTH_DEVICE_AUTH_PROVIDER="none"`
			`NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID=""`
Add scope and id token environment variables (#785) 2023-04-05 21:57:47 +02:00			`# Some IDPs requires different audience, scopes and to use id token for device authorization flow`
			`# you can customize here:`
Add token source and device flow audience variables (#780) Supporting new dashboard option to configure a source token. Adding configuration support for setting a different audience for device authorization flow. fix custom id claim variable 2023-04-04 15:56:02 +02:00			`NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE=$NETBIRD_AUTH_AUDIENCE`
Add scope and id token environment variables (#785) 2023-04-05 21:57:47 +02:00			`NETBIRD_AUTH_DEVICE_AUTH_SCOPE="openid"`
			`NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN=false`
Support IDP manager configuration with configure.sh (#843) support IDP management configuration using configure.sh script Add initial Zitadel configuration script 2023-06-02 17:34:36 +02:00			`eg. zitadel, auth0, azure, keycloak`
			`NETBIRD_MGMT_IDP="none"`
			`# Some IDPs requires different client id and client secret for management api`
			`NETBIRD_IDP_MGMT_CLIENT_ID=$NETBIRD_AUTH_CLIENT_ID`
			`NETBIRD_IDP_MGMT_CLIENT_SECRET=""`
Add disable letsencrypt (#747) Add NETBIRD_DISABLE_LETSENCRYPT support to explicit disable let's encrypt Organize the setup.env.example variables into sections Add traefik example 2023-04-04 00:21:40 +02:00
Support custom redirect URIs (#499) 2022-10-12 12:25:46 +02:00			`# if your IDP provider doesn't support fragmented URIs, configure custom`
			`# redirect and silent redirect URIs, these will be concatenated into your NETBIRD_DOMAIN domain.`
			`# NETBIRD_AUTH_REDIRECT_URI="/peers"`
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env 2022-10-16 13:33:46 +02:00			`# NETBIRD_AUTH_SILENT_REDIRECT_URI="/add-peers"`
Add token source and device flow audience variables (#780) Supporting new dashboard option to configure a source token. Adding configuration support for setting a different audience for device authorization flow. fix custom id claim variable 2023-04-04 15:56:02 +02:00			`# Updates the preference to use id tokens instead of access token on dashboard`
			`# Okta and Gitlab IDPs can benefit from this`
			`# NETBIRD_TOKEN_SOURCE="idToken"`
Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env 2022-10-16 13:33:46 +02:00
Add disable letsencrypt (#747) Add NETBIRD_DISABLE_LETSENCRYPT support to explicit disable let's encrypt Organize the setup.env.example variables into sections Add traefik example 2023-04-04 00:21:40 +02:00			`# -------------------------------------------`
			`# Letsencrypt`
			`# -------------------------------------------`
			`# Disable letsencrypt`
			`# if disabled, cannot use HTTPS anymore and requires setting up a reverse-proxy to do it instead`
			`NETBIRD_DISABLE_LETSENCRYPT=false`
			`# e.g. hello@mydomain.com`
			`NETBIRD_LETSENCRYPT_EMAIL=""`

Add anonymous usage metrics collection (#508) This will help us understand usage on self-hosted deployments The collection may be disabled by using the flag --disable-anonymous-metrics or NETBIRD_DISABLE_ANONYMOUS_METRICS in setup.env 2022-10-16 13:33:46 +02:00			`# Disable anonymous metrics collection, see more information at https://netbird.io/docs/FAQ/metrics-collection`
Add DNS domain to getting started scripts (#625) 2022-12-13 13:42:43 +01:00			`NETBIRD_DISABLE_ANONYMOUS_METRICS=false`
			`# DNS DOMAIN configures the domain name used for peer resolution. By default it is netbird.selfhosted`
Add token source and device flow audience variables (#780) Supporting new dashboard option to configure a source token. Adding configuration support for setting a different audience for device authorization flow. fix custom id claim variable 2023-04-04 15:56:02 +02:00			`NETBIRD_MGMT_DNS_DOMAIN=netbird.selfhosted`