mirror of
https://github.com/netbirdio/netbird.git
synced 2025-08-09 23:27:58 +02:00
d9402168ad
This PR introduces a new configuration option `DisableDefaultPolicy` that prevents the creation of the default all-to-all policy when new accounts are created. This is useful for automation scenarios where explicit policies are preferred. ### Key Changes: - Added DisableDefaultPolicy flag to the management server config - Modified account creation logic to respect this flag - Updated all test cases to explicitly pass the flag (defaulting to false to maintain backward compatibility) - Propagated the flag through the account manager initialization chain ### Testing: - Verified default behavior remains unchanged when flag is false - Confirmed no default policy is created when flag is true - All existing tests pass with the new parameter
33 lines
1.5 KiB
Bash
33 lines
1.5 KiB
Bash
## example file, you can copy this file to setup.env and update its values
|
|
##
|
|
# Dashboard domain. e.g. app.mydomain.com
|
|
NETBIRD_DOMAIN=$CI_NETBIRD_DOMAIN
|
|
# e.g. https://dev-24vkclam.us.auth0.com/ or https://YOUR-KEYCLOAK-HOST:8080/realms/netbird
|
|
NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT="https://example.eu.auth0.com/.well-known/openid-configuration"
|
|
# e.g. netbird-client
|
|
NETBIRD_AUTH_CLIENT_ID=$CI_NETBIRD_AUTH_CLIENT_ID
|
|
NETBIRD_AUTH_SUPPORTED_SCOPES=$CI_NETBIRD_AUTH_SUPPORTED_SCOPES
|
|
NETBIRD_AUTH_CLIENT_SECRET=$CI_NETBIRD_AUTH_CLIENT_SECRET
|
|
# indicates whether to use Auth0 or not: true or false
|
|
NETBIRD_USE_AUTH0=$CI_NETBIRD_USE_AUTH0
|
|
NETBIRD_AUTH_AUDIENCE=$CI_NETBIRD_AUTH_AUDIENCE
|
|
# e.g. hello@mydomain.com
|
|
NETBIRD_LETSENCRYPT_EMAIL=""
|
|
NETBIRD_AUTH_REDIRECT_URI="/peers"
|
|
NETBIRD_DISABLE_LETSENCRYPT=true
|
|
NETBIRD_TOKEN_SOURCE="idToken"
|
|
NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE="super"
|
|
NETBIRD_AUTH_USER_ID_CLAIM="email"
|
|
NETBIRD_AUTH_DEVICE_AUTH_SCOPE="openid email"
|
|
NETBIRD_MGMT_IDP=$CI_NETBIRD_MGMT_IDP
|
|
NETBIRD_IDP_MGMT_CLIENT_ID=$CI_NETBIRD_IDP_MGMT_CLIENT_ID
|
|
NETBIRD_IDP_MGMT_CLIENT_SECRET=$CI_NETBIRD_IDP_MGMT_CLIENT_SECRET
|
|
NETBIRD_SIGNAL_PORT=12345
|
|
NETBIRD_STORE_CONFIG_ENGINE=$CI_NETBIRD_STORE_CONFIG_ENGINE
|
|
NETBIRD_MGMT_IDP_SIGNKEY_REFRESH=$CI_NETBIRD_MGMT_IDP_SIGNKEY_REFRESH
|
|
NETBIRD_TURN_EXTERNAL_IP=1.2.3.4
|
|
NETBIRD_RELAY_PORT=33445
|
|
NETBIRD_AUTH_PKCE_DISABLE_PROMPT_LOGIN=true
|
|
NETBIRD_AUTH_PKCE_LOGIN_FLAG=0
|
|
NETBIRD_MGMT_DISABLE_DEFAULT_POLICY=$CI_NETBIRD_MGMT_DISABLE_DEFAULT_POLICY
|