netbird/infrastructure_files/management.json.tmpl

{
    "Stuns": [
        {
            "Proto": "udp",
            "URI": "stun:$TURN_DOMAIN:3478",
            "Username": "",
            "Password": null
        }
    ],
    "TURNConfig": {
        "Turns": [
            {
                "Proto": "udp",
                "URI": "turn:$TURN_DOMAIN:3478",
                "Username": "$TURN_USER",
                "Password": "$TURN_PASSWORD"
            }
        ],
        "CredentialsTTL": "12h",
        "Secret": "secret",
        "TimeBasedCredentials": false
    },
    "Signal": {
        "Proto": "$NETBIRD_SIGNAL_PROTOCOL",
        "URI": "$NETBIRD_DOMAIN:$NETBIRD_SIGNAL_PORT",
        "Username": "",
        "Password": null
    },
    "Datadir": "",
    "DataStoreEncryptionKey": "$NETBIRD_DATASTORE_ENC_KEY",
    "StoreConfig": {
        "Engine": "$NETBIRD_STORE_CONFIG_ENGINE"
    },
    "HttpConfig": {
        "Address": "0.0.0.0:$NETBIRD_MGMT_API_PORT",
        "AuthIssuer": "$NETBIRD_AUTH_AUTHORITY",
        "AuthAudience": "$NETBIRD_AUTH_AUDIENCE",
        "AuthKeysLocation": "$NETBIRD_AUTH_JWT_CERTS",
        "AuthUserIDClaim": "$NETBIRD_AUTH_USER_ID_CLAIM",
        "CertFile":"$NETBIRD_MGMT_API_CERT_FILE",
        "CertKey":"$NETBIRD_MGMT_API_CERT_KEY_FILE",
        "IdpSignKeyRefreshEnabled": $NETBIRD_MGMT_IDP_SIGNKEY_REFRESH,
        "OIDCConfigEndpoint":"$NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT"
    },
    "IdpManagerConfig": {
        "ManagerType": "$NETBIRD_MGMT_IDP",
        "ClientConfig": {
            "Issuer": "$NETBIRD_AUTH_AUTHORITY",
            "TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
            "ClientID": "$NETBIRD_IDP_MGMT_CLIENT_ID",
            "ClientSecret": "$NETBIRD_IDP_MGMT_CLIENT_SECRET",
            "GrantType": "client_credentials"
        },
        "ExtraConfig": $NETBIRD_IDP_MGMT_EXTRA_CONFIG,
        "Auth0ClientCredentials": null,
        "AzureClientCredentials": null,
        "KeycloakClientCredentials": null,
        "ZitadelClientCredentials": null
     },
    "DeviceAuthorizationFlow": {
        "Provider": "$NETBIRD_AUTH_DEVICE_AUTH_PROVIDER",
        "ProviderConfig": {
          "Audience": "$NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE",
          "AuthorizationEndpoint": "",
          "Domain": "$NETBIRD_AUTH0_DOMAIN",
          "ClientID": "$NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID",
          "ClientSecret": "",
          "TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
          "DeviceAuthEndpoint": "$NETBIRD_AUTH_DEVICE_AUTH_ENDPOINT",
          "Scope": "$NETBIRD_AUTH_DEVICE_AUTH_SCOPE",
          "UseIDToken": $NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN,
          "RedirectURLs": null
         }
    },
    "PKCEAuthorizationFlow": {
        "ProviderConfig": {
            "Audience": "$NETBIRD_AUTH_PKCE_AUDIENCE",
            "ClientID": "$NETBIRD_AUTH_CLIENT_ID",
            "ClientSecret": "$NETBIRD_AUTH_CLIENT_SECRET",
            "Domain": "",
            "AuthorizationEndpoint": "$NETBIRD_AUTH_PKCE_AUTHORIZATION_ENDPOINT",
            "TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
            "Scope": "$NETBIRD_AUTH_SUPPORTED_SCOPES",
            "RedirectURLs": [$NETBIRD_AUTH_PKCE_REDIRECT_URLS],
            "UseIDToken": $NETBIRD_AUTH_PKCE_USE_ID_TOKEN
        }
    }
}