mirror of
https://github.com/netbirdio/netbird.git
synced 2025-01-22 22:08:39 +01:00
56896794b3
This PR aims to organize a little the files within `infrastructure_files` folder and adds some new ENV vars to the process. 1. It creates the `artifacts` folder within the `infrastructure_files` folder, the idea behind it is to split templates from artifacts created after running `./configure.sh`. It makes it easier to cp/rsync only `artifacts` content to the final server/destination. 2. Creates `NETBIRD_TURN_DOMAIN` and `TURN_DOMAIN` ENV vars. The idea behind it is to make it possible to split the management/signal server from TURN server. If `NETBIRD_TURN_DOMAIN` is not set, then, `TURN_DOMAIN` will be set as `NETBIRD_DOMAIN`. 3. Creates `*_TAG` ENVs for each component. The idea behind it is to give the users the choice to use `latest` tag as default or tie it to specific versions of each component in the stack.
89 lines
3.2 KiB
Cheetah
89 lines
3.2 KiB
Cheetah
{
|
|
"Stuns": [
|
|
{
|
|
"Proto": "udp",
|
|
"URI": "stun:$TURN_DOMAIN:3478",
|
|
"Username": "",
|
|
"Password": null
|
|
}
|
|
],
|
|
"TURNConfig": {
|
|
"Turns": [
|
|
{
|
|
"Proto": "udp",
|
|
"URI": "turn:$TURN_DOMAIN:3478",
|
|
"Username": "$TURN_USER",
|
|
"Password": "$TURN_PASSWORD"
|
|
}
|
|
],
|
|
"CredentialsTTL": "12h",
|
|
"Secret": "secret",
|
|
"TimeBasedCredentials": false
|
|
},
|
|
"Signal": {
|
|
"Proto": "$NETBIRD_SIGNAL_PROTOCOL",
|
|
"URI": "$NETBIRD_DOMAIN:$NETBIRD_SIGNAL_PORT",
|
|
"Username": "",
|
|
"Password": null
|
|
},
|
|
"Datadir": "",
|
|
"DataStoreEncryptionKey": "$NETBIRD_DATASTORE_ENC_KEY",
|
|
"StoreConfig": {
|
|
"Engine": "$NETBIRD_STORE_CONFIG_ENGINE"
|
|
},
|
|
"HttpConfig": {
|
|
"Address": "0.0.0.0:$NETBIRD_MGMT_API_PORT",
|
|
"AuthIssuer": "$NETBIRD_AUTH_AUTHORITY",
|
|
"AuthAudience": "$NETBIRD_AUTH_AUDIENCE",
|
|
"AuthKeysLocation": "$NETBIRD_AUTH_JWT_CERTS",
|
|
"AuthUserIDClaim": "$NETBIRD_AUTH_USER_ID_CLAIM",
|
|
"CertFile":"$NETBIRD_MGMT_API_CERT_FILE",
|
|
"CertKey":"$NETBIRD_MGMT_API_CERT_KEY_FILE",
|
|
"IdpSignKeyRefreshEnabled": $NETBIRD_MGMT_IDP_SIGNKEY_REFRESH,
|
|
"OIDCConfigEndpoint":"$NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT"
|
|
},
|
|
"IdpManagerConfig": {
|
|
"ManagerType": "$NETBIRD_MGMT_IDP",
|
|
"ClientConfig": {
|
|
"Issuer": "$NETBIRD_AUTH_AUTHORITY",
|
|
"TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
|
|
"ClientID": "$NETBIRD_IDP_MGMT_CLIENT_ID",
|
|
"ClientSecret": "$NETBIRD_IDP_MGMT_CLIENT_SECRET",
|
|
"GrantType": "client_credentials"
|
|
},
|
|
"ExtraConfig": $NETBIRD_IDP_MGMT_EXTRA_CONFIG,
|
|
"Auth0ClientCredentials": null,
|
|
"AzureClientCredentials": null,
|
|
"KeycloakClientCredentials": null,
|
|
"ZitadelClientCredentials": null
|
|
},
|
|
"DeviceAuthorizationFlow": {
|
|
"Provider": "$NETBIRD_AUTH_DEVICE_AUTH_PROVIDER",
|
|
"ProviderConfig": {
|
|
"Audience": "$NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE",
|
|
"AuthorizationEndpoint": "",
|
|
"Domain": "$NETBIRD_AUTH0_DOMAIN",
|
|
"ClientID": "$NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID",
|
|
"ClientSecret": "",
|
|
"TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
|
|
"DeviceAuthEndpoint": "$NETBIRD_AUTH_DEVICE_AUTH_ENDPOINT",
|
|
"Scope": "$NETBIRD_AUTH_DEVICE_AUTH_SCOPE",
|
|
"UseIDToken": $NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN,
|
|
"RedirectURLs": null
|
|
}
|
|
},
|
|
"PKCEAuthorizationFlow": {
|
|
"ProviderConfig": {
|
|
"Audience": "$NETBIRD_AUTH_PKCE_AUDIENCE",
|
|
"ClientID": "$NETBIRD_AUTH_CLIENT_ID",
|
|
"ClientSecret": "$NETBIRD_AUTH_CLIENT_SECRET",
|
|
"Domain": "",
|
|
"AuthorizationEndpoint": "$NETBIRD_AUTH_PKCE_AUTHORIZATION_ENDPOINT",
|
|
"TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
|
|
"Scope": "$NETBIRD_AUTH_SUPPORTED_SCOPES",
|
|
"RedirectURLs": [$NETBIRD_AUTH_PKCE_REDIRECT_URLS],
|
|
"UseIDToken": $NETBIRD_AUTH_PKCE_USE_ID_TOKEN
|
|
}
|
|
}
|
|
}
|