document the configuration files (#176)

2025-06-24 03:31:57 +02:00 · 2023-01-24 14:12:54 -05:00 · 2023-01-24 14:12:54 -05:00 · ebfea01f84
commit ebfea01f84
parent 31a57a1d32
2 changed files with 86 additions and 22 deletions
--- a/etc/ctrl.yml
+++ b/etc/ctrl.yml
@ -3,38 +3,98 @@
 #    / /| | | (_) |   <
 #   /___|_|  \___/|_|\_\
 # controller configuration
 #
-v:                  1
+# The `v` field determines the configuration version. When software is released that changes the structure of the
 # configuration, the software will expect this field to be incremented. This protects you against invalid configuration
 # versions.
 #
 v:                                2
 # The `admin/secrets` array contains a list of strings that represent valid `ZROK_ADMIN_TOKEN` values to be used for
 # administration of the `zrok` controller.
 #
 # Change this for your installation.
 #
 admin:
  secrets:
    -                             77623cad-1847-4d6d-8ffe-37defc33c909
 # The `endpoint` section determines where the HTTP listener that serves the API and web console will be bound.
 #
 endpoint:
-  host:             0.0.0.0
+  host:                           0.0.0.0
-  port:             18080
+  port:                           18080
 # Outbound email configuration.
 #
 email:
-  host:             smtp.server.com
+  host:                           smtp.server.com
-  port:             587
+  port:                           587
-  username:         ""
+  username:                       ""
-  password:         ""
+  password:                       ""
  from:                           ziggy@zrok.io
-registration:
+# InfluxDB configuration. InfluxDB is used to support sparkline displays in the web console.
-  email_from:       ziggy@server.com
+#
-  registration_url_template: https://zrok.server.com/register
+influx:
  url:                            http://127.0.0.1:8086
  bucket:                         zrok
  org:                            zrok
  token:                          ""
-store:
+# Instance-wide limits for per-user limits. `-1` represents unlimited. Each user can have the `limitless` flag set on
-  path:             "host=127.0.0.1 user=zrok password=zrok dbname=zrok"
+# their record in the `accounts` table in the database, to allow the user to ignore the instance-wide limits.
-  type:             "postgres"
+#
 limits:
  environments:                   -1
  shares:                         -1
-ziti:
+# Background maintenance job configuration. The `registration` job purges registration requests created through the
-  api_endpoint:     "https://127.0.0.1:1280"
+# `zrok invite` tool. The `reset_password` job purges password reset requests.
-  username:         admin
+#
-  password:         "admin"
+maintenance:
  registration:
    expiration_timeout:           24h
    check_frequency:              1h
    batch_limit:                  500
  reset_password:
    expiration_timeout:           15m
    check_frequency:              15m
    batch_limit:                  500
 # The name of the service used to report metrics from the frontends (`zrok access public`) to the zrok controller
 # fleet.
 #
 metrics:
  service_name:     metrics
-influx:
+# Configure the generated URL for the registration email. The registration token will be appended to this URL.
-  url:              "http://127.0.0.1:8086"
+#
-  bucket:           zrok
+registration:
-  org:              zrok
+  registration_url_template:      https://zrok.server.com/register
-  token:            ""
+  token_strategy:                 store
 # Configure the generated URL for password resets. The reset token will be appended to this URL.
 #
 reset_password:
  reset_url_template:             https://zrok.server.com/resetPassword
 # Configure the controller database. Supports either PostgreSQL or sqlite3.
 #
 # sqlite3 only supports a single controller instance. To run multiple controllers, you must use PostgreSQL.
 #
 #store:
 #  path:                           "host=127.0.0.1 user=zrok password=zrok dbname=zrok"
 #  type:                           "postgres"
 #
 store:
  path:                           zrok.db
  type:                           sqlite3
 # Ziti configuration.
 #
 ziti:
  api_endpoint:                   https://127.0.0.1:1280
  username:                       admin
  password:                       admin
--- a/etc/http-frontend.yml
+++ b/etc/http-frontend.yml
@ -1 +1,5 @@
 # Setting the `host_match` setting will cause a `zrok access public` to ignore `Host` headers that do not contain the
 # configured string. This will allow you to let a load balancer access the frontend by IP address for health check
 # purposes, and will allow `Host` headers that match the configured DNS name to be routed through `zrok`.
 #
 host_match: zrok.io