document the configuration files (#176)

This commit is contained in:
Michael Quigley 2023-01-24 14:12:54 -05:00
parent 31a57a1d32
commit ebfea01f84
No known key found for this signature in database
GPG Key ID: 9B60314A9DD20A62
2 changed files with 86 additions and 22 deletions

View File

@ -3,38 +3,98 @@
# / /| | | (_) | <
# /___|_| \___/|_|\_\
# controller configuration
#
v: 1
# The `v` field determines the configuration version. When software is released that changes the structure of the
# configuration, the software will expect this field to be incremented. This protects you against invalid configuration
# versions.
#
v: 2
# The `admin/secrets` array contains a list of strings that represent valid `ZROK_ADMIN_TOKEN` values to be used for
# administration of the `zrok` controller.
#
# Change this for your installation.
#
admin:
secrets:
- 77623cad-1847-4d6d-8ffe-37defc33c909
# The `endpoint` section determines where the HTTP listener that serves the API and web console will be bound.
#
endpoint:
host: 0.0.0.0
port: 18080
# Outbound email configuration.
#
email:
host: smtp.server.com
port: 587
username: ""
password: ""
from: ziggy@zrok.io
registration:
email_from: ziggy@server.com
registration_url_template: https://zrok.server.com/register
store:
path: "host=127.0.0.1 user=zrok password=zrok dbname=zrok"
type: "postgres"
ziti:
api_endpoint: "https://127.0.0.1:1280"
username: admin
password: "admin"
metrics:
service_name: metrics
# InfluxDB configuration. InfluxDB is used to support sparkline displays in the web console.
#
influx:
url: "http://127.0.0.1:8086"
url: http://127.0.0.1:8086
bucket: zrok
org: zrok
token: ""
# Instance-wide limits for per-user limits. `-1` represents unlimited. Each user can have the `limitless` flag set on
# their record in the `accounts` table in the database, to allow the user to ignore the instance-wide limits.
#
limits:
environments: -1
shares: -1
# Background maintenance job configuration. The `registration` job purges registration requests created through the
# `zrok invite` tool. The `reset_password` job purges password reset requests.
#
maintenance:
registration:
expiration_timeout: 24h
check_frequency: 1h
batch_limit: 500
reset_password:
expiration_timeout: 15m
check_frequency: 15m
batch_limit: 500
# The name of the service used to report metrics from the frontends (`zrok access public`) to the zrok controller
# fleet.
#
metrics:
service_name: metrics
# Configure the generated URL for the registration email. The registration token will be appended to this URL.
#
registration:
registration_url_template: https://zrok.server.com/register
token_strategy: store
# Configure the generated URL for password resets. The reset token will be appended to this URL.
#
reset_password:
reset_url_template: https://zrok.server.com/resetPassword
# Configure the controller database. Supports either PostgreSQL or sqlite3.
#
# sqlite3 only supports a single controller instance. To run multiple controllers, you must use PostgreSQL.
#
#store:
# path: "host=127.0.0.1 user=zrok password=zrok dbname=zrok"
# type: "postgres"
#
store:
path: zrok.db
type: sqlite3
# Ziti configuration.
#
ziti:
api_endpoint: https://127.0.0.1:1280
username: admin
password: admin

View File

@ -1 +1,5 @@
# Setting the `host_match` setting will cause a `zrok access public` to ignore `Host` headers that do not contain the
# configured string. This will allow you to let a load balancer access the frontend by IP address for health check
# purposes, and will allow `Host` headers that match the configured DNS name to be routed through `zrok`.
#
host_match: zrok.io