boma/roles/netbird_coordinator/templates/config.yaml.j2

27 lines
960 B
Text
Raw Permalink Normal View History

# {{ ansible_managed }}
server:
listenAddress: ":80"
exposedAddress: "https://{{ netbird_coordinator__domain }}:443"
stunPorts: [3478]
metricsPort: 9090
healthcheckAddress: ":9000"
logLevel: "info"
logFile: "console"
authSecret: "{{ vault.netbird.auth_secret }}"
dataDir: "/var/lib/netbird"
auth:
issuer: "https://{{ netbird_coordinator__domain }}/oauth2"
signKeyRefreshEnabled: true
dashboardRedirectURIs:
- "https://{{ netbird_coordinator__domain }}/nb-auth"
- "https://{{ netbird_coordinator__domain }}/nb-silent-auth"
cliRedirectURIs:
- "http://localhost:53000/"
reverseProxy:
# to_json (not a loop) so an empty override renders [] not YAML null —
# null would mean "trust no proxy" and silently break X-Forwarded-* from Caddy.
trustedHTTPProxies: {{ netbird_coordinator__trusted_proxies | to_json }}
store:
engine: "sqlite"
encryptionKey: "{{ vault.netbird.datastore_key }}"