27 lines
960 B
Text
27 lines
960 B
Text
|
|
# {{ ansible_managed }}
|
||
|
|
server:
|
||
|
|
listenAddress: ":80"
|
||
|
|
exposedAddress: "https://{{ netbird_coordinator__domain }}:443"
|
||
|
|
stunPorts: [3478]
|
||
|
|
metricsPort: 9090
|
||
|
|
healthcheckAddress: ":9000"
|
||
|
|
logLevel: "info"
|
||
|
|
logFile: "console"
|
||
|
|
authSecret: "{{ vault.netbird.auth_secret }}"
|
||
|
|
dataDir: "/var/lib/netbird"
|
||
|
|
auth:
|
||
|
|
issuer: "https://{{ netbird_coordinator__domain }}/oauth2"
|
||
|
|
signKeyRefreshEnabled: true
|
||
|
|
dashboardRedirectURIs:
|
||
|
|
- "https://{{ netbird_coordinator__domain }}/nb-auth"
|
||
|
|
- "https://{{ netbird_coordinator__domain }}/nb-silent-auth"
|
||
|
|
cliRedirectURIs:
|
||
|
|
- "http://localhost:53000/"
|
||
|
|
reverseProxy:
|
||
|
|
# to_json (not a loop) so an empty override renders [] not YAML null —
|
||
|
|
# null would mean "trust no proxy" and silently break X-Forwarded-* from Caddy.
|
||
|
|
trustedHTTPProxies: {{ netbird_coordinator__trusted_proxies | to_json }}
|
||
|
|
store:
|
||
|
|
engine: "sqlite"
|
||
|
|
encryptionKey: "{{ vault.netbird.datastore_key }}"
|