Re-add deployment as a regular directory

2024-08-22 20:56:17 -04:00
parent 8252e8664d
commit 300dbe9857
43 changed files with 2124 additions and 1 deletions
@@ -0,0 +1,31 @@
+# The best way to define each secret is to generate random strings with e.g.:
+#
+# openssl rand -base64 48 #this will generate a 48chars random string
+#
+# Please provide secret strings (do not share them) for:
+#
+# Secret used for JWT cryptography
+DEFGUARD_AUTH_SECRET=<YOUR_AUTH_SECRET>
+# Secret used for JWT cryptography in YubiBridge GRPC communication
+DEFGUARD_YUBIBRIDGE_SECRET=<DEFGUARD_YUBIBRIDGE_SECRET>
+# Secret used for JWT cryptography in gateway GRPC communication
+DEFGUARD_GATEWAY_SECRET=<DEFGUARD_GATEWAY_SECRET>
+# Secret used for private cookies cryptography; must be at least 64 characters long
+DEFGUARD_SECRET_KEY=<DEFGUARD_SECRET_KEY>
+# Database password
+DEFGUARD_DB_PASSWORD=<YOUR_DB_PASSWORD>
+# Public URL of your Defguard instance
+# E.g.: https://defguard.mycompany.com
+DEFGUARD_URL=<YOUR_DEFGUARD_URL>
+# Webauthn RP ID (https://w3c.github.io/webauthn/#rp-id)
+# E.g.: defguard.mycompany.com (without http/https)
+DEFGUARD_WEBAUTHN_RP_ID=<YOUR_DEFGUARD_WEBAUTHN_RP_ID>
+# Public URL of your defguard proxy gRPC server
+# DEFGUARD_PROXY_URL=<YOUR_PROXY_GRPC_URL>
+# Public URL of your enrollment service
+# E.g.: https://enrollment.mycompany.com
+# DEFGUARD_ENROLLMENT_URL=<YOUR_PROXY_URL>  # [ENROLLMENT]
+# Token used for VPN gateway authorization
+# DEFGUARD_TOKEN=<GATEWAY_TOKEN>  # [VPN]
+# Enable insecure cookies when not using HTTPS
+# DEFGUARD_COOKIE_INSECURE=true  # [HTTP]