36 lines
1.8 KiB
Bash
36 lines
1.8 KiB
Bash
# The best way to define each secret is to generate random strings with e.g.:
|
|
#
|
|
# openssl rand -base64 48 #this will generate a 48chars random string
|
|
#
|
|
# Please provide secret strings (do not share them) for:
|
|
#
|
|
# Secret used for JWT cryptography
|
|
DEFGUARD_AUTH_SECRET=NcbMI1ahJHi3UR4PGdaZchvLlcr0lvo9xMRuqikDlqIqlGaD02L7mUT6NdAQ4Mx1
|
|
# Secret used for JWT cryptography in YubiBridge GRPC communication
|
|
DEFGUARD_YUBIBRIDGE_SECRET=NokI3c35i6HZSfNKq1WCluA7yTQyvOla2Tr4MG56N58dGmwwSuLvFmiHwoEeYJUr
|
|
# Secret used for JWT cryptography in gateway GRPC communication
|
|
DEFGUARD_GATEWAY_SECRET=kDTUdh8Y3LEpa8NHNoter3RQGyr7bnwDptr1uhJvsG2ZXm64T7XobalQdizwlDXJ
|
|
# Secret used for private cookies cryptography; must be at least 64 characters long
|
|
DEFGUARD_SECRET_KEY=XHkQ0463B5xtQNmUA915Ueaqyr7Hg4r07LusdGxrtyXICbF6NE7No8qIsuDnAzFc
|
|
# Database password
|
|
DEFGUARD_DB_PASSWORD=2USAuHjZw14G7PcA
|
|
# Public URL of your Defguard instance
|
|
# E.g.: https://defguard.mycompany.com
|
|
DEFGUARD_URL=https://defguard.zacksolutions.dev
|
|
# Webauthn RP ID (https://w3c.github.io/webauthn/#rp-id)
|
|
# E.g.: defguard.mycompany.com (without http/https)
|
|
DEFGUARD_WEBAUTHN_RP_ID=defguard.zacksolutions.dev
|
|
# Public URL of your defguard proxy gRPC server
|
|
# DEFGUARD_PROXY_URL=<YOUR_PROXY_GRPC_URL>
|
|
# Public URL of your enrollment service
|
|
# E.g.: https://enrollment.mycompany.com
|
|
DEFGUARD_ENROLLMENT_URL=https://enrollement.zacksolutions.dev
|
|
# Token used for VPN gateway authorization
|
|
DEFGUARD_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJEZWZHdWFyZCIsInN1YiI6IkRFRkdVQVJELU5FVFdPUkstMSIsImNsaWVudF9pZCI6IjEiLCJleHAiOjYwMTg3NDAyNjQsIm5iZiI6MTcyMzc3Mjk2OX0.wL0UYiIECDooNVB9sYaioOnwsUS7__A0pNSpNiDqIv0
|
|
# Enable insecure cookies when not using HTTPS
|
|
DEFGUARD_COOKIE_INSECURE=true # [HTTP]
|
|
CORE_IMAGE_TAG=latest
|
|
PROXY_IMAGE_TAG=latest
|
|
GATEWAY_IMAGE_TAG=latest
|
|
DEFGUARD_DEFAULT_ADMIN_PASSWORD=DrxLEJShMFCNKsB3
|