-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfig.yaml
36 lines (34 loc) · 1.83 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
dns:
server:
addr: "ns1.rusty-leipzig.com:53" # Adress of the DNS server with port. (host:port or ip:port)
zone: "rusty-leipzig.com." # The zone to be managed (fqdn)
tsigKey: "tsig-key." # the key part of the TSIG for the zone
tsigSecret: "tsig-secret" # The secret part of the TSIG for the zone
client:
syncInterval: 1800
healthCheckInterval: 60
ipv4: "157.230.106.145" # the ipv4 for which "@" can be used as shorthand (default: 172.0.0.1)
ipv6: "::1" # the ipv6 for which "@" can be used as shorthand (default: ::1)
guards:
immutable: # Optional: make certain domains/subdomains immutable
- A/dnsify # IPV4 Records for `dnsify.[zone]`
- "*/ns1" # All record types for `ns1.[zone]`
- "*/ns2"
- "*/ns3"
- "*/@"
httpServer:
host: "localhost"
port: 8080
secureCookie: false
oauth2Client:
provider: "google" # Use a well-known provider (e.g., google, AWS Cognite etc) or specify 'authURL' and 'tokenURL' for custom or self-hosten IDP/IAM.
# authURL: "https://example.com/auth" # Auth endpoint for custom providers.
# tokenURL: "https://example.com/token" # Token endpoint for custom providers.
clientID: "CLIENT_ID" # Set your OAuth2 client ID.
clientSecret: "CLIENT_SECRET" # Set your OAuth2 client secret.
scopes: ["openid", "email"] # Defaults to ["openid"]. Include 'email' for domain-based access control.
redirectURL: "http://localhost:8080/oauth/callback" # Adjust the origin (domain and port) as per your app's deployment.
# tenant: "tenant_id" # Required for azuread provider.
# domain: "domain_name" # Required for awscognito provider.
# authorizedDomains: [ "my-company.com", "my-company.de"] # (optional) restrict access by white listing domains.
# loginText: "Continue with your awesome-org.com account" # defaults value: Sign in with {provider}