-
-
Notifications
You must be signed in to change notification settings - Fork 20
/
rauthy.test.cfg
79 lines (59 loc) · 2.54 KB
/
rauthy.test.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#DATABASE_URL=postgresql://rauthy:123SuperSafe@localhost:5432/rauthy
#DATABASE_URL="sqlite::memory:"
#DATABASE_URL=sqlite:data/rauthy.db
# if 'true', the data store will be initialized with DEV values (default: false)
# !!! DO NOT USE IN PRODUCTION !!!
DEV_MODE=true
DATABASE_URL=postgresql://rauthy:123SuperSafe@localhost:5432/rauthy
AUTH_HEADERS_ENABLE=true
PASSWORD_RESET_COOKIE_BINDING=true
RAUTHY_ADMIN_EMAIL="[email protected]"
# Limits the maximum amount of parallel password hashes at the exact same time to never exceed system memory while
# still allowing a good amount of memory for the argon2id algorithm (default: 2)
# Caution: You must make sure, that you have at least (MAX_HASH_THREADS * ARGON2_M_COST / 1024) + idle memory
# of your deployment available.
MAX_HASH_THREADS=1
# Format: "key_id | enc_key ; anothey_key_id | another_enc_key" - the enc_key itself must be exactly 32 characters long
ENC_KEYS="
q6u26onRvXVG4427/M0NFQzhSSldCY01rckJNa1JYZ3g2NUFtSnNOVGdoU0E=
bVCyTsGaggVy5yqQ/UzluN29DZW41M3hTSkx6Y3NtZmRuQkR2TnJxUTYzcjQ=
"
ENC_KEY_ACTIVE=bVCyTsGaggVy5yqQ
ARGON2_M_COST=32768
ARGON2_T_COST=1
ARGON2_P_COST=2
# The server address to listen on. Can bind to a specific IP. (default: 0.0.0.0)
LISTEN_ADDRESS=0.0.0.0
# The listen ports for HTTP / HTTPS, depending on the activated 'LISTEN_SCHEME'
# default: 8080
LISTEN_PORT_HTTP=8081
# default: 8443
LISTEN_PORT_HTTPS=8444
# The scheme to use locally, valid values: http | https | http_https | unix_http | unix_https
# For more details about the UNIX domain socket, check out its documentation page.
# default: http_https
LISTEN_SCHEME=http
# The hostname used for host guard headers. If the HTTP 'Host' header does not match this, rauthy will reject
# all requests
PUB_URL=localhost:8081
# The scheme to use on the public endpoint, valid values: http | https (default: https)
PUB_SCHEME=http
# default value: number of available physical cores
HTTP_WORKERS=1
# Accepts: error, info, debug, trace
LOG_LEVEL=debug
# If 'true', MFA for an account must be enabled to access the rauthy admin UI (default: true)
ADMIN_FORCE_MFA=false
HQL_NODE_ID=1
HQL_NODES="
1 localhost:8100 localhost:8200
"
HQL_SECRET_RAFT=SuperSecureSecret1337
HQL_SECRET_API=SuperSecureSecret1337
HQL_LOG_STATEMENTS=true
HQL_PASSWORD_DASHBOARD="JGFyZ29uMmlkJHY9MTkkbT0xOTQ1Nix0PTIscD0xJGQ2RlJDYTBtaS9OUnkvL1RubmZNa0EkVzJMeTQrc1dxZ0FGd0RyQjBZKy9iWjBQUlZlOTdUMURwQkk5QUoxeW1wRQ=="
ENABLE_EPHEMERAL_CLIENTS=true
ENABLE_WEBID=true
ENABLE_SOLID_AUD=true
EPHEMERAL_CLIENTS_ALLOWED_FLOWS="authorization_code refresh_token"
ENABLE_DYN_CLIENT_REG=true