forked from mystiq/dex
Merge pull request #1957 from dexidp/config
Add new configuration examples
This commit is contained in:
commit
31f26735ff
4 changed files with 172 additions and 0 deletions
|
@ -16,3 +16,6 @@ indent_size = 2
|
|||
|
||||
[{Makefile,*.mk}]
|
||||
indent_style = tab
|
||||
|
||||
[{config.yaml.dist,config.dev.yaml}]
|
||||
indent_size = 2
|
||||
|
|
35
config.dev.yaml
Normal file
35
config.dev.yaml
Normal file
|
@ -0,0 +1,35 @@
|
|||
issuer: http://127.0.0.1:5556/dex
|
||||
|
||||
storage:
|
||||
type: sqlite3
|
||||
config:
|
||||
file: var/sqlite/dex.db
|
||||
|
||||
web:
|
||||
http: 127.0.0.1:5556
|
||||
|
||||
telemetry:
|
||||
http: 127.0.0.1:5558
|
||||
|
||||
grpc:
|
||||
addr: 127.0.0.1:5557
|
||||
|
||||
staticClients:
|
||||
- id: example-app
|
||||
redirectURIs:
|
||||
- 'http://127.0.0.1:5555/callback'
|
||||
name: 'Example App'
|
||||
secret: ZXhhbXBsZS1hcHAtc2VjcmV0
|
||||
|
||||
connectors:
|
||||
- type: mockCallback
|
||||
id: mock
|
||||
name: Example
|
||||
|
||||
enablePasswordDB: true
|
||||
|
||||
staticPasswords:
|
||||
- email: "admin@example.com"
|
||||
hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W"
|
||||
username: "admin"
|
||||
userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"
|
131
config.yaml.dist
Normal file
131
config.yaml.dist
Normal file
|
@ -0,0 +1,131 @@
|
|||
# The base path of Dex and the external name of the OpenID Connect service.
|
||||
# This is the canonical URL that all clients MUST use to refer to Dex. If a
|
||||
# path is provided, Dex's HTTP service will listen at a non-root URL.
|
||||
issuer: http://127.0.0.1:5556/dex
|
||||
|
||||
# The storage configuration determines where Dex stores its state.
|
||||
# Supported options include:
|
||||
# - SQL flavors
|
||||
# - key-value stores (eg. etcd)
|
||||
# - Kubernetes Custom Resources
|
||||
#
|
||||
# See the documentation (https://dexidp.io/docs/storage/) for further information.
|
||||
storage:
|
||||
type: memory
|
||||
|
||||
# type: sqlite3
|
||||
# config:
|
||||
# file: /var/dex/dex.db
|
||||
|
||||
# type: mysql
|
||||
# config:
|
||||
# host: 127.0.0.1
|
||||
# port: 3306
|
||||
# database: dex
|
||||
# user: mysql
|
||||
# password: mysql
|
||||
# ssl:
|
||||
# mode: "false"
|
||||
|
||||
# type: postgres
|
||||
# config:
|
||||
# host: 127.0.0.1
|
||||
# port: 5432
|
||||
# database: dex
|
||||
# user: postgres
|
||||
# password: postgres
|
||||
# ssl:
|
||||
# mode: disable
|
||||
|
||||
# type: etcd
|
||||
# config:
|
||||
# endpoints:
|
||||
# - http://127.0.0.1:2379
|
||||
# namespace: dex/
|
||||
|
||||
# type: kubernetes
|
||||
# config:
|
||||
# kubeConfigFile: $HOME/.kube/config
|
||||
|
||||
# HTTP service configuration
|
||||
web:
|
||||
http: 127.0.0.1:5556
|
||||
|
||||
# Uncomment to enable HTTPS endpoint.
|
||||
# https: 127.0.0.1:5554
|
||||
# tlsCert: /etc/dex/tls.crt
|
||||
# tlsKey: /etc/dex/tls.key
|
||||
|
||||
# Dex UI configuration
|
||||
# frontend:
|
||||
# issuer: dex
|
||||
# logoURL: theme/logo.png
|
||||
# dir: web/
|
||||
# theme: light
|
||||
|
||||
# Telemetry configuration
|
||||
# telemetry:
|
||||
# http: 127.0.0.1:5558
|
||||
|
||||
# logger:
|
||||
# level: "debug"
|
||||
# format: "text" # can also be "json"
|
||||
|
||||
# gRPC API configuration
|
||||
# Uncomment this block to enable the gRPC API.
|
||||
# See the documentation (https://dexidp.io/docs/api/) for further information.
|
||||
# grpc:
|
||||
# addr: 127.0.0.1:5557
|
||||
# tlsCert: examples/grpc-client/server.crt
|
||||
# tlsKey: examples/grpc-client/server.key
|
||||
# tlsClientCA: examples/grpc-client/ca.crt
|
||||
|
||||
# Expiration configuration for tokens, signing keys, etc.
|
||||
# expiry:
|
||||
# deviceRequests: "5m"
|
||||
# signingKeys: "6h"
|
||||
# idTokens: "24h"
|
||||
|
||||
# OAuth2 configuration
|
||||
# oauth2:
|
||||
# # use ["code", "token", "id_token"] to enable implicit flow for web-only clients
|
||||
# responseTypes: [ "code" ] # also allowed are "token" and "id_token"
|
||||
#
|
||||
# # By default, Dex will ask for approval to share data with application
|
||||
# # (approval for sharing data from connected IdP to Dex is separate process on IdP)
|
||||
# skipApprovalScreen: false
|
||||
#
|
||||
# # If only one authentication method is enabled, the default behavior is to
|
||||
# # go directly to it. For connected IdPs, this redirects the browser away
|
||||
# # from application to upstream provider such as the Google login page
|
||||
# alwaysShowLoginScreen: false
|
||||
#
|
||||
# # Uncomment to use a specific connector for password grants
|
||||
# passwordConnector: local
|
||||
|
||||
# Static clients registered in Dex by default.
|
||||
#
|
||||
# Alternatively, clients may be added through the gRPC API.
|
||||
# staticClients:
|
||||
# - id: example-app
|
||||
# redirectURIs:
|
||||
# - 'http://127.0.0.1:5555/callback'
|
||||
# name: 'Example App'
|
||||
# secret: ZXhhbXBsZS1hcHAtc2VjcmV0
|
||||
|
||||
# Connectors are used to authenticate users agains upstream identity providers.
|
||||
#
|
||||
# See the documentation (https://dexidp.io/docs/connectors/) for further information.
|
||||
# connectors: []
|
||||
|
||||
# Enable the password database.
|
||||
#
|
||||
# It's a "virtual" connector (identity provider) that stores
|
||||
# login credentials in Dex's store.
|
||||
enablePasswordDB: true
|
||||
|
||||
# If this option isn't chosen users may be added through the gRPC API.
|
||||
# A static list of passwords for the password connector.
|
||||
#
|
||||
# Alternatively, passwords my be added/updated through the gRPC API.
|
||||
# staticPasswords: []
|
|
@ -1,3 +1,6 @@
|
|||
# DEPRECATED: use config.yaml.dist and config.dev.yaml examples in the repository root.
|
||||
# TODO: keep this until all references are updated.
|
||||
|
||||
# The base path of dex and the external name of the OpenID Connect service.
|
||||
# This is the canonical URL that all clients MUST use to refer to dex. If a
|
||||
# path is provided, dex's HTTP service will listen at a non-root URL.
|
||||
|
|
Loading…
Reference in a new issue