forked from mystiq/dex
391dc51c13
This PR reworks the web layout so static files can be provided and a "themes" directory to allow a certain degree of control over logos, styles, etc. This PR does NOT add general support for frontend customization, only enough to allow us to start exploring theming internally. The dex binary also must now be run from the root directory since templates are no longer "compiled into" the binary. The docker image has been updated with frontend assets.
72 lines
2.2 KiB
YAML
72 lines
2.2 KiB
YAML
# The base path of dex and the external name of the OpenID Connect service.
|
|
# This is the canonical URL that all clients MUST use to refer to dex. If a
|
|
# path is provided, dex's HTTP service will listen at a non-root URL.
|
|
issuer: http://127.0.0.1:5556/dex
|
|
|
|
# The storage configuration determines where dex stores its state. Supported
|
|
# options include SQL flavors and Kubernetes third party resources.
|
|
#
|
|
# See the storage document at Documentation/storage.md for further information.
|
|
storage:
|
|
type: sqlite3
|
|
config:
|
|
file: examples/dex.db
|
|
|
|
# Configuration for the HTTP endpoints.
|
|
web:
|
|
http: 0.0.0.0:5556
|
|
# Uncomment for HTTPS options.
|
|
# https: 127.0.0.1:5554
|
|
# tlsCert: /etc/dex/tls.crt
|
|
# tlsKey: /etc/dex/tls.key
|
|
|
|
# Uncomment this block to enable the gRPC API. This values MUST be different
|
|
# from the HTTP endpoints.
|
|
# grpc:
|
|
# addr: 127.0.0.1:5557
|
|
# tlsCert: /etc/dex/grpc.crt
|
|
# tlsKey: /etc/dex/grpc.key
|
|
# tlsClientCA: /etc/dex/client.crt
|
|
|
|
# Uncomment this block to enable configuration for the expiration time durations.
|
|
# expiry:
|
|
# signingKeys: "6h"
|
|
# idTokens: "24h"
|
|
|
|
# Instead of reading from an external storage, use this list of clients.
|
|
#
|
|
# If this option isn't choosen clients may be added through the gRPC API.
|
|
staticClients:
|
|
- id: example-app
|
|
redirectURIs:
|
|
- 'http://127.0.0.1:5555/callback'
|
|
name: 'Example App'
|
|
secret: ZXhhbXBsZS1hcHAtc2VjcmV0
|
|
|
|
connectors:
|
|
- type: mockCallback
|
|
id: mock
|
|
name: Example
|
|
# - type: oidc
|
|
# id: google
|
|
# name: Google
|
|
# config:
|
|
# issuer: https://accounts.google.com
|
|
# # Connector config values starting with a "$" will read from the environment.
|
|
# clientID: $GOOGLE_CLIENT_ID
|
|
# clientSecret: $GOOGLE_CLIENT_SECRET
|
|
# redirectURI: http://127.0.0.1:5556/dex/callback
|
|
|
|
# Let dex keep a list of passwords which can be used to login to dex.
|
|
enablePasswordDB: true
|
|
|
|
# A static list of passwords to login the end user. By identifying here, dex
|
|
# won't look in its underlying storage for passwords.
|
|
#
|
|
# If this option isn't choosen users may be added through the gRPC API.
|
|
staticPasswords:
|
|
- email: "admin@example.com"
|
|
# bcrypt hash of the string "password"
|
|
hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W"
|
|
username: "admin"
|
|
userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"
|