114 lines
2.7 KiB
Django/Jinja
114 lines
2.7 KiB
Django/Jinja
{
|
|
"database": {
|
|
"host": "{{var_mas_database_host}}",
|
|
"port": {{var_mas_database_port | string}},
|
|
"username": "{{var_mas_database_username}}",
|
|
"password": "{{var_mas_database_password}}",
|
|
"database": "{{var_mas_database_schema}}"
|
|
},
|
|
"http": {
|
|
"listeners": [
|
|
{
|
|
"name": "web",
|
|
"resources": [
|
|
{
|
|
"name": "discovery"
|
|
},
|
|
{
|
|
"name": "human"
|
|
},
|
|
{
|
|
"name": "oauth"
|
|
},
|
|
{
|
|
"name": "compat"
|
|
},
|
|
{
|
|
"name": "graphql"
|
|
},
|
|
{
|
|
"name": "assets"
|
|
}
|
|
],
|
|
"binds": [
|
|
{
|
|
"address": "[{{var_mas_server_address}}]:{{var_mas_server_port | string}}"
|
|
}
|
|
],
|
|
"proxy_protocol": false
|
|
},
|
|
{
|
|
"name": "internal",
|
|
"resources": [
|
|
{
|
|
"name": "health"
|
|
}
|
|
],
|
|
"binds": [
|
|
{
|
|
"host": "localhost",
|
|
"port": 8081
|
|
}
|
|
],
|
|
"proxy_protocol": false
|
|
}
|
|
],
|
|
"trusted_proxies": [
|
|
"192.168.0.0/16",
|
|
"172.16.0.0/12",
|
|
"10.0.0.0/10",
|
|
"127.0.0.1/8",
|
|
"fd00::/8",
|
|
"::1/128"
|
|
],
|
|
"public_base": "http://{{var_mas_server_address}}:{{var_mas_server_port | string}}/",
|
|
"issuer": "http://{{var_mas_server_address}}:{{var_mas_server_port | string}}/"
|
|
},
|
|
"matrix": {
|
|
"homeserver": "{{var_mas_matrix_server}}",
|
|
"secret": "{{var_mas_matrix_secret}}",
|
|
"endpoint": "{{var_mas_matrix_endpoint}}"
|
|
},
|
|
"secrets": {
|
|
"encryption": "{{var_mas_encryption_key}}",
|
|
"keys": [
|
|
{
|
|
"kid": "x1",
|
|
"key_file": "{{var_mas_directory}}/secrets/private_key.pem"
|
|
}
|
|
]
|
|
},
|
|
"passwords": {
|
|
"enabled": true,
|
|
"schemas": [
|
|
{
|
|
"version": 1,
|
|
"algorithm": "argon2id"
|
|
}
|
|
],
|
|
"minimum_complexity": 3
|
|
},
|
|
{% if var_mas_authentication_upstream_kind == 'none' %}
|
|
{% endif %}
|
|
{% if var_mas_authentication_upstream_kind == 'authelia' %}
|
|
"upstream_oauth2": {
|
|
"providers": [
|
|
{
|
|
"id": "{{var_mas_authentication_upstream_data_authelia_name}}",
|
|
"issuer": "{{var_mas_authentication_upstream_data_authelia_url_base}}",
|
|
"authorization_endpoint": "{{var_mas_authentication_upstream_data_authelia_url_base}}/api/oidc/authorization",
|
|
"token_endpoint": "{{var_mas_authentication_upstream_data_authelia_url_base}}/api/oidc/token",
|
|
"token_endpoint_auth_method": "{{var_mas_authentication_upstream_data_authelia_auth_method}}",
|
|
"scope": "{{var_mas_authentication_upstream_data_authelia_scope}}",
|
|
"client_id": "{{var_mas_authentication_upstream_data_authelia_client_id}}",
|
|
"client_secret": "{{var_mas_authentication_upstream_data_authelia_client_secret}}"
|
|
}
|
|
]
|
|
},
|
|
{% endif %}
|
|
"email": {
|
|
"from": "'\"Authentication Service\" <root@localhost>'",
|
|
"reply_to": "'\"Authentication Service\" <root@localhost>'",
|
|
"transport": "blackhole"
|
|
}
|
|
}
|