Files
rinoa-docker/ansible/app-configs/netbird/management.json.j2
T
Trez.One add421bb81
Gitea Branch PR & Ansible Deployment / Check and Create PR (push) Successful in 6m4s
Gitea Branch PR & Ansible Deployment / Ansible Lint (push) Failing after 15m39s
Gitea Branch PR & Ansible Deployment / PR Merge (push) Successful in 7m16s
Gitea Branch PR & Ansible Deployment / Ansible Config Deployment (push) Successful in 14m40s
Adding Jinja macro for Vault lookup.
2025-06-13 21:52:09 -04:00

78 lines
2.3 KiB
Django/Jinja

{% import '../macros/rinoa-macros.j2' as vault %}
{
"Stuns": [
{
"Proto": "udp",
"URI": "stun:netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:3478",
"Username": "",
"Password": null
}
],
"TURNConfig": {
"Turns": [
{
"Proto": "udp",
"URI": "turn:netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:3478",
"Username": "self",
"Password": "{{ vault.vault_secret('env', 'NETBIRD_TURN_PASSWORD') }}"
}
],
"CredentialsTTL": "12h",
"Secret": "secret",
"TimeBasedCredentials": false
},
"Relay": {
"Addresses": [
"rel://netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:33080"
],
"CredentialsTTL": "24h",
"Secret": "{{ vault.vault_secret('env', 'NETBIRD_RELAY_AUTH_SECRET') }}"
},
"Signal": {
"Proto": "https",
"URI": "netbird.{{ vault.vault_secret('env', 'MY_TLD') }}:10001",
"Username": "",
"Password": null
},
"ReverseProxy": {
"TrustedHTTPProxies": [],
"TrustedHTTPProxiesCount": 0,
"TrustedPeers": [
"0.0.0.0/0"
]
},
"Datadir": "",
"DataStoreEncryptionKey": "",
"StoreConfig": {
"Engine": "sqlite"
},
"HttpConfig": {
"Address": "0.0.0.0:33073",
"AuthIssuer": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}",
"AuthAudience": "netbird",
"AuthKeysLocation": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/jwks.json",
"AuthUserIDClaim": "",
"CertFile": "",
"CertKey": "",
"IdpSignKeyRefreshEnabled": true,
"OIDCConfigEndpoint": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/.well-known/openid-configuration"
},
"IdpManagerConfig": {},
"DeviceAuthorizationFlow": {},
"PKCEAuthorizationFlow": {
"ProviderConfig": {
"Audience": "netbird",
"ClientID": "netbird",
"ClientSecret": "{{ vault.vault_secret('env', 'AUTHELIA_NETBIRD_CLIENT_SECRET') }}",
"Domain": "",
"AuthorizationEndpoint": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/api/oidc/authorization",
"TokenEndpoint": "https://auth.{{ vault.vault_secret('env', 'MY_TLD') }}/api/oidc/token",
"Scope": "openid profile email offline_access api",
"RedirectURLs": [
"http://localhost:53000"
],
"UseIDToken": true
}
}
}