Files
rinoa-docker/ansible/app-configs/netbird_management.json.j2
T
Trez.One 6b37ad8ea4
Gitea Branch PR & Ansible Deployment / Check and Create PR (push) Failing after 3m6s
Gitea Branch PR & Ansible Deployment / Docker Compose & Ansible Lints (push) Has been skipped
Gitea Branch PR & Ansible Deployment / PR Merge (push) Failing after 9m4s
Gitea Branch PR & Ansible Deployment / Ansible Configs & Docker Compose Deployment (push) Has been skipped
Ansible DRY fixes for Vault lookups.
2025-05-20 09:06:49 -04:00

77 lines
2.1 KiB
Django/Jinja

{
"Stuns": [
{
"Proto": "udp",
"URI": "stun:netbird.{{ vault_secrets['MY_TLD'] }}:3478",
"Username": "",
"Password": null
}
],
"TURNConfig": {
"Turns": [
{
"Proto": "udp",
"URI": "turn:netbird.{{ vault_secrets['MY_TLD'] }}:3478",
"Username": "self",
"Password": "{{ vault_secrets['NETBIRD_TURN_PASSWORD'] }}"
}
],
"CredentialsTTL": "12h",
"Secret": "secret",
"TimeBasedCredentials": false
},
"Relay": {
"Addresses": [
"rel://netbird.{{ vault_secrets['MY_TLD'] }}:33080"
],
"CredentialsTTL": "24h",
"Secret": "{{ vault_secrets['NETBIRD_RELAY_AUTH_SECRET'] }}"
},
"Signal": {
"Proto": "https",
"URI": "netbird.{{ vault_secrets['MY_TLD'] }}:10001",
"Username": "",
"Password": null
},
"ReverseProxy": {
"TrustedHTTPProxies": [],
"TrustedHTTPProxiesCount": 0,
"TrustedPeers": [
"0.0.0.0/0"
]
},
"Datadir": "",
"DataStoreEncryptionKey": "",
"StoreConfig": {
"Engine": "sqlite"
},
"HttpConfig": {
"Address": "0.0.0.0:33073",
"AuthIssuer": "https://auth.{{ vault_secrets['MY_TLD'] }}",
"AuthAudience": "netbird",
"AuthKeysLocation": "https://auth.{{ vault_secrets['MY_TLD'] }}/jwks.json",
"AuthUserIDClaim": "",
"CertFile": "",
"CertKey": "",
"IdpSignKeyRefreshEnabled": true,
"OIDCConfigEndpoint": "https://auth.{{ vault_secrets['MY_TLD'] }}/.well-known/openid-configuration"
},
"IdpManagerConfig": {},
"DeviceAuthorizationFlow": {},
"PKCEAuthorizationFlow": {
"ProviderConfig": {
"Audience": "netbird",
"ClientID": "netbird",
"ClientSecret": "{{ vault_secrets['AUTHELIA_NETBIRD_CLIENT_SECRET'] }}",
"Domain": "",
"AuthorizationEndpoint": "https://auth.{{ vault_secrets['MY_TLD'] }}/api/oidc/authorization",
"TokenEndpoint": "https://auth.{{ vault_secrets['MY_TLD'] }}/api/oidc/token",
"Scope": "openid profile email offline_access api",
"RedirectURLs": [
"http://localhost:53000"
],
"UseIDToken": true
}
}
}