diff options
author | Niall Sheridan <nsheridan@gmail.com> | 2016-05-29 14:46:06 +0100 |
---|---|---|
committer | Niall Sheridan <nsheridan@gmail.com> | 2016-05-29 14:46:06 +0100 |
commit | 1a16ff15b87a10b2e7359ba53104ed4bd9fef9e8 (patch) | |
tree | 1f6ea2155189713110bf05dc62af4a560152917c /example-server.conf | |
parent | 2d76d6028d75dda1d239d228d47679b5b35ee1e1 (diff) | |
parent | 46ec48845704b54d395727441edc049b009da774 (diff) |
Merge pull request #10 from nsheridan/hcl
Switch from json to hcl configs
Diffstat (limited to 'example-server.conf')
-rw-r--r-- | example-server.conf | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/example-server.conf b/example-server.conf new file mode 100644 index 0000000..94c6b69 --- /dev/null +++ b/example-server.conf @@ -0,0 +1,24 @@ +server { + use_tls = true # Optional. If this is set then `tls_key` and `tls_cert` must be set + tls_key = "server.key" # Path to TLS key + tls_cert = "server.crt" # Path to TLS certificate + port = 443 # Port to listen on + cookie_secret = "supersecret" # Authentication key for the client cookie +} + +auth { + provider = "google" # Oauth provider to use + oauth_client_id = "nnnnnnnnnnnnnnnn.apps.googleusercontent.com" # Oauth client ID + oauth_client_secret = "yyyyyyyyyyyyyyyyyyyyyy" # Oauth client secret + oauth_callback_url = "https://sshca.example.com/auth/callback" # Oauth callback url + provider_opts { + domain = "example.com" # Oauth-provider specific options + } +} + +ssh { + signing_key = "signing_key" # Path to the CA signing secret key + additional_principals = ["ec2-user", "ubuntu"] # Additional principals to allow + max_age = "720h" # Maximum lifetime of a ssh certificate + permissions = ["permit-pty", "permit-X11-forwarding", "permit-agent-forwarding", "permit-port-forwarding", "permit-user-rc"] # Permissions associated with a certificate. +} |