aboutsummaryrefslogtreecommitdiff
path: root/example-server.conf
diff options
context:
space:
mode:
Diffstat (limited to 'example-server.conf')
-rw-r--r--example-server.conf8
1 files changed, 7 insertions, 1 deletions
diff --git a/example-server.conf b/example-server.conf
index fcb6558..9a20c9d 100644
--- a/example-server.conf
+++ b/example-server.conf
@@ -32,10 +32,16 @@ ssh {
permissions = ["permit-pty", "permit-X11-forwarding", "permit-agent-forwarding", "permit-port-forwarding", "permit-user-rc"] # Permissions associated with a certificate
}
-# Optional AWS config. if an aws config is present, the signing key can be read from S3 using the syntax `/s3/bucket/path/to/signing.key`.
+# Optional AWS config. if an aws config is present, then files (e.g. signing key or tls cert) can be read from S3 using the syntax `/s3/bucket/path/to/signing.key`.
# These can also be set configured using the standard aws-sdk environment variables, IAM roles etc. https://github.com/aws/aws-sdk-go/wiki/configuring-sdk
aws {
region = "eu-west-1"
access_key = "abcdef"
secret_key = "xyz123"
}
+
+# Optional Vault config. If a vault config is present then files (e.g. signing key or tls cert) can be read from a vault server using the syntax `/vault/secret/service/key_name`.
+vault {
+ address = "https://127.0.0.1:8200"
+ token = "83f01274-c6f0-4dae-aab9-13a6fc62772e"
+}