forked from sebadob/rauthy
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathvault.toml
More file actions
59 lines (51 loc) · 1.26 KB
/
vault.toml
File metadata and controls
59 lines (51 loc) · 1.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
[vault]
# The full address to your vault including scheme and port
#
# default: <empty>
# overwritten by: VAULT_ADDR
addr = ''
# The token that rauthy uses to access the secret
#
# default: <empty>
# overwritten by: VAULT_TOKEN
token = ''
# Secret engine mount point
#
# default: <empty>
# overwritten by: VAULT_MOUNT
mount = ''
# Path within the mount point containing the secret
#
# default: <empty>
# overwritten by: VAULT_PATH
path = ''
# The key (name) of the secret
#
# default: <empty>
# overwritten by: VAULT_CONFIG_KEY
config_key = ''
# KV Version that the secret engine uses.
# Valid values are '1' or '2'.
#
# default: '2'
# overwritten by: VAULT_KV_VERSION
kv_version = ''
# You can provide a root certificate bundle, if you
# are running servers / clients Rauthy needs to connect
# to with self-signed certificates.
# The certificates need to be in PEM format.
#
# overwritten by: HTTP_CUST_ROOT_CA_BUNDLE
#root_ca_bundle = """
#-----BEGIN CERTIFICATE-----
#...
#-----END CERTIFICATE-----
#"""
# If you are testing locally with insecure connections,
# you can set the following var to make it work.
#
# Note: This must be an ENV var and cannot be
# given as a normal TOML value. It only exists here
# for completeness / documentation.
#
#DANGER_VAULT_INSECURE=true