reset
This commit is contained in:
Nikita Bizyaev
11
config.yaml
11
config.yaml
@@ -1,6 +1,6 @@
|
|||||||
server:
|
server:
|
||||||
listenAddress: ":80"
|
listenAddress: ":80"
|
||||||
exposedAddress: "grpc://birdy.greact.online:50051"
|
exposedAddress: "https://birdy.greact.online" # домен, через который ходит UI и клиенты
|
||||||
stunPorts:
|
stunPorts:
|
||||||
- 3478
|
- 3478
|
||||||
logLevel: "info"
|
logLevel: "info"
|
||||||
@@ -8,7 +8,7 @@ server:
|
|||||||
authSecret: "0xO0NE2nsyAv3QWM6lYfYMKZ+TJ4BG4N93kpbCWYISg="
|
authSecret: "0xO0NE2nsyAv3QWM6lYfYMKZ+TJ4BG4N93kpbCWYISg="
|
||||||
dataDir: "/var/lib/netbird"
|
dataDir: "/var/lib/netbird"
|
||||||
|
|
||||||
auth: # ← вложено под server
|
auth:
|
||||||
issuer: "https://birdy.greact.online/oauth2"
|
issuer: "https://birdy.greact.online/oauth2"
|
||||||
localAuthDisabled: false
|
localAuthDisabled: false
|
||||||
signKeyRefreshEnabled: true
|
signKeyRefreshEnabled: true
|
||||||
@@ -18,10 +18,7 @@ server:
|
|||||||
cliRedirectURIs:
|
cliRedirectURIs:
|
||||||
- "http://localhost:53000/"
|
- "http://localhost:53000/"
|
||||||
|
|
||||||
reverseProxy:
|
store:
|
||||||
trustedHTTPProxies:
|
|
||||||
- "172.16.0.0/12" # Docker-подсеть (покрывает NPM-контейнер в сети proxy)
|
|
||||||
|
|
||||||
store: # ← вложено под server
|
|
||||||
engine: "sqlite"
|
engine: "sqlite"
|
||||||
encryptionKey: "0xO0NE2nsyAv3QWM6lYfYMKZ+TJ4BG4N93kpbCWYISg="
|
encryptionKey: "0xO0NE2nsyAv3QWM6lYfYMKZ+TJ4BG4N93kpbCWYISg="
|
||||||
|
|
||||||
@@ -1,14 +1,14 @@
|
|||||||
NETBIRD_MGMT_API_ENDPOINT=grpc://birdy.greact.online:50051
|
NETBIRD_MGMT_API_ENDPOINT=https://birdy.greact.online
|
||||||
NETBIRD_MGMT_GRPC_API_ENDPOINT=grpc://birdy.greact.online:50051
|
NETBIRD_MGMT_GRPC_API_ENDPOINT=https://birdy.greact.online
|
||||||
|
|
||||||
AUTH_AUDIENCE=netbird-dashboard
|
AUTH_AUDIENCE=netbird-dashboard
|
||||||
AUTH_CLIENT_ID=netbird-dashboard
|
AUTH_CLIENT_ID=netbird-dashboard
|
||||||
AUTH_CLIENT_SECRET=
|
AUTH_CLIENT_SECRET=0xO0NE2nsyAv3QWM6lYfYMKZ+TJ4BG4N93kpbCWYISg=
|
||||||
AUTH_AUTHORITY=https://birdy.greact.online/oauth2
|
AUTH_AUTHORITY=https://birdy.greact.online/oauth2
|
||||||
USE_AUTH0=false
|
USE_AUTH0=false
|
||||||
AUTH_SUPPORTED_SCOPES=openid profile email groups
|
AUTH_SUPPORTED_SCOPES=openid profile email groups
|
||||||
AUTH_REDIRECT_URI=/nb-auth
|
AUTH_REDIRECT_URI=/nb-auth
|
||||||
AUTH_SILENT_REDIRECT_URI=/nb-silent-auth
|
AUTH_SILENT_REDIRECT_URI=/nb-silent-auth
|
||||||
LETSENCRYPT_DOMAIN=none
|
LETSENCRYPT_DOMAIN=birdy.greact.online
|
||||||
LETSENCRYPT_EMAIL=example@local
|
LETSENCRYPT_EMAIL=cap7goo@gmail.com
|
||||||
NGINX_SSL_PORT=443
|
NGINX_SSL_PORT=443
|
||||||
|
|||||||
@@ -1,5 +1,3 @@
|
|||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
services:
|
||||||
netbird-server:
|
netbird-server:
|
||||||
build:
|
build:
|
||||||
@@ -7,10 +5,11 @@ services:
|
|||||||
dockerfile: Dockerfile.netbird-server
|
dockerfile: Dockerfile.netbird-server
|
||||||
container_name: netbird-server
|
container_name: netbird-server
|
||||||
expose:
|
expose:
|
||||||
- "80" # Management API + OAuth2 + Signal → внутрь proxy-сети
|
- "80" # Management API + OAuth2 + Signal -- внутрь proxy-сети
|
||||||
ports:
|
ports:
|
||||||
|
- "50051:80" # management gRPC
|
||||||
|
- "33080:33080" # relay (TCP)
|
||||||
- "3478:3478/udp" # STUN
|
- "3478:3478/udp" # STUN
|
||||||
- "50051:80" # публичный TCP‑порт для management
|
|
||||||
volumes:
|
volumes:
|
||||||
- netbird_data:/var/lib/netbird # именованный volume (не bind-mount)
|
- netbird_data:/var/lib/netbird # именованный volume (не bind-mount)
|
||||||
networks:
|
networks:
|
||||||
@@ -36,9 +35,6 @@ services:
|
|||||||
- NGINX_SSL_PORT=${NGINX_SSL_PORT}
|
- NGINX_SSL_PORT=${NGINX_SSL_PORT}
|
||||||
expose:
|
expose:
|
||||||
- "80"
|
- "80"
|
||||||
ports:
|
|
||||||
- "3478:3478/udp" # STUN, как было
|
|
||||||
- "8444:80" # ← новый публичный TCP‑порт для management (пример)
|
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user