blob: 3b07977323e60ff380ab4e28940c847323bdf418 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
#debug:
# pprof: false
# listen: :9001
#http:
# assets-path: "" # Example: "/etc/openvpn-auth-oauth2/assets/"
# baseurl: "http://localhost:9000/"
# cert: ""
# check:
# ipaddr: false
# enable-proxy-headers: true
# key: ""
# listen: ":9000"
# secret: ""
# template: "" # Path to a HTML file which is displayed at the end of the screen
# tls: false
#log:
# format: console
# level: INFO
# vpn-client-ip: true
#oauth2:
# authorize-params: "a=c"
# client:
# id: "test"
# secret: "test"
# endpoint:
# discovery: "https://idp/.well-known/openid-configuration"
# auth: "https://idp/oauth/auth"
# token: "https://idp/oauth/token"
# issuer: "https://idp"
# provider: "generic"
# scopes:
# - "openid"
# - "profile"
# validate:
# acr: []
# # - "phr"
# # - "phrh"
# common-name: ""
# common-name-case-sensitive: false
# groups: []
# # - "test"
# # - "test2"
# roles: []
# # - "test"
# # - "test2"
# ipaddr: false
# issuer: true
# nonce: true
# pkce: true
# refresh:
# enabled: false
# expires: 8h0m0s
# # secret: ""
# use-session-id: false
# validate-user: true
#openvpn:
# addr: "unix:///run/openvpn/server.sock" # This is overridden by /etc/sysconfig/openvpn-auth-oauth2
# auth-token-user: true
# auth-pending-timeout: 2m
# bypass:
# common-names:
# - "test"
# - "test2"
# common-name:
# environment-variable-name: common_name
# mode: plain
# password: ""
#pass-through:
# enabled: false
# address: "unix:///run/openvpn/pass-through.sock"
# password: ""
# socket-group: ""
# socket-mode: 660
|