blob: f64fffac4b7665b41ce6aeadd0bd2da8de4bd5a5 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# NetBird Proxy configuration
# https://docs.netbird.io/manage/reverse-proxy
# Required: proxy access token
# Generate with: netbird-server token create --config /etc/netbird-server/config.yaml
NB_PROXY_TOKEN=
# Management server gRPC address
NB_PROXY_MANAGEMENT_ADDRESS=https://nb.archworks.co:443
# Public domain for this proxy (wildcard DNS *.nb.archworks.co must point here)
NB_PROXY_DOMAIN=nb.archworks.co
# Listening address (nginx SNI mux routes *.nb.archworks.co to this port)
NB_PROXY_ADDRESS=:8443
# ACME: proxy manages its own TLS cert via tls-alpn-01
NB_PROXY_ACME_CERTIFICATES=true
NB_PROXY_ACME_CHALLENGE_TYPE=tls-alpn-01
NB_PROXY_CERTIFICATE_DIRECTORY=/var/lib/netbird-proxy/certs
# PROXY protocol: nginx stream sends PROXY header so the proxy sees real client IPs
NB_PROXY_PROXY_PROTOCOL=true
NB_PROXY_TRUSTED_PROXIES=127.0.0.1/32
|