@4me/auth-server
Optional variables
PORT
Port the application the will run on
Example:
PORT=4000Default value:
3000
LOG_PRETTY
Enable/disable human readable logs. JSON logs will be produced otherwise.
Example:
LOG_PRETTY=1Default value:
process.env.NODE_ENV === 'development'
LOG_LEVEL
Change the log level. Possible values are fatal, error, warn, info, debug or trace.
Example:
LOG_LEVEL=traceDefault value:
process.env.NODE_ENV === 'development' ? 'debug' : 'info'
CONFIG
Location of the configuration file
Example:
CONFIG=/config/config.ymlDefault value:
/config.yml
Config file
- config.yml.example (YML):
ip_associations:
# The associations will be processed in order, until one matches
# If no block matches, a 403 error will be returned
- environment: LFEE
client_id: 1
ip_addresses:
# Ip addresses can be expressed using a glob matching pattern :
- '*127.0.0*'
# Or a CIDR notation
- '127.0.0.1/24'
# With IPv6 support
- '2001:db8:ac1d::/48'
- client_id: 2
# The configuration file supports environment variable interpolation with optional default value
evironment: ${FME_ENVIRONMENT-LFEE}
ip_addresses:
- '*127.0.0*'
###
### This block controls the condition under which unknown clients can be authenticated
### Like ip_associations, this list will be traversed in order, until an IP match is found.
### If no IP match can be found, defaults to reject authentication.
###
unknown_client_rules:
###
### Each rule must have an `effect` property.
### This property can either `allow` or `deny` value.
###
- effect: allow
###
### Each rule must have `match` property.
### This property expresses conditions which should be met for the rule to match
### a request.
###
match:
ip_addresses:
- '1.2.3.*'
###
### Each rule can have an optional `clients` property.
### This property can be used to narrow the selectable clients.
###
clients:
environments:
- 'LFEE'
# Example of rules and their effect
### Allow everyone to pick any client
# - match:
# ip_adresses:
# - '*'
# effect: allow
### Allow a subnet to pick any client in LFEE or LFFF environment
# - match:
# ip_adresses:
# - '1.2.3.4/24'
# clients:
# environments:
# - 'LFEE'
# - 'LFFF'
# effect: allow