mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-14 03:54:21 +00:00
8830896199
* feat: separate setup from startup * health * move setup config * add env vars to caos_local.sh * fix domain and set devMode explicit
134 lines
3.9 KiB
YAML
134 lines
3.9 KiB
YAML
SystemDefaults:
|
|
DefaultLanguage: 'de'
|
|
Domain: $ZITADEL_DEFAULT_DOMAIN
|
|
ZitadelDocs:
|
|
Issuer: $ZITADEL_ISSUER
|
|
DiscoveryEndpoint: '$ZITADEL_ISSUER/.well-known/openid-configuration'
|
|
UserVerificationKey:
|
|
EncryptionKeyID: $ZITADEL_USER_VERIFICATION_KEY
|
|
SecretGenerators:
|
|
PasswordSaltCost: 14
|
|
ClientSecretGenerator:
|
|
Length: 64
|
|
IncludeLowerLetters: true
|
|
IncludeUpperLetters: true
|
|
IncludeDigits: true
|
|
IncludeSymbols: true
|
|
InitializeUserCode:
|
|
Length: 6
|
|
Expiry: '72h'
|
|
IncludeLowerLetters: false
|
|
IncludeUpperLetters: true
|
|
IncludeDigits: true
|
|
IncludeSymbols: false
|
|
EmailVerificationCode:
|
|
Length: 6
|
|
Expiry: '1h'
|
|
IncludeLowerLetters: false
|
|
IncludeUpperLetters: true
|
|
IncludeDigits: true
|
|
IncludeSymbols: false
|
|
PhoneVerificationCode:
|
|
Length: 6
|
|
Expiry: '1h'
|
|
IncludeLowerLetters: false
|
|
IncludeUpperLetters: true
|
|
IncludeDigits: true
|
|
IncludeSymbols: false
|
|
PasswordVerificationCode:
|
|
Length: 6
|
|
Expiry: '1h'
|
|
IncludeLowerLetters: false
|
|
IncludeUpperLetters: true
|
|
IncludeDigits: true
|
|
IncludeSymbols: false
|
|
Multifactors:
|
|
OTP:
|
|
Issuer: 'Zitadel'
|
|
VerificationKey:
|
|
EncryptionKeyID: $ZITADEL_OTP_VERIFICATION_KEY
|
|
VerificationLifetimes:
|
|
PasswordCheck: 240h #10d
|
|
MfaInitSkip: 720h #30d
|
|
MfaSoftwareCheck: 18h
|
|
MfaHardwareCheck: 12h
|
|
DefaultPolicies:
|
|
Age:
|
|
Description: Standard age policy
|
|
MaxAgeDays: 365
|
|
ExpireWarnDays: 10
|
|
Complexity:
|
|
Description: Standard complexity policy
|
|
MinLength: 8
|
|
HasLowercase: true
|
|
HasUppercase: false
|
|
HasNumber: true
|
|
HasSymbol: true
|
|
Lockout:
|
|
Description: Standard lockout policy
|
|
MaxAttempts: 5
|
|
ShowLockOutFailures: true
|
|
OrgIam:
|
|
Description: Standard org policy
|
|
UserLoginMustBeDomain: true
|
|
IamID: 'IAM'
|
|
DomainVerification:
|
|
VerificationKey:
|
|
EncryptionKeyID: $ZITADEL_DOMAIN_VERIFICATION_KEY
|
|
VerificationGenerator:
|
|
Length: 32
|
|
IncludeLowerLetters: true
|
|
IncludeUpperLetters: true
|
|
IncludeDigits: true
|
|
IncludeSymbols: false
|
|
Notifications:
|
|
DebugMode: $DEBUG_MODE
|
|
Endpoints:
|
|
InitCode: '$ZITADEL_ACCOUNTS/user/init?userID={{.UserID}}&code={{.Code}}&passwordset={{.PasswordSet}}'
|
|
PasswordReset: '$ZITADEL_ACCOUNTS/password/init?userID={{.UserID}}&code={{.Code}}'
|
|
VerifyEmail: '$ZITADEL_ACCOUNTS/mail/verification?userID={{.UserID}}&code={{.Code}}'
|
|
Providers:
|
|
Chat:
|
|
Url: $CHAT_URL
|
|
SplitCount: 4000
|
|
Email:
|
|
SMTP:
|
|
Host: $SMTP_HOST
|
|
User: $SMTP_USER
|
|
Password: $SMTP_PASSWORD
|
|
From: $EMAIL_SENDER_ADDRESS
|
|
FromName: $EMAIL_SENDER_NAME
|
|
Tls: $SMTP_TLS
|
|
Twilio:
|
|
SID: $TWILIO_SERVICE_SID
|
|
Token: $TWILIO_TOKEN
|
|
From: $TWILIO_SENDER_NAME
|
|
TemplateData:
|
|
InitCode:
|
|
Title: 'InitCode.Title'
|
|
PreHeader: 'InitCode.PreHeader'
|
|
Subject: 'InitCode.Subject'
|
|
Greeting: 'InitCode.Greeting'
|
|
Text: 'InitCode.Text'
|
|
ButtonText: 'InitCode.ButtonText'
|
|
PasswordReset:
|
|
Title: 'PasswordReset.Title'
|
|
PreHeader: 'PasswordReset.PreHeader'
|
|
Subject: 'PasswordReset.Subject'
|
|
Greeting: 'PasswordReset.Greeting'
|
|
Text: 'PasswordReset.Text'
|
|
ButtonText: 'PasswordReset.ButtonText'
|
|
VerifyEmail:
|
|
Title: 'VerifyEmail.Title'
|
|
PreHeader: 'VerifyEmail.PreHeader'
|
|
Subject: 'VerifyEmail.Subject'
|
|
Greeting: 'VerifyEmail.Greeting'
|
|
Text: 'VerifyEmail.Text'
|
|
ButtonText: 'VerifyEmail.ButtonText'
|
|
VerifyPhone:
|
|
Title: 'VerifyPhone.Title'
|
|
PreHeader: 'VerifyPhone.PreHeader'
|
|
Subject: 'VerifyPhone.Subject'
|
|
Greeting: 'VerifyPhone.Greeting'
|
|
Text: 'VerifyPhone.Text'
|
|
ButtonText: 'VerifyPhone.ButtonText' |