57 lines
1.1 KiB
JSON
57 lines
1.1 KiB
JSON
{
|
|
"root": "certs/root_ca.crt",
|
|
"federatedRoots": null,
|
|
"crt": "certs/intermediate_ca.crt",
|
|
"key": "secrets/intermediate_ca.key",
|
|
"address": ":32599",
|
|
"insecureAddress": "",
|
|
"dnsNames": [
|
|
"ca.pyrocufflink.blue"
|
|
],
|
|
"logger": {
|
|
"format": "json"
|
|
},
|
|
"db": {
|
|
"type": "bbolt",
|
|
"dataSource": "db/step.db"
|
|
},
|
|
"authority": {
|
|
"claims": {
|
|
"enableSSHCA": false,
|
|
"disableRenewal": false,
|
|
"allowRenewalAfterExpiry": false,
|
|
"disableSmallstepExtensions": false
|
|
},
|
|
"provisioners": [
|
|
{
|
|
"type": "ACME",
|
|
"name": "acme",
|
|
"claims": {
|
|
"maxTLSCertDuration": "744h",
|
|
"defaultTLSCertDuration": "168h"
|
|
}
|
|
},
|
|
{
|
|
"type": "OIDC",
|
|
"name": "authelia",
|
|
"clientID": "step-ca",
|
|
"clientSecret": "",
|
|
"configurationEndpoint": "https://auth.pyrocufflink.blue/.well-known/openid-configuration",
|
|
"admins": [
|
|
"dustin@hatch.name"
|
|
]
|
|
}
|
|
],
|
|
"backdate": "1m0s"
|
|
},
|
|
"tls": {
|
|
"cipherSuites": [
|
|
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
|
|
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"
|
|
],
|
|
"minVersion": 1.3,
|
|
"maxVersion": 1.3,
|
|
"renegotiation": false
|
|
}
|
|
}
|