defguard---Core
defguard---Core
OffiziellDocker-Anwendung from grtgbln's Repository
Übersicht
This is the core component of defguard, which may required for the other components to work (gateway, proxy)
Anforderungen
Requires a separate Postgres database container. Requires either a separate defguard - Gateway, defguard - Proxy container or openldap container.
Laufzeit-Argumente
- Web-UI
http://[IP]:[PORT:8000]/- Netzwerk
bridge- Privilegiert
- false
Konfiguration der Vorlage
Container Port: 8000
- Ziel
- 8000
- Standard
- 8000
- Wert
- 8000
Container Port: 50055
- Ziel
- 50055
- Standard
- 50055
- Wert
- 50055
Postgres database host
- Ziel
- DEFGUARD_DB_HOST
Postgres database port
- Ziel
- DEFGUARD_DB_PORT
- Standard
- 5432
- Wert
- 5432
Postgres database user
- Ziel
- DEFGUARD_DB_USER
Postgres database password
- Ziel
- DEFGUARD_DB_PASSWORD
Postgres database name
- Ziel
- DEFGUARD_DB_NAME
- Standard
- defguard
- Wert
- defguard
Used to encrypt private cookies. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Ziel
- DEFGUARD_SECRET_KEY
Used to encrypt user tokens. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Ziel
- DEFGUARD_AUTH_SECRET
Used to encrypt gateway tokens. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Ziel
- DEFGUARD_GATEWAY_SECRET
Used to encrypt YubiBridge tokens. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Ziel
- DEFGUARD_YUBIBRIDGE_SECRET
Publicly-accessible URL of defguard instance.
- Ziel
- DEFGUARD_URL
- Standard
- http://localhost:8000
- Wert
- http://localhost:8000
Default password for the admin user.
- Ziel
- DEFGUARD_DEFAULT_ADMIN_PASSWORD
- Standard
- pass123
- Wert
- pass123
Proxy URL of defguard instance. Delete if not using defguard proxy.
- Ziel
- DEFGUARD_PROXY_URL
- Standard
- http://IP_ADDRESS:50051
- Wert
- http://IP_ADDRESS:50051
Set the domain for auth cookies. By default, it's the domain from DEFGUARD_URL. Must be changed to base URL if you want to use forward auth. Delete if not using defguard proxy.
- Ziel
- DEFGUARD_COOKIE_DOMAIN
- Standard
- localhost
- Wert
- localhost
URL of LDAP server. Delete if not using LDAP.
- Ziel
- DEFGUARD_LDAP_URL
- Standard
- ldap://IP_ADDRESS:1389
- Wert
- ldap://IP_ADDRESS:1389
Bind username for LDAP server. Delete if not using LDAP.
- Ziel
- DEFGUARD_LDAP_BIND_USERNAME
- Standard
- cn=user,ou=users,dc=example,dc=org
- Wert
- cn=user,ou=users,dc=example,dc=org
Bind password for LDAP server. Delete if not using LDAP.
- Ziel
- DEFGUARD_LDAP_BIND_PASSWORD
- Standard
- user
- Wert
- user
User search base for LDAP server. Delete if not using LDAP.
- Ziel
- DEFGUARD_LDAP_USER_SEARCH_BASE
- Standard
- ou=users,dc=example,dc=org
- Wert
- ou=users,dc=example,dc=org
Group search base for LDAP server. Delete if not using LDAP.
- Ziel
- DEFGUARD_LDAP_GROUP_SEARCH_BASE
- Standard
- ou=groups,dc=example,dc=org
- Wert
- ou=groups,dc=example,dc=org
Allow access via HTTP
- Ziel
- DEFGUARD_COOKIE_INSECURE
- Standard
- false|true
Enable Rust backtraces
- Ziel
- RUST_BACKTRACE
- Standard
- 1
Log level
- Ziel
- DEFGUARD_LOG_LEVEL
- Standard
- info|debug
Einzelheiten
ghcr.io/defguard/defguard:latestFühren Sie defguard---Core auf Unraid aus.
defguard---Core ist gelistet in Community Apps für Unraid OS. Erkunden Sie Unraid, um einen flexiblen Heimserver, ein NAS oder ein Heimlabor aufzubauen.