defguard---Core
defguard---Core
OfficielleApplication Docker from grtgbln's Repository
Vue d'ensemble
This is the core component of defguard, which may required for the other components to work (gateway, proxy)
Exigences
Requires a separate Postgres database container. Requires either a separate defguard - Gateway, defguard - Proxy container or openldap container.
Arguments d'exécution
- Interface utilisateur Web
http://[IP]:[PORT:8000]/- Réseau
bridge- Privilégié
- false
Configuration du modèle
Container Port: 8000
- Cible
- 8000
- Défaut
- 8000
- Valeur
- 8000
Container Port: 50055
- Cible
- 50055
- Défaut
- 50055
- Valeur
- 50055
Postgres database host
- Cible
- DEFGUARD_DB_HOST
Postgres database port
- Cible
- DEFGUARD_DB_PORT
- Défaut
- 5432
- Valeur
- 5432
Postgres database user
- Cible
- DEFGUARD_DB_USER
Postgres database password
- Cible
- DEFGUARD_DB_PASSWORD
Postgres database name
- Cible
- DEFGUARD_DB_NAME
- Défaut
- defguard
- Valeur
- defguard
Used to encrypt private cookies. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Cible
- DEFGUARD_SECRET_KEY
Used to encrypt user tokens. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Cible
- DEFGUARD_AUTH_SECRET
Used to encrypt gateway tokens. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Cible
- DEFGUARD_GATEWAY_SECRET
Used to encrypt YubiBridge tokens. Run `openssl rand -base64 55 | tr -d '=+/' | tr -d '\n' | cut -c1-64` to generate a random key.
- Cible
- DEFGUARD_YUBIBRIDGE_SECRET
Publicly-accessible URL of defguard instance.
- Cible
- DEFGUARD_URL
- Défaut
- http://localhost:8000
- Valeur
- http://localhost:8000
Default password for the admin user.
- Cible
- DEFGUARD_DEFAULT_ADMIN_PASSWORD
- Défaut
- pass123
- Valeur
- pass123
Proxy URL of defguard instance. Delete if not using defguard proxy.
- Cible
- DEFGUARD_PROXY_URL
- Défaut
- http://IP_ADDRESS:50051
- Valeur
- http://IP_ADDRESS:50051
Set the domain for auth cookies. By default, it's the domain from DEFGUARD_URL. Must be changed to base URL if you want to use forward auth. Delete if not using defguard proxy.
- Cible
- DEFGUARD_COOKIE_DOMAIN
- Défaut
- localhost
- Valeur
- localhost
URL of LDAP server. Delete if not using LDAP.
- Cible
- DEFGUARD_LDAP_URL
- Défaut
- ldap://IP_ADDRESS:1389
- Valeur
- ldap://IP_ADDRESS:1389
Bind username for LDAP server. Delete if not using LDAP.
- Cible
- DEFGUARD_LDAP_BIND_USERNAME
- Défaut
- cn=user,ou=users,dc=example,dc=org
- Valeur
- cn=user,ou=users,dc=example,dc=org
Bind password for LDAP server. Delete if not using LDAP.
- Cible
- DEFGUARD_LDAP_BIND_PASSWORD
- Défaut
- user
- Valeur
- user
User search base for LDAP server. Delete if not using LDAP.
- Cible
- DEFGUARD_LDAP_USER_SEARCH_BASE
- Défaut
- ou=users,dc=example,dc=org
- Valeur
- ou=users,dc=example,dc=org
Group search base for LDAP server. Delete if not using LDAP.
- Cible
- DEFGUARD_LDAP_GROUP_SEARCH_BASE
- Défaut
- ou=groups,dc=example,dc=org
- Valeur
- ou=groups,dc=example,dc=org
Allow access via HTTP
- Cible
- DEFGUARD_COOKIE_INSECURE
- Défaut
- false|true
Enable Rust backtraces
- Cible
- RUST_BACKTRACE
- Défaut
- 1
Log level
- Cible
- DEFGUARD_LOG_LEVEL
- Défaut
- info|debug
Détails
ghcr.io/defguard/defguard:latestExécutez defguard---Core sur Unraid.
defguard---Core est listé dans Community Apps pour Unraid OS. Explorez Unraid pour créer un serveur domestique flexible, un NAS ou un laboratoire domestique.