-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy patharmory.env
59 lines (48 loc) · 2.51 KB
/
armory.env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
# This file is for setting configuration parameters for the Armory docker image
# Use this variable to specify a root directory for the server.
# ARMORY_ROOT_DIR=
# The port to listen to within the container
ARMORY_PORT=8888
# The external host that clients will use to interact with the armory
# If this is not specified, the armory will be unreachable outside of localhost
ARMORY_DOMAIN_NAME=""
# Enable authentication for the armory.
# 1 means authentication is enabled, anything else means authentication is disabled
ARMORY_AUTHENTICATION_ENABLED=1
# Enable TLS for the armory
# 1 means TLS is enabled, anything else means TLS is disabled
# TLS certificates must be placed in <armory-root>/certificates/armory.key and <armory-root>/certificates/armory.crt
ARMORY_TLS_ENABLED=0
# The source for the package signing key
# Possible options are aws, vault, external, and local
# aws: get the key from AWS Secrets Manager
# vault: get the key from Vault
# external: an external process is responsible for signing packages and the index
# local: generate the key and save it locally (the key is written to <armory-root>/private.key)
ARMORY_SIGNING_KEY_PROVIDER=local
## If AWS is your signing key provider, uncomment and fill in the following variables
# The secret name in SM that contains the signing key
# ARMORY_AWS_SIGNING_KEY=
# The AWS region that the key is stored in
# ARMORY_AWS_SK_REGION=""
## If vault is your signing key provider, uncomment and fill in the following variables
# The URL of the vault instance
# ARMORY_VAULT_ADDR=
# The app role path. The default is "approle"
# ARMORY_VAULT_APP_ROLE_PATH=
# The approle RoleID (UUID)
# ARMORY_VAULT_APP_ROLE_ID=
# The approle SecretID (UUID)
# ARMORY_VAULT_APP_SECRET_ID=
# The path to the key in the vault - the last element of the path should be the field
# For example, if your key is stored in secrets/armory/signingkey under the field "key",
# the value of ARMORY_VAULT_SIGNING_KEY_PATH should be secrets/armory/signingkey/key
# ARMORY_VAULT_SIGNING_KEY_PATH=
## If external is your signing key provider, fill in the following variable with the minisign public key that corresponds to the
# private key signing the packages
# ARMORY_EXTERNAL_PUBLIC_KEY=
## If local is your signing key provider, fill in the following variable if you want to encrypt the package signing key with a password
# If you do not want a password, leave the value as "".
ARMORY_SIGNING_KEY_PASSWORD=""
## If you are using S3 as the storage backend, specify the region using this variable
ARMORY_S3_REGION=us-east-1