quay/conf/jwtproxy_conf.yaml.jnj

jwtproxy:
  signer_proxy:
    enabled: true
    listen_addr: :8081
    ca_key_file: {{ conf_dir }}/mitm.key
    ca_crt_file: {{ conf_dir }}/mitm.cert

    signer:
      issuer: quay
      expiration_time: 5m
      max_skew: 1m
      private_key:
        type: preshared
        options:
          key_id: {{ key_id }}
          private_key_path: {{ service_key_location }}
  verifier_proxies:
  - enabled: true
    listen_addr: unix:/tmp/jwtproxy_secscan.sock
    socket_permission: 0777
    verifier:
      upstream: unix:/tmp/gunicorn_secscan.sock
      audience: {{ audience }}
      key_server:
        type: keyregistry
        options:
          issuer: {{ security_issuer }}
          registry: {{ registry }}
initial import for Open Source 🎉 2019-11-12 16:09:47 +00:00			`jwtproxy:`
			`signer_proxy:`
			`enabled: true`
			`listen_addr: :8081`
			`ca_key_file: {{ conf_dir }}/mitm.key`
			`ca_crt_file: {{ conf_dir }}/mitm.cert`

			`signer:`
			`issuer: quay`
			`expiration_time: 5m`
			`max_skew: 1m`
			`private_key:`
			`type: preshared`
			`options:`
			`key_id: {{ key_id }}`
			`private_key_path: {{ service_key_location }}`
			`verifier_proxies:`
			`- enabled: true`
			`listen_addr: unix:/tmp/jwtproxy_secscan.sock`
			`socket_permission: 0777`
			`verifier:`
			`upstream: unix:/tmp/gunicorn_secscan.sock`
			`audience: {{ audience }}`
			`key_server:`
			`type: keyregistry`
			`options:`
			`issuer: {{ security_issuer }}`
			`registry: {{ registry }}`