devproje/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2025-01-19 02:10:04 +09:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

chore: update config example

Browse source
This commit is contained in:
Rorical 2024-12-22 23:04:56 +08:00
parent 8f43c94693
commit f356d08ec9
2 changed files with 11 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
config-example.yaml
View file

@ -364,10 +364,17 @@ unix_socket_permission: "0770"
# allowed_users:
# - alice@example.com
#
# # Optional: Enable PKCE (Proof Key for Code Exchange) support for enhanced security
# # and prevent CSRF attacks.
# # Optional: PKCE (Proof Key for Code Exchange) configuration
# # PKCE adds an additional layer of security to the OAuth 2.0 authorization code flow
# # by preventing authorization code interception attacks
# # See https://datatracker.ietf.org/doc/html/rfc7636
# enable_pkce: false
# pkce:
# # Enable or disable PKCE support (default: false)
# enabled: false
# # PKCE method to use:
# # - plain: Use plain code verifier
# # - S256: Use SHA256 hashed code verifier (default, recommended)
# method: S256
#
# # Map legacy users from pre-0.24.0 versions of headscale to the new OIDC users
# # by taking the username from the legacy user and matching it with the username

1
docs/ref/oidc.md
View file

@ -48,6 +48,7 @@ oidc:
# Optional: PKCE (Proof Key for Code Exchange) configuration
# PKCE adds an additional layer of security to the OAuth 2.0 authorization code flow
# by preventing authorization code interception attacks
# See https://datatracker.ietf.org/doc/html/rfc7636
pkce:
# Enable or disable PKCE support (default: false)
enabled: false