feat(drasl): add config.toml.tmpl (password login, SignPublicKeys=false)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-05-24 04:38:41 +02:00
parent e351736e2e
commit e61286d2b3

View File

@@ -0,0 +1,23 @@
# Drasl config — password-login mode (NO Keycloak/OIDC for now).
# TOML only (drasl has no env support). Rendered by tooling/render-config.sh
# -> drasl/config/config.toml (gitignored). Only ${BASE_DOMAIN} is substituted.
# Reached only via Caddy at auth.${BASE_DOMAIN}; drasl has no published host port.
BaseURL = "http://auth.${BASE_DOMAIN}"
Domain = "auth.${BASE_DOMAIN}"
ListenAddress = "0.0.0.0:25585" # internal; Caddy reverse-proxies to it
DefaultAdminUsernames = ["admin"]
# Password login: admin + guests register a username/password on the web UI.
AllowPasswordLogin = true
# 1.21+ secure-profile fix: MUST pair with server ENFORCE_SECURE_PROFILE=FALSE.
# Both or neither — mixed auth breaks on MC 1.21+ with SignPublicKeys = true.
SignPublicKeys = false
[ApplicationOwner]
Name = "Ulicraft"
Email = "admin@${BASE_DOMAIN}"
# OIDC block intentionally omitted for now (no Keycloak).
# [[RegistrationOIDC]] <- future task