nessi
ab7275059f
Add alwaysAllowWebProxyTargets function to parse comma-separated IPs from NEXAVPN_ALWAYS_ALLOW_WEB_PROXY_IPS environment variable with deduplication. Update mergeProfileAllowedIPs to accept webProxyTargets parameter and merge them into profile allowed IPs using /32 routes. Add WebProxyTargets field to wireguard.Peer struct and populate it in BuildSyncBundle and device enrollment/policy application
28 lines
961 B
Plaintext
28 lines
961 B
Plaintext
POSTGRES_DB=nexavpn
|
|
POSTGRES_USER=nexavpn
|
|
POSTGRES_PASSWORD=change-me
|
|
DATABASE_URL=postgres://nexavpn:change-me@postgres:5432/nexavpn?sslmode=disable
|
|
HTTP_ADDRESS=:8080
|
|
APP_ENV=production
|
|
JWT_SECRET=replace-with-a-long-random-secret
|
|
JWT_ISSUER=nexavpn
|
|
ACCESS_TOKEN_TTL_SECONDS=900
|
|
REFRESH_TOKEN_TTL_SECONDS=2592000
|
|
DEFAULT_DNS_SERVERS=10.20.0.53
|
|
DEFAULT_VPN_CIDR=100.96.0.0/24
|
|
GATEWAY_UDP_PORT=51900
|
|
DEFAULT_GATEWAY_ENDPOINT=vpn.example.com:51900
|
|
DEFAULT_GATEWAY_PUBLIC_KEY=replace-me
|
|
GATEWAY_BOOTSTRAP_TOKEN=nexavpn-gateway-bootstrap
|
|
NEXAVPN_GATEWAY_ID=
|
|
NEXAVPN_GATEWAY_NAME=primary-gateway
|
|
NEXAVPN_GATEWAY_SYNC_URL=http://127.0.0.1:8080/api/v1/gateway-agent
|
|
NEXAVPN_GATEWAY_BOOTSTRAP_URL=http://127.0.0.1:8080/api/v1/gateway-agent/bootstrap
|
|
NEXAVPN_API_TOKEN=
|
|
NEXAVPN_GATEWAY_PRIVATE_KEY=
|
|
NEXAVPN_GATEWAY_INTERFACE=wg0
|
|
NEXAVPN_UPLINK_INTERFACE=eth0
|
|
NEXAVPN_ENABLE_MASQUERADE=true
|
|
NEXAVPN_BACKEND_HOST=127.0.0.1
|
|
NEXAVPN_ALWAYS_ALLOW_WEB_PROXY_IPS=172.16.0.109
|