mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
23 lines
736 B
YAML
23 lines
736 B
YAML
|
|
# Constellation Pod IP range to expose via VPN. The default is for GCP.
|
|
podCIDR: "10.10.0.0/16"
|
|
|
|
# Constellation Service IPs to expose via VPN. The default is for GCP.
|
|
serviceCIDR: "10.96.0.0/12"
|
|
|
|
# on-prem IP ranges to expose to Constellation. Must contain at least one CIDR.
|
|
peerCIDRs: []
|
|
|
|
# MTU to set on the VPN route. Leave empty if path MTU discovery is supported end-to-end.
|
|
# See also https://docs.strongswan.org/docs/5.9/howtos/forwarding.html#_mtumss_issues.
|
|
mtu: 1300
|
|
|
|
# IPSec configuration
|
|
ipsec:
|
|
# pre-shared key used for authentication
|
|
psk: ""
|
|
# Address of the peer's gateway router.
|
|
peer: ""
|
|
|
|
image: "ghcr.io/edgelesssys/constellation/vpn@sha256:88b6a0265052cb0a68d20d9b20e0d42ef15e7a80e5f71201ecf32e004de2356e"
|