# VERBOSE
# Show more output in the logs
#VERBOSE=true

# DEBUG
# Show binary output in the longs too
#DEBUG=true

# Used for Let's Encrypt registration
# ACME_AGREE
ACME_AGREE=true
# ACME_EMAIL
ACME_EMAIL=johndoe@example.com

# TUNNEL_RELAY_URL
# The URL of the Telebit Relay, of course.
# Note that many client configuration details can be preassigned at
# https://devices.example.com/.well-known/telebit.app/index.json
TUNNEL_RELAY_URL=https://devices.example.com/

# VENDOR_ID
# Used to distinguish between different white-labeled Telebit binaries.
# It's just as well to generate a random ID for your organization.
VENDOR_ID=

# SECRET
# This is the shared secret between the client device
# and the device management server.
SECRET=shared-secret

# CLIENT_SUBJECT (optional)
# NOT used by Telebit.
# This is for the example scripts
# (for the Device Management & Authentication server)
CLIENT_SUBJECT=newbie
CLIENT_SECRET=xxxxxxxxxxxxxxxx

# TLS_LOCALS
# ReverseProxy any matching requests to the given local port.
# This DOES NOT terminate TLS
TLS_LOCALS=https:*:3000

# LOCALS
# ReverseProxy any matching requests to the given local port.
# This terminates TLS
# Ex: LOCALS=https:$CLIENT_SUBJECT.devices.example.com:3000,https:*.$CLIENT_SUBJECT.devices.example.com:3000
LOCALS=https:*:3000

# PORT_FORWARDS
# ReverseProxy any matching TCP streams from the given remote incoming port,
# directly to the given destination port.
PORT_FORWARDS=3443:3001,8443:3002

# AUTH_URL
# The client may receive this as `.authn.url`
# through `https://$API_DOMAIN/.well-known/telebit.app/index.json`
# Setting the ENV AUTH_URL or the flag --auth-url overrides the discovery endpoint

# ACME_HTTP_01_RELAY_URL
# Overrides `.acme_http_01_relay.url`
# from `https://$API_DOMAIN/.well-known/telebit.app/index.json`
ACME_HTTP_01_RELAY_URL=https://tunnel.example.com/api/acme-relay

# ACME_RELAY_URL (deprecated)
# Overrides `.acme_dns_01_relay.url`
# from `https://$API_DOMAIN/.well-known/telebit.app/index.json`
#ACME_RELAY_URL=https://tunnel.example.com/api/acme-relay

# ACME DNS-01 Challenge Strategies
# Rather than use the http-01 or dns-01 relay you can set one of these
#DUCKDNS_TOKEN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
#NAMECOM_USERNAME=
#NAMECOM_API_TOKEN=
#GODADDY_API_KEY=
#GODADDY_API_SECRET=