MyFavMirrors/MeshCentral
1
0
Fork 0
mirror of https://github.com/Ylianst/MeshCentral.git synced 2025-11-07 12:52:54 -05:00
Code Issues Packages Projects Releases Wiki Activity

Added mpsHighSecurity option in config.json, #3910

Browse Source
This commit is contained in:
Ylian Saint-Hilaire
2022-04-23 13:17:12 -07:00
parent 5ef32633d8
commit fc60faefba
5 changed files with 268 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
meshcentral-config-schema.json
View File

@@ -156,16 +156,17 @@
},
"tlsOffload": { "type": [ "boolean", "string" ], "default": false, "description": "When true, indicates that a TLS offloader is in front of the MeshCentral server. More typically, set this to the IP address of the reverse proxy or TLS offloader so that IP forwarding headers will be trusted. For example: \"127.0.0.1,192.168.1.100\"." },
"trustedProxy": { "type": "string", "default": null, "description": "Trust forwarded headers from these IPs or domains. Providing the magic string \"CloudFlare\" will cause the server to download the IP address list of trusted CloudFlare proxies directly from CloudFlare on each server start. For example: \"127.0.0.1,proxy.example.com,CloudFlare\"." },
"mpsPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"mpsPortBind": { "type": "string" },
"mpsAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535 },
"mpsAliasHost": { "type": "string" },
"mpsTlsOffload": { "type": "boolean", "default": false },
"mpsPort": { "type": "integer", "minimum": 0, "maximum": 65535, "default": 4433, "description": "The Management Presence Server (MPS), this is the server that received Intel AMT Client Initiated Remote Access (CIRA) connections." },
"mpsPortBind": { "type": "string", "default": null },
"mpsAliasPort": { "type": "integer", "minimum": 1, "maximum": 65535, "default": null },
"mpsAliasHost": { "type": "string", "default": null },
"mpsTlsOffload": { "type": "boolean", "default": false, "description": "When set to true, indicate that TLS is being performed by a device in front of MeshCentral." },
"mpsHighSecurity": { "type": "boolean", "default": false, "description": "When set to true, the MPS server will only accept TLS 1.2 and 1.3 connections. Older Intel AMT devices will not be able to connect." },
"no2FactorAuth": { "type": "boolean", "default": false },
"log": { "type": "string" },
"syslog": { "type": "string" },
"syslogauth": { "type": "string" },
"syslogjson": { "type": "string" },
"log": { "type": "string", "default": null },
"syslog": { "type": "string", "default": null },
"syslogauth": { "type": "string", "default": null },
"syslogjson": { "type": "string", "default": null },
"syslogtcp": { "type": "string", "default": null, "description": "Send syslog events over the network (RFC3164) to a target hostname:port. For example: localhost:514" },
"webrtcConfig": {
"type": "object",