examples/simple.yml - casbin-docker_auth - Git at Google

 # A simple example. See reference.yml for explanation for explanation of all options.
 #
 #  auth:
 #    token:
 #      realm: "https://127.0.0.1:5001/auth"
 #      service: "Docker registry"
 #      issuer: "Acme auth server"
 #      rootcertbundle: "/path/to/server.pem"

 server:
   addr: ":5001"
   certificate: "/path/to/server.pem"
   key: "/path/to/server.key"

 token:
   issuer: "Acme auth server"  # Must match issuer in the Registry config.
   expiration: 900

 users:
   # Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate.
   "admin":
     password: "$2y$05$LO.vzwpWC5LZGqThvEfznu8qhb5SGqvBSWY1J3yZ4AxtMRZ3kN5jC"  # badmin
   "test":
     password: "$2y$05$WuwBasGDAgr.QCbGIjKJaep4dhxeai9gNZdmBnQXqpKly57oNutya"  # 123

 acl:
   - match: {account: "admin"}
     actions: ["*"]
     comment: "Admin has full access to everything."
   - match: {account: "test"}
     actions: ["pull"]
     comment: "User \"test\" can pull stuff."
   # Access is denied by default.
	# A simple example. See reference.yml for explanation for explanation of all options.
	#
	# auth:
	# token:
	# realm: "https://127.0.0.1:5001/auth"
	# service: "Docker registry"
	# issuer: "Acme auth server"
	# rootcertbundle: "/path/to/server.pem"

	server:
	addr: ":5001"
	certificate: "/path/to/server.pem"
	key: "/path/to/server.key"

	token:
	issuer: "Acme auth server" # Must match issuer in the Registry config.
	expiration: 900

	users:
	# Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate.
	"admin":
	password: "$2y$05$LO.vzwpWC5LZGqThvEfznu8qhb5SGqvBSWY1J3yZ4AxtMRZ3kN5jC" # badmin
	"test":
	password: "$2y$05$WuwBasGDAgr.QCbGIjKJaep4dhxeai9gNZdmBnQXqpKly57oNutya" # 123

	acl:
	- match: {account: "admin"}
	actions: ["*"]
	comment: "Admin has full access to everything."
	- match: {account: "test"}
	actions: ["pull"]
	comment: "User \"test\" can pull stuff."
	# Access is denied by default.