| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.listen | Address and port to listen on (can be HOST:PORT, unix:PATH).
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.key | Path to certificate private key (PEM with private key)
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.cert | Path to certificate (PEM with certificate chain)
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowCN | Allow client if common name appears in the list.
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowOU | Allow client if organizational unit name appears in the list.
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowAll | If true, allow all clients, do not check client cert subject.
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowDNS | Allow client if DNS subject alternative name appears in the list.
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.allowURI | Allow client if URI subject alternative name appears in the list.
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.target | Address to forward connections to (can be HOST:PORT or unix:PATH).
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.package | Package to use for ghostunnel
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.cacert | Path to CA bundle file (PEM/X509)
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.unsafeTarget | If set, does not limit target to localhost, 127.0.0.1, [::1], or UNIX sockets
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.keystore | Path to keystore (combined PEM with cert/key, or PKCS12 keystore)
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.extraArguments | Extra arguments to pass to ghostunnel server
|
| <imports = [ pkgs.ghostunnel.services.default ]>.ghostunnel.disableAuthentication | Disable client authentication, no client certificate will be required.
|