_version: 2 cli: db: en: "path to the sqlite3 database file, used to save all the data" zh-CN: "sqlite3 数据库文件路径, 用于保存所有数据" console_log_level: en: "The log level for the console logger. Possible values: trace, debug, info, warn, error" zh-CN: "控制台日志级别。可能的值:trace, debug, info, warn, error" file_log_level: en: "The log level for the file logger. Possible values: trace, debug, info, warn, error" zh-CN: "文件日志级别。可能的值:trace, debug, info, warn, error" file_log_dir: en: "The directory to save the log files, default is the current directory" zh-CN: "保存日志文件的目录,默认为当前目录" config_server_port: en: "The port to listen for the config server, used by the easytier-core to connect to" zh-CN: "配置服务器的监听端口,用于被 easytier-core 连接" config_server_protocol: en: "The protocol to listen for the config server, used by the easytier-core to connect to, possible values: udp, tcp, ws" zh-CN: "配置服务器的监听协议,用于被 easytier-core 连接, 可能的值:udp, tcp, ws" api_server_port: en: "The port to listen for the restful server, acting as ApiHost and used by the web frontend" zh-CN: "restful 服务器的监听端口,作为 ApiHost 并被 web 前端使用" api_server_addr: en: "The listen address for the restful server, e.g. 0.0.0.0, ::, 127.0.0.1" zh-CN: "restful 服务器的监听地址, 例如 0.0.0.0, ::, 127.0.0.1" web_server_port: en: "The port to listen for the web dashboard server, default is same as the api server port" zh-CN: "web dashboard 服务器的监听端口, 默认为与 api 服务器端口相同" web_server_addr: en: "The listen address for the web dashboard server (only effective when web_server_port differs from api_server_port or web_server_addr differs from api_server_addr), e.g. 0.0.0.0, ::, 127.0.0.1" zh-CN: "web dashboard 服务器的监听地址(仅在 web_server_port 与 api_server_port 不同,或 web_server_addr 与 api_server_addr 不同时生效), 例如 0.0.0.0, ::, 127.0.0.1" no_web: en: "Do not run the web dashboard server" zh-CN: "不运行 web dashboard 服务器" api_host: en: "The URL of the API server, used by the web frontend to connect to" zh-CN: "API 服务器的 URL,用于 web 前端连接" geoip_db: en: "The path to the GeoIP2 database file, used to lookup the location of the client, default is the embedded file (only country information) , recommend https://github.com/P3TERX/GeoLite.mmdb" zh-CN: "GeoIP2 数据库文件路径,用于查找客户端的位置,默认为嵌入文件(仅国家信息),推荐 https://github.com/P3TERX/GeoLite.mmdb" disable_registration: en: "Disable user registration" zh-CN: "禁用用户注册" oidc_issuer_url: en: "The OIDC issuer URL for single sign-on authentication" zh-CN: "OIDC 签发者 URL,用于单点登录认证" oidc_client_id: en: "The OIDC client ID" zh-CN: "OIDC 客户端 ID" oidc_client_secret: en: "The OIDC client secret (can also be set via OIDC_CLIENT_SECRET env var)" zh-CN: "OIDC 客户端密钥(也可通过 OIDC_CLIENT_SECRET 环境变量设置)" oidc_username_claim: en: "The OIDC claim to use as the local username, default: preferred_username" zh-CN: "用作本地用户名的 OIDC claim 字段,默认: preferred_username" oidc_scopes: en: "OIDC scopes to request during login. Supports comma-separated values or repeated --oidc-scopes flags, default: openid,profile" zh-CN: "登录时请求的 OIDC scopes。支持逗号分隔或多次指定 --oidc-scopes,默认: openid,profile" oidc_redirect_url: en: "The OIDC redirect URL (callback URL), must match exactly what is registered with your Identity Provider. Required when using OIDC. Example: http://your-domain.com:11211/api/v1/auth/oidc/callback" zh-CN: "OIDC 重定向 URL(回调 URL),必须与身份提供商注册的地址完全一致。使用 OIDC 时必须提供。示例: http://your-domain.com:11211/api/v1/auth/oidc/callback" allow_auto_create_user: en: "Allow auto-creating local user when easytier-core connects with an unknown username" zh-CN: "当 easytier-core 使用未知用户名连接时,允许自动创建本地用户" oidc_disable_pkce: en: "Disable PKCE (Proof Key for Code Exchange) for OIDC authentication" zh-CN: "禁用 OIDC 认证的 PKCE(授权码交换证明密钥)" oidc_frontend_base_url: en: "Frontend base URL to redirect to after successful OIDC callback. Required when frontend and API are deployed separately (non-embed build, --no-web mode, or different web_server_port)" zh-CN: "OIDC 回调成功后跳转的前端入口地址。当前端与 API 分离部署时必须提供(非 embed 构建、--no-web 模式、或 web_server_port 与 api_server_port 不同)"