server: addr: ":5001" certificate: "/certs/cert.pem" key: "/certs/key.pem" token: issuer: "Trivy auth server" # Must match issuer in the Registry config. expiration: 900 users: # Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate. "admin": password: "$2y$05$LO.vzwpWC5LZGqThvEfznu8qhb5SGqvBSWY1J3yZ4AxtMRZ3kN5jC" # badmin "test": password: "$2y$05$WuwBasGDAgr.QCbGIjKJaep4dhxeai9gNZdmBnQXqpKly57oNutya" # 123 acl: - match: {account: "admin"} actions: ["*"] comment: "Admin has full access to everything." - match: {account: "test"} actions: ["pull"] comment: "User \"test\" can pull stuff."