mcp-app-demo/pomerium-config.yaml at main · pomerium/mcp-app-demo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#
# This is a sample Pomerium (https://pomerium.com) configuration file for integrating with the Model Context Protocol (MCP) servers and clients.
#

# acquire TLS certificates automatically from Let's Encrypt
autocert: true

#
# Pomerium needs to store data in a database to manage sessions, policies, and other stateful information.
#
databroker_storage_type: postgres
databroker_storage_connection_string: postgresql://postgres:postgres@postgres:5432/pomerium?sslmode=disable

# Enable MCP support
runtime_flags:
  mcp: true

# Configure routes. Change YOUR-DOMAIN to a valid domain you control.
#
routes:
  # this creates a route for the MCP App Demo application (this repo)
  - from: https://mcp-app-demo.YOUR-DOMAIN
    to: http://mcp-app-demo:3000
    mcp:
      client: {}
    policy:
      - allow:
          or:
            - domain:
                is: pomerium.com
  # this creates a route for the sample MCP database server
  - from: https://db-mcp.YOUR-DOMAIN
    to: http://mcp-servers:8080/mcp
    name: Database
    mcp:
      server: {}
    policy:
      - allow:
          or:
            - domain:
                is: YOUR-DOMAIN