75 lines
1.9 KiB
YAML
75 lines
1.9 KiB
YAML
---
|
|
###############################################################
|
|
# Authelia configuration #
|
|
###############################################################
|
|
|
|
server:
|
|
address: 'tcp://:9091'
|
|
|
|
log:
|
|
level: 'debug'
|
|
|
|
totp:
|
|
issuer: 'authelia.com'
|
|
|
|
identity_validation:
|
|
reset_password:
|
|
jwt_secret: 'a_very_important_secret'
|
|
|
|
# duo_api:
|
|
# hostname: api-123456789.example.com
|
|
# integration_key: ABCDEF
|
|
# # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE
|
|
# secret_key: 1234567890abcdefghifjkl
|
|
|
|
authentication_backend:
|
|
file:
|
|
path: '/config/users_database.yml'
|
|
|
|
access_control:
|
|
default_policy: 'deny'
|
|
rules:
|
|
# Rules applied to everyone
|
|
- domain: 'public.example.com'
|
|
policy: 'bypass'
|
|
- domain: 'traefik.example.com'
|
|
policy: 'one_factor'
|
|
- domain: 'secure.example.com'
|
|
policy: 'two_factor'
|
|
|
|
session:
|
|
# This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE
|
|
secret: 'insecure_session_secret'
|
|
|
|
cookies:
|
|
- name: 'authelia_session'
|
|
domain: 'example.com' # Should match whatever your root protected domain is
|
|
authelia_url: 'https://authelia.example.com'
|
|
expiration: '1 hour'
|
|
inactivity: '5 minutes'
|
|
|
|
redis:
|
|
host: 'redis'
|
|
port: 6379
|
|
# This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE
|
|
# password: authelia
|
|
|
|
regulation:
|
|
max_retries: 3
|
|
find_time: '2 minutes'
|
|
ban_time: '5 minutes'
|
|
|
|
storage:
|
|
encryption_key: 'you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this'
|
|
local:
|
|
path: '/config/db.sqlite3'
|
|
|
|
notifier:
|
|
smtp:
|
|
username: 'test'
|
|
# This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE
|
|
password: 'password'
|
|
address: 'smtp://mail.example.com:25'
|
|
sender: 'admin@example.com'
|
|
...
|