forked from SimpleHomelab/docker-traefik
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathconfiguration.yml.example
executable file
·103 lines (91 loc) · 3.54 KB
/
configuration.yml.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
###############################################################
# Authelia configuration #
###############################################################
host: 0.0.0.0
port: 9091
log_level: warn
# This secret can also be set using the env variables AUTHELIA_JWT_SECRET_FILE
# I used this site to generate the secret: https://www.grc.com/passwords.htm
# jwt_secret: SECRET_GOES_HERE # use docker secret file instead AUTHELIA_JWT_SECRET_FILE
# https://docs.authelia.com/configuration/miscellaneous.html#default-redirection-url
default_redirection_url: https://authelia.example.com
totp:
issuer: authelia.com
period: 30
skew: 1
# Enable the following for Duo Push Notification support
# https://www.authelia.com/docs/features/2fa/push-notifications.html
#duo_api:
# hostname: api-123456789.example.com
# integration_key: ABCDEF
# # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE
# secret_key: # use docker secret file instead AUTHELIA_DUO_API_SECRET_KEY_FILE
authentication_backend:
file:
path: /config/users_database.yml
# customize passwords based on https://docs.authelia.com/configuration/authentication/file.html
password:
algorithm: argon2id
iterations: 1
salt_length: 16
parallelism: 8
memory: 1024 # blocks this much of the RAM. Tune this.
# https://docs.authelia.com/configuration/access-control.html
access_control:
default_policy: deny
rules:
# Rules applied to everyone
- domain: authelia.example.com
policy: bypass
# - domain: radarr.example.com
# policy: bypass
# subject: "group:admins"
# resources:
# - "^/api/.*$"
# - domain: "*.example.com"
# policy: one_factor
- domain: "*.example.com"
policy: two_factor
- domain: "example.com"
policy: two_factor
session:
name: authelia_session
# This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE
# Used a different secret, but the same site as jwt_secret above.
# secret: SECRET_GOES_HERE # use docker secret file instead AUTHELIA_SESSION_SECRET_FILE
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
domain: example.com # Should match whatever your root protected domain is
# Optional. Can improve performance on a busy system. If not enabled, session info is stored in memory.
# redis:
# host: redis
# port: 6379
# This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE
# password: authelia
regulation:
max_retries: 3
find_time: 120
ban_time: 300
storage:
# For local storage, uncomment lines below and comment out mysql. https://docs.authelia.com/configuration/storage/sqlite.html
# local:
# path: /config/db.sqlite3
mysql:
# MySQL allows running multiple authelia instances. Create database and enter details below.
host: MYSQL_HOST
port: 3306
database: authelia
username: DBUSERNAME
# Password can also be set using a secret: https://docs.authelia.com/configuration/secrets.html
# password: use docker secret file instead AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE
notifier:
smtp:
username: SMTP_USERNAME
# This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE
# password: # use docker secret file instead AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE
host: SMTP_HOST
port: 587 #465
sender: SENDER_EMAIL
# For testing purpose, notifications can be sent in a file. Be sure map the volume in docker-compose.
# filesystem:
# filename: /tmp/authelia/notification.txt