diff --git a/authelia/authelia/configuration.yml b/authelia/authelia/configuration.yml new file mode 100644 index 0000000..972d7d5 --- /dev/null +++ b/authelia/authelia/configuration.yml @@ -0,0 +1,74 @@ +--- +############################################################### +# Authelia configuration # +############################################################### + +server: + address: 'tcp://:9091' + +log: + level: 'debug' + +totp: + issuer: 'authelia.com' + +identity_validation: + reset_password: + jwt_secret: 'a_very_important_secret' + +# duo_api: +# hostname: api-123456789.example.com +# integration_key: ABCDEF +# # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE +# secret_key: 1234567890abcdefghifjkl + +authentication_backend: + file: + path: '/config/users_database.yml' + +access_control: + default_policy: 'deny' + rules: + # Rules applied to everyone + - domain: 'public.example.com' + policy: 'bypass' + - domain: 'traefik.example.com' + policy: 'one_factor' + - domain: 'secure.example.com' + policy: 'two_factor' + +session: + # This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE + secret: 'insecure_session_secret' + + cookies: + - name: 'authelia_session' + domain: 'example.com' # Should match whatever your root protected domain is + authelia_url: 'https://authelia.example.com' + expiration: '1 hour' + inactivity: '5 minutes' + + redis: + host: 'redis' + port: 6379 + # This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE + # password: authelia + +regulation: + max_retries: 3 + find_time: '2 minutes' + ban_time: '5 minutes' + +storage: + encryption_key: 'you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this' + local: + path: '/config/db.sqlite3' + +notifier: + smtp: + username: 'test' + # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE + password: 'password' + address: 'smtp://mail.example.com:25' + sender: 'admin@example.com' +...