Add authelia/config/configuration.yml

Latest version, untested in production

authelia/authelia/configuration.yml

@@ -1,74 +0,0 @@
----
-###############################################################
-#                   Authelia configuration                    #
-###############################################################
-
-server:
-  address: 'tcp://:9091'
-
-log:
-  level: 'debug'
-
-totp:
-  issuer: 'authelia.com'
-
-identity_validation:
-  reset_password:
-    jwt_secret: 'a_very_important_secret'
-
-# duo_api:
-#  hostname: api-123456789.example.com
-#  integration_key: ABCDEF
-#  # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE
-#  secret_key: 1234567890abcdefghifjkl
-
-authentication_backend:
-  file:
-    path: '/config/users_database.yml'
-
-access_control:
-  default_policy: 'deny'
-  rules:
-    # Rules applied to everyone
-    - domain: 'public.example.com'
-      policy: 'bypass'
-    - domain: 'traefik.example.com'
-      policy: 'one_factor'
-    - domain: 'secure.example.com'
-      policy: 'two_factor'
-
-session:
-  # This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE
-  secret: 'insecure_session_secret'
-
-  cookies:
-    - name: 'authelia_session'
-      domain: 'example.com'  # Should match whatever your root protected domain is
-      authelia_url: 'https://authelia.example.com'
-      expiration: '1 hour'
-      inactivity: '5 minutes'
-
-  redis:
-    host: 'redis'
-    port: 6379
-    # This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE
-    # password: authelia
-
-regulation:
-  max_retries: 3
-  find_time: '2 minutes'
-  ban_time: '5 minutes'
-
-storage:
-  encryption_key: 'you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this'
-  local:
-    path: '/config/db.sqlite3'
-
-notifier:
-  smtp:
-    username: 'test'
-    # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE
-    password: 'password'
-    address: 'smtp://mail.example.com:25'
-    sender: 'admin@example.com'
-...

authelia/authelia/users_database.yml

@@ -1,19 +0,0 @@
---
-###############################################################
-#                         Users Database                      #
-###############################################################
-
-# This file can be used if you do not have an LDAP set up.
-
-# List of users
-users:
-  authelia:
-    disabled: false
-    displayname: 'Authelia User'
-    # Password is authelia
-    password: '$6$rounds=50000$BpLnfgDsc2WD8F2q$Zis.ixdg9s/UOJYrs56b5QEZFiZECu0qZVNsIYxBaNJ7ucIL.nlxVCT5tqh8KHG8X4tlwCFm5r6NTOZZ5qRFN/'  # yamllint disable-line rule:line-length
-    email: 'authelia@authelia.com'
-    groups:
-      - 'admins'
-      - 'dev'
-...

authelia/docker-compose.yml

@@ -1,22 +1,17 @@
+# From James Turland GIT hub
+
 services:
   authelia:
-    image: 'authelia/authelia'
-    container_name: 'authelia'
+    image: authelia/authelia
+    container_name: authelia
     volumes:
-      - './authelia:/config'
-    restart: 'unless-stopped'
+      - /mnt/disk/authelia/config:/config
+    security_opt:
+      - no-new-privileges:true
+    ports:
+      - 9091:9091
+    restart: unless-stopped
+    environment:
+      - TZ=Europe/London
     healthcheck:
-      ## In production the healthcheck section should be commented.
       disable: true
-    environment:
-      TZ: 'Europe/London'
-
-  redis:
-    image: 'redis:alpine'
-    container_name: 'redis'
-    volumes:
-      - './redis:/data'
-    restart: 'unless-stopped'
-    environment:
-      TZ: 'Europe/London'
-...