authelia: add configuration.yml

roles/authelia/templates/configuration.yml.j2

@@ -0,0 +1,60 @@
+host: 0.0.0.0
+port: 9091
+server:
+  read_buffer_size: 4096
+  write_buffer_size: 4096
+  path: "authelia"
+log_level: debug
+jwt_secret: somethingsomethingrandomrecret
+default_redirection_url: https://{{ base_domain }}
+authentication_backend:
+  disable_reset_password: false
+  ldap:
+    implementation: custom
+    url: ldap://openldap
+    start_tls: false
+    tls:
+      server_name: openldap
+      skip_verify: false
+      minimum_version: TLS1.2
+    base_dn: dc=kucharczyk,dc=xyz
+    username_attribute: uid
+    users_filter: ({username_attribute}={input})
+    groups_filter: (member={dn})
+    mail_attribute: mail
+    user: cn=admin,dc=kucharczyk,dc=xyz
+    password: {{ vault_openldap_admin_password }}
+access_control:
+  default_policy: deny
+  rules:
+    - domain:
+      - "keycloak.{{ base_domain }}"
+      policy: one_factor
+session:
+  name: authelia_session
+  secret: somerandomsecret
+  expiration: 1h
+  inactivity: 5m
+  remember_me_duration: 1M
+  domain: {{ base_domain }}
+regulation:
+  max_retries: 3
+  find_time: 2m
+  ban_time: 99y
+storage:
+  local:
+    path: /config/db.sqlite3
+notifier:
+  disable_startup_check: false
+  smtp:
+    username: kucharczyk.lukas@gmail.com
+    password: {{ vault_email_gmail_password }}
+    host: smtp.gmail.com
+    port: 587
+    sender: kucharczyk.lukas@gmail.com
+    subject: "[Authelia] {title}"
+    startup_check_address: test@authelia.com
+    disable_require_tls: false
+    tls:
+      skip_verify: false
+      minimum_version: TLS1.2