71 lines
1.7 KiB
Django/Jinja
71 lines
1.7 KiB
Django/Jinja
host: 0.0.0.0
|
|
port: 9091
|
|
server:
|
|
read_buffer_size: 4096
|
|
write_buffer_size: 4096
|
|
path: "authelia"
|
|
log_level: debug
|
|
jwt_secret: somethingsomethingrandomrecret
|
|
default_redirection_url: https://{{ base_domain }}
|
|
authentication_backend:
|
|
disable_reset_password: false
|
|
ldap:
|
|
implementation: custom
|
|
url: ldap://openldap
|
|
start_tls: false
|
|
tls:
|
|
server_name: openldap
|
|
skip_verify: false
|
|
minimum_version: TLS1.2
|
|
base_dn: dc=kucharczyk,dc=xyz
|
|
username_attribute: uid
|
|
users_filter: ({username_attribute}={input})
|
|
groups_filter: (member={dn})
|
|
mail_attribute: mail
|
|
user: cn=admin,dc=kucharczyk,dc=xyz
|
|
password: {{ vault_openldap_admin_password }}
|
|
access_control:
|
|
default_policy: deny
|
|
networks:
|
|
- name: local
|
|
networks:
|
|
- 192.168.0.0/24
|
|
rules:
|
|
- domain: "*.{{ base_domain }}"
|
|
networks:
|
|
- local
|
|
policy: bypass
|
|
- domain: portainer.{{ base_domain }}
|
|
policy: one_factor
|
|
- domain: keycloak.{{ base_domain }}
|
|
policy: one_factor
|
|
- domain: radarr.{{ base_domain }}
|
|
policy: two_factor
|
|
session:
|
|
name: authelia_session
|
|
secret: somerandomsecret
|
|
expiration: 1h
|
|
inactivity: 5m
|
|
remember_me_duration: 1M
|
|
domain: {{ base_domain }}
|
|
regulation:
|
|
max_retries: 3
|
|
find_time: 2m
|
|
ban_time: 99y
|
|
storage:
|
|
local:
|
|
path: /config/db.sqlite3
|
|
notifier:
|
|
disable_startup_check: false
|
|
smtp:
|
|
username: kucharczyk.lukas@gmail.com
|
|
password: {{ vault_email_gmail_password }}
|
|
host: smtp.gmail.com
|
|
port: 587
|
|
sender: kucharczyk.lukas@gmail.com
|
|
subject: "[Authelia] {title}"
|
|
startup_check_address: test@authelia.com
|
|
disable_require_tls: false
|
|
tls:
|
|
skip_verify: false
|
|
minimum_version: TLS1.2 |