Created
November 25, 2022 20:59
-
-
Save githubsaturn/e51ad5eccea50b42d94a0d999c4649b1 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yamllint disable rule:comments-indentation | |
--- | |
############################################################################### | |
# Authelia Configuration # | |
############################################################################### | |
theme: dark #light/dark | |
jwt_secret: 1234567890abcdefghifjkl #any text or number you want to add here to create jwt Token | |
default_redirection_url: https://google.com/ #where to redirect for a non-existent URL | |
server: | |
host: 0.0.0.0 | |
port: 9091 | |
path: "" | |
read_buffer_size: 4096 | |
write_buffer_size: 4096 | |
enable_pprof: false | |
enable_expvars: false | |
disable_healthcheck: false | |
tls: | |
key: "" | |
certificate: "" | |
log: | |
level: debug | |
totp: | |
issuer: yourdomain.com #your authelia top-level domain | |
period: 30 | |
skew: 1 | |
authentication_backend: | |
disable_reset_password: false | |
refresh_interval: 5m | |
file: | |
path: /config/users_database.yml #this is where your authorized users are stored | |
password: | |
algorithm: argon2id | |
iterations: 1 | |
key_length: 32 | |
salt_length: 16 | |
memory: 1024 | |
parallelism: 8 | |
access_control: | |
default_policy: deny | |
rules: | |
## bypass rule | |
- domain: | |
- "auth.yourdomain.com" #This should be your authentication URL | |
policy: bypass | |
- domain: "sub1.yourdomain.com" #example subdomain to protect | |
policy: one_factor | |
session: | |
name: authelia_session | |
secret: unsecure_session_secret #any text or number you want to add here to create jwt Token | |
expiration: 3600 # 1 hour | |
inactivity: 300 # 5 minutes | |
domain: yourdomain.com # Should match whatever your root protected domain is | |
regulation: | |
max_retries: 3 | |
find_time: 10m | |
ban_time: 12h | |
storage: | |
local: | |
path: /config/db.sqlite3 #this is your databse. You could use a mysql database if you wanted, but we're going to use this one. | |
encryption_key: you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this #added Dec 5 2021 | |
notifier: | |
disable_startup_check: true #true/false | |
smtp: | |
username: youremail@gmail.com #your email address | |
password: Y0uRp@55W0rD! #your email password | |
host: smtp.gmail.com #email smtp server | |
port: 587 #email smtp port | |
sender: youremail@gmail.com | |
identifier: localhost | |
subject: "[Authelia] {title}" #email subject | |
startup_check_address: youremail@gmail.com | |
disable_require_tls: false | |
disable_html_emails: false | |
tls: | |
skip_verify: false | |
minimum_version: TLS1.2 | |
... |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment