Last active
May 17, 2024 11:24
-
-
Save james-d-elliott/5152d27c0781aee856a3383f1284998e to your computer and use it in GitHub Desktop.
Authelia Sample Configuration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################################### | |
# Authelia minimal configuration # | |
############################################################### | |
port: 9091 | |
logs_level: info | |
jwt_secret: insecure_secret | |
authentication_backend: | |
file: | |
path: /etc/authelia/users.yml | |
totp: | |
issuer: example.com | |
session: | |
secret: insecure_session_secret | |
domain: example.com | |
expiration: 3600 # 1 hour | |
inactivity: 300 # 5 minutes | |
redis: | |
host: redis | |
port: 6379 | |
storage: | |
local: | |
path: /var/lib/authelia/db.sqlite | |
access_control: | |
default_policy: bypass | |
rules: | |
- domain: "public.example.com" | |
policy: bypass | |
- domain: "traefik.example.com" | |
policy: one_factor | |
notifier: | |
filesystem: | |
filename: /var/lib/authelia/emails.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
version: "3.4" | |
networks: | |
net: | |
driver: bridge | |
volumes: | |
authelia-data: | |
external: true | |
services: | |
traefik: | |
container_name: traefik | |
image: traefik:2.1.3 | |
restart: always | |
networks: | |
- net | |
command: | |
- "--api" | |
- "--providers.docker=true" | |
- "--entrypoints.http=true" | |
- "--entrypoints.http.address=:80" | |
- "--entrypoints.https=true" | |
- "--entrypoints.https.address=:443" | |
labels: | |
- "traefik.enable=true" | |
- "traefik.http.routers.api.rule=Host(`traefik.example.com`)" | |
- "traefik.http.routers.api.entrypoints=https" | |
- "traefik.http.routers.api.tls=true" | |
- "traefik.http.routers.api.service=api@internal" | |
- "traefik.http.routers.api.middlewares=authelia" | |
ports: | |
- 80:80 | |
- 443:443 | |
volumes: | |
- /var/run/docker.sock:/var/run/docker.sock | |
redis: | |
container_name: redis | |
image: redis:4.0-alpine | |
ports: | |
- "6379:6379" | |
networks: | |
- net | |
authelia: | |
container_name: authelia | |
image: authelia/authelia:4.2.0 | |
restart: always | |
networks: | |
- net | |
expose: | |
- 9091 | |
volumes: | |
- ./authelia/config/configuration.yml:/etc/authelia/configuration.yml | |
- ./authelia/config/users.yml:/etc/authelia/users.yml | |
- authelia-data:/var/lib/authelia | |
environment: | |
TZ: Australia/Melbourne | |
labels: | |
- "traefik.enable=true" | |
- "traefik.http.routers.authelia.rule=Host(`auth.example.com`)" | |
- "traefik.http.routers.authelia.entrypoints=https" | |
- "traefik.http.routers.authelia.tls=true" | |
- "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=https://auth.example.com" | |
- "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
############################################################### | |
# Users Database # | |
############################################################### | |
# This file can be used if you do not have an LDAP set up. All users passwords are 'password'. | |
users: | |
john: | |
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" | |
email: john.doe@authelia.com | |
groups: | |
- admins | |
- dev | |
harry: | |
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" | |
email: harry.potter@authelia.com | |
groups: [] | |
bob: | |
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" | |
email: bob.dylan@authelia.com | |
groups: | |
- dev | |
james: | |
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" | |
email: james.dean@authelia.com |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment