Remove deprecated deploy workflow, update README with new features and service URLs, delete unused alertmanager and prometheus configurations, refactor Authelia configuration for improved security and functionality, add Gitea and Beszel services, and enhance health checks across services.
This commit is contained in:
elfateh4
60
authelia/configuration.template.yml
Normal file
60
authelia/configuration.template.yml
Normal file
@@ -0,0 +1,60 @@
|
||||
---
|
||||
# Authelia configuration
|
||||
# This is a minimal configuration for getting started with Authelia
|
||||
|
||||
server:
|
||||
address: 'tcp://:9091'
|
||||
endpoints:
|
||||
authz:
|
||||
forward-auth:
|
||||
implementation: 'ForwardAuth'
|
||||
|
||||
authentication_backend:
|
||||
file:
|
||||
path: '/config/users_database.yml'
|
||||
|
||||
access_control:
|
||||
default_policy: 'one_factor'
|
||||
rules:
|
||||
- domain: 'pgadmin.${DOMAIN_PREFIX}.${DOMAIN}'
|
||||
policy: 'two_factor'
|
||||
- domain: 'beszel.${DOMAIN_PREFIX}.${DOMAIN}'
|
||||
policy: 'two_factor'
|
||||
- domain: 'traefik.${DOMAIN_PREFIX}.${DOMAIN}'
|
||||
policy: 'two_factor'
|
||||
- domain: '*.${DOMAIN_PREFIX}.${DOMAIN}'
|
||||
policy: 'one_factor'
|
||||
|
||||
session:
|
||||
name: 'authelia_session'
|
||||
cookies:
|
||||
- domain: '${DOMAIN}'
|
||||
authelia_url: 'https://auth.${DOMAIN_PREFIX}.${DOMAIN}'
|
||||
default_redirection_url: 'https://portainer.${DOMAIN_PREFIX}.${DOMAIN}'
|
||||
|
||||
storage:
|
||||
postgres:
|
||||
address: 'tcp://authelia-db:5432'
|
||||
database: 'authelia'
|
||||
username: 'authelia'
|
||||
|
||||
notifier:
|
||||
disable_startup_check: true
|
||||
# Configure SMTP for production email notifications
|
||||
# For testing, you can use filesystem notifier instead:
|
||||
# filesystem:
|
||||
# filename: /config/notification.txt
|
||||
smtp:
|
||||
address: 'submissions://smtp.gmail.com:465'
|
||||
username: 'your-email@gmail.com'
|
||||
sender: 'Authelia <noreply@${DOMAIN}>'
|
||||
# For Gmail, use an App Password (not your regular password)
|
||||
# Generate at: https://myaccount.google.com/apppasswords
|
||||
|
||||
identity_validation:
|
||||
reset_password: {}
|
||||
|
||||
regulation:
|
||||
max_retries: 3
|
||||
find_time: 120
|
||||
ban_time: 300
|
||||
@@ -3,7 +3,7 @@
|
||||
# This is a minimal configuration for getting started with Authelia
|
||||
|
||||
server:
|
||||
port: 9091
|
||||
address: 'tcp://:9091'
|
||||
endpoints:
|
||||
authz:
|
||||
forward-auth:
|
||||
@@ -14,45 +14,37 @@ authentication_backend:
|
||||
path: '/config/users_database.yml'
|
||||
|
||||
access_control:
|
||||
default_policy: 'deny'
|
||||
default_policy: 'one_factor'
|
||||
rules:
|
||||
- domain: 'pgadmin.gate.${DOMAIN}'
|
||||
- domain: 'pgadmin.test.3launchpad.com'
|
||||
policy: 'two_factor'
|
||||
- domain: '*.gate.${DOMAIN}'
|
||||
- domain: '*.test.3launchpad.com'
|
||||
policy: 'one_factor'
|
||||
|
||||
session:
|
||||
name: 'authelia_session'
|
||||
secret: '${AUTHELIA_SESSION_SECRET}'
|
||||
cookies:
|
||||
- domain: 'gate.${DOMAIN}'
|
||||
authelia_url: 'https://auth.gate.${DOMAIN}'
|
||||
default_redirection_url: 'https://login.gate.${DOMAIN}'
|
||||
- domain: '3launchpad.com'
|
||||
authelia_url: 'https://auth.test.3launchpad.com'
|
||||
default_redirection_url: 'https://portainer.test.3launchpad.com'
|
||||
|
||||
storage:
|
||||
postgres:
|
||||
host: 'authelia-db'
|
||||
port: 5432
|
||||
address: 'tcp://authelia-db:5432'
|
||||
database: 'authelia'
|
||||
username: 'authelia'
|
||||
password: '${AUTHELIA_DB_PASSWORD}'
|
||||
|
||||
notifier:
|
||||
disable_startup_check: true
|
||||
smtp:
|
||||
address: 'smtp://localhost:25'
|
||||
username: 'authelia'
|
||||
password: 'dummy_password'
|
||||
host: 'smtp.example.com'
|
||||
port: 587
|
||||
sender: 'authelia@example.com'
|
||||
|
||||
jwt_secret: '${AUTHELIA_JWT_SECRET}'
|
||||
identity_validation:
|
||||
reset_password: {}
|
||||
|
||||
api:
|
||||
endpoints:
|
||||
reset_password:
|
||||
disable: false
|
||||
|
||||
regulations:
|
||||
regulation:
|
||||
max_retries: 3
|
||||
find_time: 120
|
||||
ban_time: 300
|
||||
ban_time: 300
|
||||
|
||||
@@ -1,10 +1,17 @@
|
||||
---
|
||||
# Authelia users database
|
||||
# This is a simple file-based user database for testing
|
||||
# This is a simple file-based user database
|
||||
#
|
||||
# To generate a new password hash, run:
|
||||
# docker run --rm authelia/authelia:latest authelia crypto hash generate argon2 --password 'YOUR_PASSWORD'
|
||||
#
|
||||
# IMPORTANT: Change the default password before production use!
|
||||
|
||||
users:
|
||||
admin:
|
||||
displayname: "Administrator"
|
||||
password: "$argon2id$v=19$m=65536,t=3,p=4$abcdefghijklmnopqrstuvwx$abcdefghijklmnopqrstuvwxabcdefghijklmnopqrstuvwx" # Dummy hash for 'password'
|
||||
email: admin@example.com
|
||||
groups: []
|
||||
# Default password: "Admin@123456" - CHANGE THIS!
|
||||
password: "$argon2id$v=19$m=65536,t=3,p=4$O1Qjq7AB4/xJ7Qk1dUqp/g$PhVqFWEqyQTJeSnCeiCC3lrcWcpw37kYttw4Xh/qUsk"
|
||||
email: admin@3launchpad.com
|
||||
groups:
|
||||
- admins
|
||||
Reference in New Issue
Block a user