62 lines
1.6 KiB
YAML
62 lines
1.6 KiB
YAML
---
|
|
# Authelia configuration
|
|
# This is a minimal configuration for getting started with Authelia
|
|
|
|
server:
|
|
address: 'tcp://:9091'
|
|
endpoints:
|
|
authz:
|
|
forward-auth:
|
|
implementation: 'ForwardAuth'
|
|
|
|
authentication_backend:
|
|
file:
|
|
path: '/config/users_database.yml'
|
|
|
|
access_control:
|
|
default_policy: 'one_factor'
|
|
rules:
|
|
- domain: 'pgadmin.${DOMAIN_PREFIX}.${DOMAIN}'
|
|
policy: 'two_factor'
|
|
- domain: 'beszel.${DOMAIN_PREFIX}.${DOMAIN}'
|
|
policy: 'two_factor'
|
|
- domain: 'traefik.${DOMAIN_PREFIX}.${DOMAIN}'
|
|
policy: 'two_factor'
|
|
- domain: '*.${DOMAIN_PREFIX}.${DOMAIN}'
|
|
policy: 'one_factor'
|
|
|
|
session:
|
|
name: 'authelia_session'
|
|
cookies:
|
|
- domain: '${DOMAIN}'
|
|
authelia_url: 'https://auth.${DOMAIN_PREFIX}.${DOMAIN}'
|
|
default_redirection_url: 'https://portainer.${DOMAIN_PREFIX}.${DOMAIN}'
|
|
|
|
storage:
|
|
postgres:
|
|
address: 'tcp://authelia-db:5432'
|
|
database: '${AUTHELIA_DB_NAME}'
|
|
username: '${AUTHELIA_DB_USER}'
|
|
password: '${AUTHELIA_DB_PASSWORD}'
|
|
|
|
notifier:
|
|
disable_startup_check: true
|
|
# Configure SMTP for production email notifications
|
|
# For testing, you can use filesystem notifier instead:
|
|
# filesystem:
|
|
# filename: /config/notification.txt
|
|
smtp:
|
|
address: 'submissions://smtp.gmail.com:465'
|
|
username: 'your-email@gmail.com'
|
|
sender: 'Authelia <noreply@${DOMAIN}>'
|
|
# For Gmail, use an App Password (not your regular password)
|
|
# Generate at: https://myaccount.google.com/apppasswords
|
|
|
|
identity_validation:
|
|
reset_password: {}
|
|
|
|
regulation:
|
|
max_retries: 3
|
|
find_time: 120
|
|
ban_time: 300
|