58 lines
1.1 KiB
YAML
58 lines
1.1 KiB
YAML
---
|
|
# Authelia configuration
|
|
# This is a minimal configuration for getting started with Authelia
|
|
|
|
server:
|
|
port: 9091
|
|
endpoints:
|
|
authz:
|
|
forward-auth:
|
|
implementation: 'ForwardAuth'
|
|
|
|
authentication_backend:
|
|
file:
|
|
path: '/config/users_database.yml'
|
|
|
|
access_control:
|
|
default_policy: 'deny'
|
|
rules:
|
|
- domain: 'pgadmin.gate.${DOMAIN}'
|
|
policy: 'two_factor'
|
|
- domain: '*.gate.${DOMAIN}'
|
|
policy: 'one_factor'
|
|
|
|
session:
|
|
name: 'authelia_session'
|
|
secret: '${AUTHELIA_SESSION_SECRET}'
|
|
cookies:
|
|
- domain: 'gate.${DOMAIN}'
|
|
authelia_url: 'https://auth.gate.${DOMAIN}'
|
|
default_redirection_url: 'https://login.gate.${DOMAIN}'
|
|
|
|
storage:
|
|
postgres:
|
|
host: 'authelia-db'
|
|
port: 5432
|
|
database: 'authelia'
|
|
username: 'authelia'
|
|
password: '${AUTHELIA_DB_PASSWORD}'
|
|
|
|
notifier:
|
|
smtp:
|
|
username: 'authelia'
|
|
password: 'dummy_password'
|
|
host: 'smtp.example.com'
|
|
port: 587
|
|
sender: 'authelia@example.com'
|
|
|
|
jwt_secret: '${AUTHELIA_JWT_SECRET}'
|
|
|
|
api:
|
|
endpoints:
|
|
reset_password:
|
|
disable: false
|
|
|
|
regulations:
|
|
max_retries: 3
|
|
find_time: 120
|
|
ban_time: 300 |