authelia/internal/suites/Caddy/configuration.yml

66 lines
1.3 KiB
YAML

---
certificates_directory: '/certs/'
identity_validation:
reset_password:
jwt_secret: 'a_very_important_secret'
server:
address: 'tcp://:9091'
asset_path: '/config/assets/'
tls:
certificate: '/pki/public.backend.crt'
key: '/pki/private.backend.pem'
endpoints:
authz:
caddy:
implementation: 'ForwardAuth'
authn_strategies: []
log:
level: 'debug'
authentication_backend:
file:
path: '/config/users.yml'
session:
secret: 'unsecure_session_secret'
cookies:
- domain: 'example.com'
authelia_url: 'https://login.example.com:8080'
expiration: '1 hour'
inactivity: '5 minutes'
remember_me: '1 year'
storage:
encryption_key: 'a_not_so_secure_encryption_key'
local:
path: '/config/db.sqlite'
totp:
disable_reuse_security_policy: true
webauthn:
disable: false
access_control:
default_policy: deny
rules:
- domain: ['home.example.com', 'public.example.com']
policy: 'bypass'
- domain: 'deny.example.com'
policy: 'deny'
- domain: 'admin.example.com'
policy: 'two_factor'
- domain: 'secure.example.com'
policy: 'two_factor'
- domain: 'singlefactor.example.com'
policy: 'one_factor'
notifier:
smtp:
address: 'smtp://mail.example.com:1025'
sender: 'admin@example.com'
...