mirrors
/
authelia
mirror of https://github.com/authelia/authelia.git
0
0
Fork 0
Code Issues Projects Releases Wiki Activity
authelia/internal/suites/MultiCookieDomain/configuration.yml

198 lines
4.4 KiB
YAML
Raw Permalink Blame History

---
certificates_directory: '/certs/'
theme: 'auto'
server:
address: 'tcp://:9091'
tls:
certificate: '/pki/public.backend.crt'
key: '/pki/private.backend.pem'
telemetry:
metrics:
enabled: true
address: 'tcp://:9959'
log:
level: 'debug'
storage:
encryption_key: 'a_not_so_secure_encryption_key'
local:
path: '/config/db.sqlite'
notifier:
smtp:
address: 'smtp://mail.example.com:1025'
sender: 'admin@example.com'
ntp:
address: 'udp://time.cloudflare.com:123'
version: 4
max_desync: 3s
disable_startup_check: false
identity_validation:
reset_password:
jwt_secret: 'a_very_important_secret'
elevated_session:
code_lifespan: '5 minutes'
elevation_lifespan: '10 minutes'
characters: 8
require_second_factor: true
regulation:
max_retries: 3
find_time: '5 minutes'
ban_time: '15 minutes'
password_policy:
standard:
enabled: false
min_length: 8
max_length: 0
require_uppercase: true
require_lowercase: true
require_number: true
require_special: true
zxcvbn:
enabled: false
session:
secret: 'unsecure_session_secret'
expiration: '1 hour'
inactivity: '5 minutes'
remember_me: '1 year'
cookies:
- name: 'authelia_session'
domain: 'example.com'
authelia_url: 'https://login.example.com:8080'
- name: 'example2_session'
domain: 'example2.com'
authelia_url: 'https://login.example2.com:8080'
remember_me: -1
- name: 'authelia_session'
domain: 'example3.com'
authelia_url: 'https://login.example3.com:8080'
authentication_backend:
file:
path: '/config/users.yml'
totp:
issuer: 'example.com'
disable_reuse_security_policy: true
allowed_algorithms:
- 'SHA1'
- 'SHA256'
- 'SHA512'
allowed_digits:
- 6
- 8
allowed_periods:
- 30
- 60
- 90
- 120
webauthn:
disable: false
access_control:
default_policy: 'deny'
rules:
- domain: 'singlefactor.example.com'
policy: 'one_factor'
- domain: 'public.example.com'
policy: 'bypass'
- domain: 'secure.example.com'
policy: 'bypass'
methods:
- 'OPTIONS'
- domain: 'secure.example.com'
policy: 'two_factor'
- domain: '*.example.com'
subject: 'group:admins'
policy: 'two_factor'
- domain: 'dev.example.com'
resources:
- '^/users/john/.*$'
subject: 'user:john'
policy: 'two_factor'
- domain: 'dev.example.com'
resources:
- '^/users/harry/.*$'
subject: 'user:harry'
policy: 'two_factor'
- domain: '*.mail.example.com'
subject: 'user:bob'
policy: 'two_factor'
- domain: 'dev.example.com'
resources:
- '^/users/bob/.*$'
subject: 'user:bob'
policy: 'two_factor'
- domain: 'singlefactor.example2.com'
policy: 'one_factor'
- domain: 'public.example2.com'
policy: 'bypass'
- domain: 'secure.example2.com'
policy: 'bypass'
methods:
- 'OPTIONS'
- domain: 'secure.example2.com'
policy: 'two_factor'
- domain: '*.example2.com'
subject: 'group:admins'
policy: 'two_factor'
- domain: 'dev.example2.com'
resources:
- '^/users/john/.*$'
subject: 'user:john'
policy: 'two_factor'
- domain: 'dev.example2.com'
resources:
- '^/users/harry/.*$'
subject: 'user:harry'
policy: 'two_factor'
- domain: '*.mail.example2.com'
subject: 'user:bob'
policy: 'two_factor'
- domain: 'dev.example2.com'
resources:
- '^/users/bob/.*$'
subject: 'user:bob'
policy: 'two_factor'
- domain: 'singlefactor.example3.com'
policy: 'one_factor'
- domain: 'public.example3.com'
policy: 'bypass'
- domain: 'secure.example3.com'
policy: 'bypass'
methods:
- 'OPTIONS'
- domain: 'secure.example3.com'
policy: 'two_factor'
- domain: '*.example3.com'
subject: 'group:admins'
policy: 'two_factor'
- domain: 'dev.example3.com'
resources:
- '^/users/john/.*$'
subject: 'user:john'
policy: 'two_factor'
- domain: 'dev.example3.com'
resources:
- '^/users/harry/.*$'
subject: 'user:harry'
policy: 'two_factor'
- domain: '*.mail.example3.com'
subject: 'user:bob'
policy: 'two_factor'
- domain: 'dev.example3.com'
resources:
- '^/users/bob/.*$'
subject: 'user:bob'
policy: 'two_factor'
...
Reference in New Issue View Git Blame Copy Permalink