From d912a168a23039d50887671ef0bf6be68a34c34e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20Fra=C3=9F?=
 <christian.frass@dielinke-glauchau.de>
Date: Sat, 1 Jun 2024 19:26:06 +0200
Subject: [PATCH] [mod] role:authelia

---
 roles/authelia/defaults/main.json          |  2 ++
 roles/authelia/templates/conf-main.json.j2 | 10 ++++++++--
 roles/authelia/vardef.json                 |  8 ++++++++
 3 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/roles/authelia/defaults/main.json b/roles/authelia/defaults/main.json
index 9b5e676..8394076 100644
--- a/roles/authelia/defaults/main.json
+++ b/roles/authelia/defaults/main.json
@@ -5,6 +5,8 @@
 	"var_authelia_jwt_secret": "REPLACE_ME",
 	"var_authelia_users_file_path": "/var/authelia/users.yml",
 	"var_authelia_log_file_path": "/var/authelia/log.jsonl",
+	"var_authelia_domain": "authelia.example.org",
+	"var_authelia_redirect_url": "https://example.org",
 	"var_authelia_session_domain": "example.org",
 	"var_authelia_session_secret": "REPLACE_ME",
 	"var_authelia_storage_encryption_key": "REPLACE_ME",
diff --git a/roles/authelia/templates/conf-main.json.j2 b/roles/authelia/templates/conf-main.json.j2
index 98c0437..df26aaa 100644
--- a/roles/authelia/templates/conf-main.json.j2
+++ b/roles/authelia/templates/conf-main.json.j2
@@ -120,12 +120,18 @@
 	},
 	"session": {
 		"name": "authelia_session",
-		"domain": "{{var_authelia_session_domain}}",
 		"same_site": "lax",
 		"secret": "{{var_authelia_session_secret}}",
 		"expiration": "1h",
 		"inactivity": "5m",
-		"remember_me": "1M"
+		"remember_me": "1M",
+		"cookies": [
+			{
+				"domain": "{{var_authelia_session_domain}}",
+				"authelia_url": "{{var_authelia_domain}}",
+				"default_redirection_url": "{{var_authelia_redirect_url}}"
+			}
+		]
 	},
 	"regulation": {
 		"max_retries": 3,
diff --git a/roles/authelia/vardef.json b/roles/authelia/vardef.json
index 8370d6b..3fb5bbc 100644
--- a/roles/authelia/vardef.json
+++ b/roles/authelia/vardef.json
@@ -23,6 +23,14 @@
 		"type": "string",
 		"mandatory": false
 	},
+	"domain": {
+		"type": "string",
+		"mandatory": false,
+	},
+	"redirect_url": {
+		"type": "string",
+		"mandatory": false
+	},
 	"session_domain": {
 		"type": "string",
 		"mandatory": false