141 lines
3.2 KiB
Django/Jinja
141 lines
3.2 KiB
Django/Jinja
theme: auto
|
|
jwt_secret: "{{var_authelia_jwt_secret}}"
|
|
default_2fa_method: totp
|
|
server:
|
|
host: "{{var_authelia_listen_address}}"
|
|
port: 9091
|
|
path: ""
|
|
enable_pprof: false
|
|
enable_expvars: false
|
|
disable_healthcheck: false
|
|
log:
|
|
level: info
|
|
format: json
|
|
file_path: {{var_authelia_log_file_path}}
|
|
keep_stdout: false
|
|
telemetry:
|
|
metrics:
|
|
enabled: false
|
|
address: tcp://0.0.0.0:9959
|
|
totp:
|
|
disable: false
|
|
issuer: authelia.com
|
|
algorithm: sha1
|
|
digits: 6
|
|
period: 30
|
|
skew: 1
|
|
secret_size: 32
|
|
webauthn:
|
|
disable: true
|
|
timeout: 60s
|
|
display_name: Authelia
|
|
attestation_conveyance_preference: indirect
|
|
user_verification: preferred
|
|
ntp:
|
|
address: "{{var_authelia_ntp_server}}"
|
|
version: 4
|
|
max_desync: 3s
|
|
disable_startup_check: false
|
|
disable_failure: false
|
|
authentication_backend:
|
|
password_reset:
|
|
disable: true
|
|
custom_url: ""
|
|
refresh_interval: 5m
|
|
file:
|
|
path: "{{var_authelia_users_file_path}}"
|
|
watch: true
|
|
search:
|
|
email: false
|
|
case_insensitive: false
|
|
password:
|
|
algorithm: argon2
|
|
argon2:
|
|
variant: argon2id
|
|
iterations: 3
|
|
memory: 65536
|
|
parallelism: 4
|
|
key_length: 32
|
|
salt_length: 16
|
|
scrypt:
|
|
iterations: 16
|
|
block_size: 8
|
|
parallelism: 1
|
|
key_length: 32
|
|
salt_length: 16
|
|
pbkdf2:
|
|
variant: sha512
|
|
iterations: 310000
|
|
salt_length: 16
|
|
sha2crypt:
|
|
variant: sha512
|
|
iterations: 50000
|
|
salt_length: 16
|
|
bcrypt:
|
|
variant: standard
|
|
cost: 12
|
|
password_policy:
|
|
standard:
|
|
enabled: false
|
|
min_length: 8
|
|
max_length: 0
|
|
require_uppercase: true
|
|
require_lowercase: true
|
|
require_number: true
|
|
require_special: true
|
|
zxcvbn:
|
|
enabled: false
|
|
min_score: 3
|
|
access_control:
|
|
default_policy: one_factor
|
|
session:
|
|
name: authelia_session
|
|
domain: "{{var_authelia_session_domain}}"
|
|
same_site: lax
|
|
secret: "{{var_authelia_session_secret}}"
|
|
expiration: 1h
|
|
inactivity: 5m
|
|
remember_me_duration: 1M
|
|
regulation:
|
|
max_retries: 3
|
|
find_time: 2m
|
|
ban_time: 5m
|
|
storage:
|
|
encryption_key: "{{var_authelia_storage_encryption_key}}"
|
|
local:
|
|
path: "{{var_authelia_storage_path}}"
|
|
notifier:
|
|
disable_startup_check: true
|
|
{% if var_authelia_notification_mode == "file" %}
|
|
filesystem:
|
|
filename: {{var_authelia_notification_file_path}}
|
|
{% endif %}
|
|
{% if var_authelia_notification_mode == "smtp" %}
|
|
smtp:
|
|
host: "{{var_authelia_notification_smtp_host}}"
|
|
port: {{var_authelia_notification_smtp_port}}
|
|
username: "{{var_authelia_notification_smtp_username}}"
|
|
password: "{{var_authelia_notification_smtp_password}}"
|
|
sender: "{{var_authelia_notification_smtp_sender}}"
|
|
disable_require_tls: false
|
|
disable_html_emails: false
|
|
tls:
|
|
skip_verify: false
|
|
{% endif %}
|
|
identity_providers:
|
|
oidc:
|
|
hmac_secret: "{{var_authelia_oidc_hmac_secret}}"
|
|
issuer_private_key: |
|
|
{% filter indent(width=6) %}
|
|
{{temp_tls_result.privatekey}}
|
|
{% endfilter %}
|
|
cors:
|
|
allowed_origins_from_client_redirect_uris: true
|
|
clients:
|
|
-
|
|
public: false
|
|
id: "dummy"
|
|
secret: "d1424b378e4fbbc153f330f33b74ab192525b98cc2dd58b2e8d01c2737be00c6"
|
|
redirect_uris: []
|
|
|
|
...
|