From b1a7f79bdd54f34cfe8de42455bf8e53eff155f9 Mon Sep 17 00:00:00 2001 From: akanealw Date: Sun, 26 Mar 2023 12:08:19 -0500 Subject: [PATCH] removed old authelia config --- authelia-configuration-backup.yml | 141 ------------------------------ authelia-nginx.conf | 33 ------- protected-domain-nginx.conf | 75 ---------------- 3 files changed, 249 deletions(-) delete mode 100644 authelia-configuration-backup.yml delete mode 100644 authelia-nginx.conf delete mode 100644 protected-domain-nginx.conf diff --git a/authelia-configuration-backup.yml b/authelia-configuration-backup.yml deleted file mode 100644 index 5f53b94..0000000 --- a/authelia-configuration-backup.yml +++ /dev/null @@ -1,141 +0,0 @@ -theme: dark -jwt_secret: 9DGPzQy8SZQ7rV57V3DJnw - -#default_redirection_url: https://www.google.com/ - -server: - host: 0.0.0.0 - port: 9091 - path: "" - read_buffer_size: 4096 - write_buffer_size: 4096 - enable_pprof: false - enable_expvars: false - disable_healthcheck: false - tls: - key: "" - certificate: "" - -ntp: - address: "0.debian.pool.ntp.org:123" - version: 3 - max_desync: 3s - disable_startup_check: true - disable_failure: true - -log: - level: info - -totp: - disable: false - issuer: akanealw.com - algorithm: sha1 - digits: 6 - period: 30 - skew: 1 - secret_size: 32 - -authentication_backend: - disable_reset_password: true - refresh_interval: 5m - file: - path: /config/users_database.yml - password: - algorithm: argon2id - iterations: 1 - salt_length: 16 - parallelism: 8 - memory: 64 - -access_control: - default_policy: deny - rules: - # bypass rule - - domain: "auth.akanealw.com" - policy: bypass - - domain: "bitwarden.akanealw.com" - policy: bypass - - domain: "gitea.akanealw.com" - policy: bypass - - domain: "meshcentral.akanealw.com" - policy: bypass - - domain: "owncloud.akanealw.com" - policy: bypass - - domain: "overseerr.akanealw.com" - policy: bypass - - domain: "plex.akanealw.com" - policy: bypass - - # two_factor rule - - domain: "akanealw.com" - policy: two_factor - - domain: "codeserver.akanealw.com" - policy: two_factor - - domain: "freshrss.akanealw.com" - policy: two_factor - - domain: "jackett.akanealw.com" - policy: two_factor - - domain: "jdownloader.akanealw.com" - policy: two_factor - - domain: "kavita.akanealw.com" - policy: two_factor - - domain: "lidarr.akanealw.com" - policy: two_factor - - domain: "metube.akanealw.com" - policy: two_factor - - domain: "monitorr.akanealw.com" - policy: two_factor - - domain: "mstream.akanealw.com" - policy: two_factor - - domain: "nzbhydra.akanealw.com" - policy: two_factor - - domain: "portainer.akanealw.com" - policy: two_factor - - domain: "prowlarr.akanealw.com" - policy: two_factor - - domain: "qbittorrent.akanealw.com" - policy: two_factor - - domain: "radarr.akanealw.com" - policy: two_factor - - domain: "sabnzbd.akanealw.com" - policy: two_factor - - domain: "sonarr.akanealw.com" - policy: two_factor - - domain: "www.akanealw.com" - policy: two_factor - -session: - name: authelia_session - domain: akanealw.com - same_site: lax - secret: 8r9y4d8mY7NfQtpCe2oU - expiration: 6h - inactivity: 5m - remember_me_duration: 1w - -regulation: - max_retries: 3 - find_time: 10m - ban_time: 12h - -storage: - local: - path: /config/db.sqlite3 - encryption_key: iiB7C8Bn4A2gAhzs2fWaggUug76PZ4LU - -notifier: - disable_startup_check: true - smtp: - username: akanealw@gmail.com - password: qlvmffuzpscltdgz - host: smtp.gmail.com - port: 587 - sender: akanealw@gmail.com - identifier: dockerserver - subject: "[Authelia] {title}" - startup_check_address: akanealw@gmail.com - disable_require_tls: false - disable_html_emails: false - tls: - skip_verify: false - minimum_version: TLS1.2 diff --git a/authelia-nginx.conf b/authelia-nginx.conf deleted file mode 100644 index 0fd24f9..0000000 --- a/authelia-nginx.conf +++ /dev/null @@ -1,33 +0,0 @@ -location / { -set $upstream_authelia http://192.168.1.34:9091; -proxy_pass $upstream_authelia; -client_body_buffer_size 128k; - -#Timeout if the real server is dead -proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; - -# Advanced Proxy Config -send_timeout 5m; -proxy_read_timeout 360; -proxy_send_timeout 360; -proxy_connect_timeout 360; - -# Basic Proxy Config -proxy_set_header Host $host; -proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header X-Forwarded-Host $http_host; -proxy_set_header X-Forwarded-Uri $request_uri; -proxy_set_header X-Forwarded-Ssl on; -proxy_redirect http:// $scheme://; -proxy_http_version 1.1; -proxy_set_header Connection ""; -proxy_cache_bypass $cookie_session; -proxy_no_cache $cookie_session; -proxy_buffers 64 256k; - -# If behind reverse proxy, forwards the correct IP, assumes you're using Cloudflare. Adjust IP for your Docker network. -set_real_ip_from 192.168.1.0/24; -real_ip_recursive on; -} \ No newline at end of file diff --git a/protected-domain-nginx.conf b/protected-domain-nginx.conf deleted file mode 100644 index 9ca3a2f..0000000 --- a/protected-domain-nginx.conf +++ /dev/null @@ -1,75 +0,0 @@ -location /authelia { -internal; -set $upstream_authelia http://192.168.1.34:9091/api/verify; -proxy_pass_request_body off; -proxy_pass $upstream_authelia; -proxy_set_header Content-Length ""; - -# Timeout if the real server is dead -proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; -client_body_buffer_size 128k; -proxy_set_header Host $host; -proxy_set_header X-Original-URL $scheme://$http_host$request_uri; -proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forwarded-For $remote_addr; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header X-Forwarded-Host $http_host; -proxy_set_header X-Forwarded-Uri $request_uri; -proxy_set_header X-Forwarded-Ssl on; -proxy_redirect http:// $scheme://; -proxy_http_version 1.1; -proxy_set_header Connection ""; -proxy_cache_bypass $cookie_session; -proxy_no_cache $cookie_session; -proxy_buffers 4 32k; - -send_timeout 5m; -proxy_read_timeout 240; -proxy_send_timeout 240; -proxy_connect_timeout 240; -} - -location / { -set $upstream_$hostname $forward_scheme://$server:$port; -proxy_pass $upstream_$hostname; - -auth_request /authelia; -auth_request_set $target_url https://$http_host$request_uri; -auth_request_set $user $upstream_http_remote_user; -auth_request_set $email $upstream_http_remote_email; -auth_request_set $groups $upstream_http_remote_groups; -proxy_set_header Remote-User $user; -proxy_set_header Remote-Email $email; -proxy_set_header Remote-Groups $groups; - -error_page 401 =302 https://auth.akanealw.com/?rd=$target_url; - -client_body_buffer_size 128k; - -proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; - -send_timeout 5m; -proxy_read_timeout 360; -proxy_send_timeout 360; -proxy_connect_timeout 360; - -proxy_set_header Host $host; -proxy_set_header Upgrade $http_upgrade; -proxy_set_header Connection upgrade; -proxy_set_header Accept-Encoding gzip; -proxy_set_header X-Real-IP $remote_addr; -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header X-Forwarded-Host $http_host; -proxy_set_header X-Forwarded-Uri $request_uri; -proxy_set_header X-Forwarded-Ssl on; -proxy_redirect http:// $scheme://; -proxy_http_version 1.1; -proxy_set_header Connection ""; -proxy_cache_bypass $cookie_session; -proxy_no_cache $cookie_session; -proxy_buffers 64 256k; - -set_real_ip_from 192.168.1.0/24; -real_ip_recursive on; -} \ No newline at end of file