added docker and reverseproxy

reverseproxy/authelia/config/configuration.yml

@@ -0,0 +1,136 @@
+theme: dark
+jwt_secret: 9DGPzQy8SZQ7rV57V3DJnw
+
+#default_redirection_url: https://akanealw.com
+
+server:
+  host: 0.0.0.0
+  port: 9091
+  path: ""
+  buffers:
+    read: 4096
+    write: 4096
+  enable_pprof: false
+  enable_expvars: false
+  disable_healthcheck: false
+  tls:
+    key: ""
+    certificate: ""
+
+ntp:
+  address: "0.debian.pool.ntp.org:123"
+  version: 3
+  max_desync: 3s
+  disable_startup_check: true
+  disable_failure: true
+
+log:
+  level: info
+
+totp:
+  disable: false
+  issuer: akanealw.com
+  algorithm: sha1
+  digits: 6
+  period: 30
+  skew: 1
+  secret_size: 32
+
+authentication_backend:
+  password_reset:
+    disable: true
+  refresh_interval: 5m
+  file:
+    path: /config/users_database.yml
+    password:
+      algorithm: argon2id
+      iterations: 1
+      salt_length: 16
+      parallelism: 8
+      memory: 64
+
+access_control:
+  default_policy: deny
+  networks:
+    - name: internal
+      networks:
+      - '10.0.0.0/8'
+      - '172.16.0.0/12'
+      - '192.168.0.0/16'
+  rules:
+    ## bypass all domains and subdomains from local ips
+    - domain:
+      - aknlw.com
+      - akanealw.com
+      - "*.akanealw.com"
+      networks:
+      - 'internal'
+      policy: bypass
+    ## bypass api for subdomains
+    - domain: 
+      - "*.akanealw.com"
+      resources:
+      - "^/api([/?].*)?$"
+      - "^/add([/?].*)?$"  
+      - "^/public([/?].*)?$"        
+      policy: bypass
+    # bypass specific subdomains
+    - domain:
+      - aknlw.com
+      - bitwarden.akanealw.com
+      - gitea.akanealw.com
+      - nextcloud.akanealw.com
+      policy: bypass
+    # bypass filebrowser shares
+    - domain:
+        - "fileserver.akanealw.com"
+      resources:
+        - "^/api/public/dl/*"
+        - "/share/*"
+        - "/static/js/*"
+        - "/static/css/*"
+        - "/static/img/*"
+        - "/static/themes/*"
+        - "/static/fonts/*"
+      policy: bypass
+    # two_factor subdomains
+    - domain: 
+      - akanealw.com
+      - "*.akanealw.com"
+      policy: two_factor
+
+session:
+  name: authelia_session
+  domain: akanealw.com
+  same_site: lax
+  secret: 8r9y4d8mY7NfQtpCe2oU
+  expiration: 6h
+  inactivity: 5m
+  remember_me_duration: 1w
+
+regulation:
+  max_retries: 3
+  find_time: 10m
+  ban_time: 12h
+
+storage:
+  local:
+    path: /config/db.sqlite3
+  encryption_key: iiB7C8Bn4A2gAhzs2fWaggUug76PZ4LU
+  
+notifier:
+  disable_startup_check: true
+  smtp:
+    username: akanealw@gmail.com
+    password: qlvmffuzpscltdgz
+    host: smtp.gmail.com
+    port: 587
+    sender: akanealw@gmail.com
+    identifier: dockerserver
+    subject: "[Authelia] {title}"
+    startup_check_address: akanealw@gmail.com
+    disable_require_tls: false
+    disable_html_emails: false
+    tls:
+      skip_verify: false
+      minimum_version: TLS1.2