akanealw/proxyserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
024e0e176e3c80b85d37e0e000056bc2914e0704
proxyserver/reverseproxy/authelia/config/configuration.yml

125 lines
2.8 KiB
YAML
Raw Blame History

---
###############################################################
# Authelia configuration #
###############################################################
theme: dark
server:
address: 'tcp://:9091'
endpoints:
authz:
forward-auth:
implementation: 'ForwardAuth'
log:
level: 'info'
totp:
issuer: 'authelia.com'
identity_validation:
reset_password:
jwt_secret: '2b8a78f3ac1784ef6aab3899c663e1010c60d3a9de694550879da349fe222923'
authentication_backend:
file:
path: '/config/users_database.yml'
# access_control:
# default_policy: 'deny'
# rules:
# # Rules applied to everyone
# - domain: 'public.example.com'
# policy: 'bypass'
# - domain: 'traefik.example.com'
# policy: 'one_factor'
# - domain: 'secure.example.com'
# policy: 'two_factor'
access_control:
default_policy: deny
networks:
- name: internal
networks:
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
rules:
## bypass all domains and subdomains from local ips
- domain:
- aknlw.com
- akanealw.com
- "*.akanealw.com"
networks:
- 'internal'
policy: bypass
# bypass api for subdomains
- domain:
- "*.akanealw.com"
resources:
- "^/api([/?].*)?$"
- "^/add([/?].*)?$"
- "^/public([/?].*)?$"
policy: bypass
# bypass specific subdomains
- domain:
- aknlw.com
- bitwarden.akanealw.com
- gitea.akanealw.com
- nextcloud.akanealw.com
policy: bypass
# bypass filebrowser shares
- domain:
- "filebrowser.akanealw.com"
resources:
- "^/api([/?].*)?$"
- "^/share([/?].*)?$"
- "^/static([/?].*)?$"
policy: bypass
# two_factor subdomains
- domain:
- akanealw.com
- "*.akanealw.com"
policy: two_factor
session:
secret: 'ffc343d98b87910edcddb1f0dac4b492b62e29b5eafa92f1c213f37c4669f243'
cookies:
- name: 'authelia_session'
domain: 'akanealw.com'
authelia_url: 'https://auth.akanealw.com'
default_redirection_url: 'https://akanealw.com'
expiration: '1 hour'
inactivity: '5 minutes'
redis:
host: 'redis'
port: 6379
password: 'bc4eb8df73776ba7716aeb60c0023ef6136b80680bb8ea1cf6c51a326dea2c43'
regulation:
max_retries: 3
find_time: '2 minutes'
ban_time: '5 minutes'
storage:
encryption_key: 'cbd7570c1795cba61f05baf419b7cee23fa144d512bda2ea57ba300afa6b33bf'
local:
path: '/config/db.sqlite3'
notifier:
smtp:
username: 'akanealw@gmail.com'
password: 'qlvmffuzpscltdgz'
address: 'smtp://smtp.gmail.com:587'
sender: 'akanealw@gmail.com'
ntp:
address: 'udp://time.windows.com:123'
version: 3
max_desync: '3s'
disable_startup_check: false
disable_failure: false
Reference in New Issue View Git Blame Copy Permalink