From b98cbd1ffa61bba02526d5462c6dea1771b4fbaa Mon Sep 17 00:00:00 2001 From: akanealw Date: Wed, 22 Apr 2026 18:59:14 +0000 Subject: [PATCH] added config files --- authelia/config/configuration.yml | 74 ++++++++++++++++++++++++++++++ authelia/config/users_database.yml | 19 ++++++++ compose.yml | 1 + 3 files changed, 94 insertions(+) create mode 100644 authelia/config/configuration.yml create mode 100644 authelia/config/users_database.yml diff --git a/authelia/config/configuration.yml b/authelia/config/configuration.yml new file mode 100644 index 0000000..7d476ed --- /dev/null +++ b/authelia/config/configuration.yml @@ -0,0 +1,74 @@ +--- +############################################################### +# Authelia configuration # +############################################################### + +server: + address: 'tcp://:9091' + +log: + level: 'debug' + +totp: + issuer: 'akanealw.com' + +identity_validation: + reset_password: + jwt_secret: 'a_very_important_secret' + +# duo_api: +# hostname: api-123456789.example.com +# integration_key: ABCDEF +# # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE +# secret_key: 1234567890abcdefghifjkl + +authentication_backend: + file: + path: '/config/users_database.yml' + +access_control: + default_policy: 'deny' + rules: + # Rules applied to everyone + - domain: 'public.example.com' + policy: 'bypass' + - domain: 'traefik.example.com' + policy: 'one_factor' + - domain: 'secure.example.com' + policy: 'two_factor' + +session: + # This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE + secret: 'insecure_session_secret' + + cookies: + - name: 'authelia_session' + domain: 'example.com' # Should match whatever your root protected domain is + authelia_url: 'https://authelia.example.com' + expiration: '1 hour' + inactivity: '5 minutes' + + redis: + host: 'redis' + port: 6379 + # This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE + # password: authelia + +regulation: + max_retries: 3 + find_time: '2 minutes' + ban_time: '5 minutes' + +storage: + encryption_key: 'you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this' + local: + path: '/config/db.sqlite3' + +notifier: + smtp: + username: 'test' + # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE + password: 'password' + address: 'smtp://mail.example.com:25' + sender: 'admin@example.com' +... \ No newline at end of file diff --git a/authelia/config/users_database.yml b/authelia/config/users_database.yml new file mode 100644 index 0000000..c60755b --- /dev/null +++ b/authelia/config/users_database.yml @@ -0,0 +1,19 @@ +--- +############################################################### +# Users Database # +############################################################### + +# This file can be used if you do not have an LDAP set up. + +# List of users +users: + authelia: + disabled: false + displayname: 'Authelia User' + # Password is authelia + password: '$argon2id$v=19$m=65536,t=3,p=4$qOKNq+u5lZHOTnsJY1Sp3g$s6zT9EKncfkmIJmykzZProUigRRJ26hlTl1WC+mG2do' # yamllint disable-line rule:line-length + email: 'authelia@authelia.com' + groups: + - 'admins' + - 'dev' +... \ No newline at end of file diff --git a/compose.yml b/compose.yml index 112803c..5c42b0e 100644 --- a/compose.yml +++ b/compose.yml @@ -6,6 +6,7 @@ services: - './authelia:/config' networks: - authelia + - reverse-proxy restart: 'unless-stopped' healthcheck: ## In production the healthcheck section should be commented.