Changed folder structure; added authelia config files
This commit is contained in:
Amar Saljic
23
homelab/applications/authelia/compose.yaml
Normal file
23
homelab/applications/authelia/compose.yaml
Normal file
@ -0,0 +1,23 @@
|
||||
services:
|
||||
authelia:
|
||||
image: authelia/authelia:latest
|
||||
container_name: authelia
|
||||
volumes:
|
||||
# Config files are still mounted as volumes
|
||||
- ./config/configuration.yml:/config/configuration.yml:ro
|
||||
- ./config/users_database.yml:/config/users_database.yml:ro
|
||||
|
||||
# Persistent SQLite database directory
|
||||
- ./db:/config/db
|
||||
ports:
|
||||
- '9091:9091'
|
||||
environment:
|
||||
- TZ=Etc/UTC
|
||||
|
||||
restart: always
|
||||
healthcheck:
|
||||
test: ["CMD", "authelia", "healthcheck"]
|
||||
interval: 5s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
start_period: 5s
|
||||
63
homelab/applications/authelia/config/configuration.yml
Normal file
63
homelab/applications/authelia/config/configuration.yml
Normal file
@ -0,0 +1,63 @@
|
||||
server:
|
||||
host: 0.0.0.0
|
||||
port: 9091
|
||||
endpoints:
|
||||
authz:
|
||||
forward-auth:
|
||||
implementation: 'ForwardAuth'
|
||||
|
||||
log:
|
||||
level: info
|
||||
|
||||
# --- Storage ---
|
||||
storage:
|
||||
sqlite:
|
||||
path: /config/db/authelia.sqlite.db
|
||||
|
||||
# --- Authentication ---
|
||||
authentication_backend:
|
||||
file:
|
||||
path: /config/users_database.yml
|
||||
password:
|
||||
algorithm: argon2id
|
||||
iterations: 1
|
||||
memory: 2097152
|
||||
parallelism: 4
|
||||
salt_length: 16
|
||||
key_length: 32
|
||||
password_reset:
|
||||
disable: true
|
||||
password_change:
|
||||
disable: false
|
||||
|
||||
# --- Session ---
|
||||
session:
|
||||
cookies:
|
||||
- domain: 'saljic.me'
|
||||
authelia_url: 'https://auth.saljic.me'
|
||||
default_redirection_url: 'https://auth.saljic.me'
|
||||
# name: authelia_session
|
||||
# expiration: 1h
|
||||
# inactivity: 5m
|
||||
|
||||
# --- Notifier (No Mail) ---
|
||||
notifier:
|
||||
filesystem:
|
||||
filename: /config/db/notifications.log
|
||||
|
||||
# --- Access Control ---
|
||||
access_control:
|
||||
default_policy: deny
|
||||
rules:
|
||||
- domain: "*.saljic.me"
|
||||
policy: one_factor
|
||||
|
||||
# --- Password policies ---
|
||||
password_policy:
|
||||
standard:
|
||||
enabled: true
|
||||
min_length: 8
|
||||
require_uppercase: true
|
||||
require_lowercase: true
|
||||
require_number: true
|
||||
require_special: true
|
||||
Reference in New Issue
Block a user