62 lines
1.1 KiB
YAML
62 lines
1.1 KiB
YAML
server:
|
|
address: 0.0.0.0:9091
|
|
endpoints:
|
|
authz:
|
|
forward-auth:
|
|
implementation: 'ForwardAuth'
|
|
|
|
log:
|
|
level: info
|
|
|
|
# --- Storage ---
|
|
storage:
|
|
local:
|
|
path: /config/db/authelia.sqlite.db
|
|
|
|
# --- Authentication ---
|
|
authentication_backend:
|
|
file:
|
|
path: /config/users_database.yml
|
|
password:
|
|
algorithm: argon2id
|
|
iterations: 1
|
|
memory: 2097152
|
|
parallelism: 4
|
|
salt_length: 16
|
|
key_length: 32
|
|
password_reset:
|
|
disable: true
|
|
password_change:
|
|
disable: false
|
|
|
|
# --- Session ---
|
|
session:
|
|
cookies:
|
|
- domain: 'saljic.me'
|
|
authelia_url: 'https://auth.saljic.me'
|
|
default_redirection_url: 'https://saljic.me'
|
|
# name: authelia_session
|
|
# expiration: 1h
|
|
# inactivity: 5m
|
|
|
|
# --- Notifier (No Mail) ---
|
|
notifier:
|
|
filesystem:
|
|
filename: /config/db/notifications.log
|
|
|
|
# --- Access Control ---
|
|
access_control:
|
|
default_policy: deny
|
|
rules:
|
|
- domain: "*.saljic.me"
|
|
policy: one_factor
|
|
|
|
# --- Password policies ---
|
|
password_policy:
|
|
standard:
|
|
enabled: true
|
|
min_length: 8
|
|
require_uppercase: true
|
|
require_lowercase: true
|
|
require_number: true
|
|
require_special: true |