valknar/docker-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9f6a119bf9b7fd6430438b6c920df21474f67028
docker-compose/net/authelia/configuration.yml
Sebastian Krüger 9f6a119bf9 fix: update Authelia configuration for v4.38+ compatibility 
- Use modern server.address syntax instead of host/port
- Add identity_validation.reset_password.jwt_secret (deprecates jwt_secret)
- Update session to use cookies array with secret
- Fix session.remember_me_duration to remember_me
2025-11-15 20:03:39 +01:00

122 lines
2.4 KiB
YAML
Raw Blame History

---
###############################################################
# Authelia Configuration #
###############################################################
theme: auto
server:
address: "tcp://:9091"
asset_path: /config/assets/
headers:
csp_template: ""
log:
level: info
format: text
identity_validation:
reset_password:
jwt_secret: ${AUTHELIA_JWT_SECRET}
totp:
issuer: pivoine.art
period: 30
skew: 1
webauthn:
disable: false
display_name: Pivoine Auth
attestation_conveyance_preference: indirect
user_verification: preferred
timeout: 60s
ntp:
address: "time.cloudflare.com:123"
version: 4
max_desync: 3s
disable_startup_check: false
disable_failure: false
authentication_backend:
password_reset:
disable: false
refresh_interval: 5m
file:
path: /etc/authelia/users_database.yml
watch: true
password:
algorithm: argon2
argon2:
variant: argon2id
iterations: 3
memory: 65536
parallelism: 4
key_length: 32
salt_length: 16
access_control:
default_policy: deny
rules:
# Authelia portal itself
- domain: auth.pivoine.art
policy: bypass
# Services that should be publicly accessible
- domain:
- "pivoine.art"
- "www.pivoine.art"
policy: bypass
# Protected services - require authentication
- domain:
- "netdata.pivoine.art"
- "mailpit.pivoine.art"
- "scrapy.pivoine.art"
- "restic.pivoine.art"
- "traefik.pivoine.art"
policy: two_factor
# Development services
- domain:
- "dev.pivoine.art"
- "n8n.pivoine.art"
- "asciinema.pivoine.art"
- "coolify.pivoine.art"
policy: two_factor
session:
secret: ${AUTHELIA_SESSION_SECRET}
cookies:
- name: authelia_session
domain: pivoine.art
same_site: lax
expiration: 1h
inactivity: 5m
remember_me: 1M
regulation:
max_retries: 3
find_time: 2m
ban_time: 5m
storage:
encryption_key: ${AUTHELIA_STORAGE_ENCRYPTION_KEY}
postgres:
host: postgres
port: 5432
database: authelia
username: valknar
password: ${DB_PASSWORD}
schema: public
notifier:
disable_startup_check: false
smtp:
host: net_mailpit
port: 1025
sender: auth@pivoine.art
identifier: auth.pivoine.art
disable_require_tls: true
disable_html_emails: false
Reference in New Issue View Git Blame Copy Permalink