luco
/
gitops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gitops/docker/stacks/00-core/authelia/configuration.yml

166 lines
6.6 KiB
YAML
Raw Blame History

server:
host: 0.0.0.0
port: 9091
asset_path: /config/assets
headers:
csp_template: "default-src 'self'; frame-src 'none'; object-src 'none'; style-src 'self' 'unsafe-inline' https://theme-park.dev; script-src 'self' 'nonce-%nonce%'; base-uri 'self';"
log:
level: debug
theme: dark
jwt_secret: '${JWT_SECRET}'
totp:
issuer: authelia.com
authentication_backend:
file:
path: /config/users.yml
access_control:
default_policy: deny
rules:
# Bypass authentication for local LAN requests
- domain: "*.kotori-waifu.cc"
networks:
- 192.168.0.0/16
- 10.0.0.0/8
- 172.16.0.0/12
policy: bypass
# Require 2FA for external requests
- domain: "*.kotori-waifu.cc"
policy: two_factor
session:
name: authelia_session
domain: kotori-waifu.cc
secret: '${SESSION_SECRET}'
expiration: 3600
inactivity: 1000
storage:
encryption_key: '${STORAGE_ENCRYPTION_KEY}'
local:
path: /config/db.sqlite3
notifier:
filesystem:
filename: /config/notification.txt
identity_providers:
oidc:
hmac_secret: '${JWT_SECRET}'
issuer_private_key: |
-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCyoMWpOz8xnBC3
MMVMug8ko+vf9zehSZClMGSxbG7MYV/BIXWX9a7LTtaW8ZzkMp64UNdywMW/SUTT
Z2VNqhEkvyneA5L8Sw67ubIsD6/A7TTlsWBNbtd/Y/rzPXPdUTMGFQ6Tu4jALiMb
D7m6vQLofZ7jQYUbWVCwRidgfeCESL5h+insVS8Asx2CAtMO9Lr+GIRoKDYmdzXw
sx12vuiJRiuHRkcOAplvgkBgWauImVL13j0T/Wka3q3AQmBFEdX7mWYmBAm42328
v8w8YQn6U41JPXcZf/SJX4oRv5f5RbHM1N0vjNYDkdoF+/RDs1+DqeVcF+JRo/Pu
MKE55eP/gH8H1Elqd4aTFbix0VVbLnLn5GjctYEanwfxgZsWyw5vqKz0SNqA2xn2
UgFkKFZ+KZ643DiT5Cmkinf+N3mrpyke5a9hzvkEiwVRoDg8SO8yACMAbxr23w71
lNCy8BUXmDmPZArRwgb6uGsHeLqsMcTXOLY/1dZSC1JZR0t6kG+6fFfbXvqFpx5r
iER6O0R3cXh6sTnzovg3L3nE6iLXoZUXz+WDJVE18Qh9pjCOk9UPtANLvQ1mH9Hk
rWR5V6gnr7bV7gzJVvJ4FG+BFzOQnNc3NgmixXeyY8v+hmQ8TFMprIH4W5xahVBk
bt6vJ60uL3OMTgCmD6EUysSSnNR5KwIDAQABAoICAFifKAG6ibMwtSBV24UiCDJK
+1LuAZUM/Ozfsg1OeTgAFXQpiACA3Rwz/IX90DNtI87ZGNLvbgxlqvZhZWKfPgsn
pntl9Y4jJOehDRMMI0vJw8Uzd85i8BpdPZthQTMrvm9FkipcT8/c9ADQj/pkHOXA
sUwZbRLxAHW8EHwwZ2vp9T6B0TvV1VB5DOo8QX85ju5StppAXQE/gqztCHCp7Y9x
l1XxWX5LbtliW1MSGebW/tBJ1q6sunEgyj5JEB8kZrABXqr8tOAYUW0MESVhlYQy
4LVV/9lQYL+o/USp9BmxaLFxaF1Xd7Rkr7DpXDoca4ZUi5zhoqCTgYmKaeriMfd0
XqWzd37055sqahJzXulXCr/fr4ksUtCc13cpgwa2g9i9sLHjt8UOfl2qXOx2CSqM
m5I1Kx4UqQWZQ7vWiYptnpNpUXrKVtFR3vg33lxr8B8TNwb0B/l+Kxk9Q1y4QNBh
AhKbp7Aq1TAikuIDn1Z2aGF1lWUcvcoKV1FAsUIcwPmAo9u/jhv+LZ80NNrMzwVl
Cie4coda8uTR2diLORiaXxQG8oSiopsm9Gn6M+lIIZM9Rvxtuzd6dmzGVTGANOvi
YVsLAKLgTjiOtmi6hKCs99U+7TzgLYKliEqKF2mEU0UHDOCntWuKga7o4MjzOouO
p/1XCqm2jt2qrK73OdDlAoIBAQDfuNQyWmTKqmgDlr/gvyaibcpfA9QnYiBUAUFE
EVwsMkP0sVS4buAvl76oTYmQGkB/jLxMGdtdPrDVYG2ki/5qv2vsdLHtKqP79BBZ
dmR37gN+eMmzoAYtWNstVj9o/nIntYK77MpM8ynByPhQ0WsCxgwXRrOQWKKccoxL
O0ijTLKi/Oq02OCj4n9SrQqLlq+rT/7AqEB7dPYPZH9+ufoGwycvyChfD5UBQluY
zUx7yn543fe8MCEEIs+UUmxPhdKAmFCdVMdeBiK9PDaZDJbHSlZ4JB7MLvk5gxIZ
+d3Y+415SMnReypKnfVDkrM46y980cGES3tXeh5qDNPXUNgdAoIBAQDMZmXA+BfK
8J1skJFLTCFsPP5azNt1Fmx620I4scJzSMA7EEZN0WewIYbaE3pTqS08/bfKcJIh
UYhY5U7WMiPlF8GgdhpV/0YUP2+OvT4gBpgzUNdljek3nh4WC/nEt6IBEW1rS/vS
/xwEwP08aSZORg2F/v75YidYF/gJTmaDQisAvzuDioCVg2T+JIENv3BW3/3Zpc5e
dJGAx3F+j4N+bFacCjGph0A/KTlvdrepzIWcbYqbkl9bT0jmJUJoCm2o/WbguNfe
qB6EwpZno61qAuIE6C6mePIEy817XxXjKHwqI2DyylCuHI+EPL0VQkEj0NsAwi//
KW/UKrAhs6PnAoIBAGIHzkuGGnZHty4jZ06m09oGu89okRT0xW+p4RxfcwEWwXo+
Hf527xtLpcp/t1CCgFKjq3q5NcslBj1pdIHOqhvCZxsEg1aGAbcMWgGphBqdG8DW
UqO38hz6u4ehLEXogMLvoSqRdo/DWT/FvTFEolxjxbaJT3Nns1FUTC9G+ew8VmZe
5sV55u1I+TuUAXPrAmzRr7Jhx2eRd6SFB+zSt0ExUEF6tl35KPSVTCenheUUdNin
gr9eY4k5a7X1a+ponDWnCGP4WyfTDnPXJ6Fmx8bpxvv779bOmnxd95eUSmaiy3oi
r/RvwLdTgb4rUQcW3wcVrnM21AQfyaX0mvrVPO0CggEAal/kFtBGuaQNmaGHLBO7
1TPM//5bPA1meW3AgfbpBsxW1qY6oGcZuk1IfBfk8sM5uuMkEmQReOuQtQrpw4mm
qqR5bYPpYtYOZ5039qZAPbSQ4yvwXXbEZ+CPMdQbsagL1Nh4BH4v2XhQ4Zx6bkUe
3V+RzCmQEsNlTHB08ortyOPXs3TSiTu8fZM7LRRcYYY+9cduuiWTSA8MZmPligMw
YMwLKvwXKm4sHnLa5Ep5fRHmeyl7GEnN/Jw/iR7c935t4aO3Nb6dAdCmyVrnoZpK
NsC3Vexr0tFgyuQx1UIABw9bxyZQXyqxYFuWyTA/C2BGvFgGkdd92SJ8g4OP1IpE
AwKCAQEAgsiTnf0a5ApqSck6+Sh+I7UoWPhVZnfHt20HHCDDuSJ2YnN3VPuq0BR3
9JGxGLyrb/Ff2Id3sKuMjgM+wd40PHH4yycSIVMbtLh+wq0kEjZEYKjbh6s9fwFT
fM98gKkn4LR0nA7+1wqJgRXCDgVPabuNN0Hl0PpNPyBz0neTXVLfi0hY/FuxYc5y
C6jReFokfEN1ytqbGacYIPaf2kBca7VeqChFF0L0c31jfdw7n2+PAx+t3TV8CY6Q
4s0HKuGAP8/QdvLuyQ/65/URtLo2FPBYXRRo0Xkt9fSa25whM/WqeDlWsLBWtKnX
TPMEZwjEHeWXbX5uMp9us/nHJSeVcw==
-----END PRIVATE KEY-----
clients:
- id: mealie
description: Mealie
secret: '$pbkdf2-sha512$310000$8BwfR2MN6UuViyTqVUyJsQ$HN/GOuf1rzr8uY0zYDK.kerSzfafzAzePx5C8DWd9hmZwLmJjENz0gQwkmiDRl9AkxlmvwnWxxQkxbBSaccGOg'
public: false
authorization_policy: two_factor
redirect_uris:
- https://mealie.kotori-waifu.cc/login
scopes:
- openid
- profile
- email
- groups
userinfo_signing_algorithm: none
- id: immich
description: Immich
secret: '$pbkdf2-sha512$310000$Rapi4k3I6YTHdaHSmBhvTQ$HWk67FyxaIl/Ejc7GbLjim8/gzwuWa6bG1sZbHNaxSSCvw3Q1NKbskaFm55rFRXVFw..ZabmcpvvAfy/3qq4Vg'
public: false
authorization_policy: two_factor
redirect_uris:
- https://immich.kotori-waifu.cc/auth/login
- https://immich.kotori-waifu.cc/user-settings
- app.immich:///oauth-callback
- https://immich.kotori-waifu.cc/api/oauth/mobile-redirect
scopes:
- openid
- profile
- email
userinfo_signing_algorithm: none
- id: gitea
description: Gitea
secret: '$pbkdf2-sha512$310000$PNUBcRwmG.FuaKw9sd9YGA$NwhUVxhtcvIGS1N7.1it1Y5IvigEnNUoPeAicZSswWkNhvkcdMCW2w9DiqZzRU8UOQ5PqYaWJVkv3rY/e/bZgw'
public: false
authorization_policy: two_factor
redirect_uris:
- https://git.kotori-waifu.cc/user/oauth2/authelia/callback
scopes:
- openid
- profile
- email
- groups
userinfo_signing_algorithm: none
- id: bookstack
description: BookStack
secret: '$pbkdf2-sha512$310000$i6qf1F2y8pQWJDmHEBXYHw$I9IBetYI247pBzZ1pjG5MHFMHutCH9PX1wnFHi7HEsIzsucu.Tp7DD2EypVC9wTftc7sV776JT9g6N2jHuSD3g'
public: false
authorization_policy: two_factor
redirect_uris:
- https://bs.kotori-waifu.cc/oidc/callback
scopes:
- openid
- profile
- email
- groups
userinfo_signing_algorithm: none
Reference in New Issue View Git Blame Copy Permalink