gitops/docker/stacks/00-core/authelia/configuration.yml

server:
  host: 0.0.0.0
  port: 9091

log:
  level: debug

theme: dark

jwt_secret: '${JWT_SECRET}'

totp:
  issuer: authelia.com

authentication_backend:
  file:
    path: /config/users.yml

access_control:
  default_policy: deny
  rules:
    # Bypass authentication for local LAN requests
    - domain: "*.kotori-waifu.cc"
      networks:
        - 192.168.0.0/16
        - 10.0.0.0/8
        - 172.16.0.0/12
      policy: bypass
    # Require 2FA for external requests
    - domain: "*.kotori-waifu.cc"
      policy: two_factor

session:
  name: authelia_session
  domain: kotori-waifu.cc
  secret: '${SESSION_SECRET}'
  expiration: 3600
  inactivity: 1000

storage:
  encryption_key: '${STORAGE_ENCRYPTION_KEY}'
  local:
    path: /config/db.sqlite3

notifier:
  filesystem:
    filename: /config/notification.txt