authelia/internal/suites/Postgres/configuration.yml

---
###############################################################
#                Authelia minimal configuration               #
###############################################################

jwt_secret: 'very_important_secret'
default_redirection_url: 'https://home.example.com:8080/'

server:
  address: 'tcp://:9091'
  tls:
    certificate: '/pki/public.backend.crt'
    key: '/pki/private.backend.pem'

log:
  level: 'debug'

authentication_backend:
  file:
    path: '/config/users.yml'

session:
  secret: 'unsecure_session_secret'
  expiration: '1h'  # 1 hour
  inactivity: '5m'  # 5 minutes
  remember_me: '1y'
  cookies:
    - domain: 'example.com'
      authelia_url: 'https://login.example.com:8080'

# Configuration of the storage backend used to store data and secrets. i.e. totp data
storage:
  encryption_key: 'a_not_so_secure_encryption_key'
  postgres:
    address: 'tcp://postgres:5432'
    database: 'authelia'
    username: 'admin'
    password: 'password'

# TOTP Issuer Name
#
# This will be the issuer name displayed in Google Authenticator
# See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names
totp:
  issuer: 'example.com'

access_control:
  default_policy: 'deny'
  rules:
    - domain: 'public.example.com'
      policy: 'bypass'
    - domain: 'admin.example.com'
      policy: 'two_factor'
    - domain: 'secure.example.com'
      policy: 'two_factor'
    - domain: 'singlefactor.example.com'
      policy: 'one_factor'

# Configuration of the authentication regulation mechanism.
regulation:
  # Set it to 0 to disable max_retries.
  max_retries: 3

  # The user is banned if the authentication failed `max_retries` times in a `find_time` seconds window.
  find_time: '8s'

  # The length of time before a banned user can login again.
  ban_time: 10

notifier:
  # Use a SMTP server for sending notifications
  smtp:
    address: 'smtp://smtp:1025'
    sender: 'admin@example.com'
    disable_require_tls: 'true'
...
ci: add yamllint (#1895) This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit. 2021-04-10 20:51:00 +00:00			`---`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00			`###############################################################`
			`# Authelia minimal configuration #`
			`###############################################################`

refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`jwt_secret: 'very_important_secret'`
			`default_redirection_url: 'https://home.example.com:8080/'`
feat(configuration): replace several configuration options (#2209) This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0 2021-08-02 11:55:30 +00:00
			`server:`
feat(authentication): suport ldap over unix socket (#5397) This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:39:17 +00:00			`address: 'tcp://:9091'`
feat(configuration): replace several configuration options (#2209) This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0 2021-08-02 11:55:30 +00:00			`tls:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`certificate: '/pki/public.backend.crt'`
			`key: '/pki/private.backend.pem'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
refactor(configuration): use key log instead of logging (#2072) * refactor: logging config key to log This refactors the recent pre-release change adding log options to their own configuration section in favor of a log section (from logging). * docs: add step to getting started to get the latest tagged commit This is so we avoid issues with changes on master having differences that don't work on the latest docker tag. * test: adjust tests * docs: adjust doc strings 2021-06-08 13:15:43 +00:00			`log:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`level: 'debug'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
			`authentication_backend:`
			`file:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`path: '/config/users.yml'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
			`session:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`secret: 'unsecure_session_secret'`
			`expiration: '1h' # 1 hour`
			`inactivity: '5m' # 5 minutes`
			`remember_me: '1y'`
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-25 09:36:40 +00:00			`cookies:`
			`- domain: 'example.com'`
			`authelia_url: 'https://login.example.com:8080'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
			`# Configuration of the storage backend used to store data and secrets. i.e. totp data`
			`storage:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`encryption_key: 'a_not_so_secure_encryption_key'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00			`postgres:`
feat(authentication): suport ldap over unix socket (#5397) This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:39:17 +00:00			`address: 'tcp://postgres:5432'`
			`database: 'authelia'`
			`username: 'admin'`
			`password: 'password'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
			`# TOTP Issuer Name`
			`#`
			`# This will be the issuer name displayed in Google Authenticator`
			`# See: https://github.com/google/google-authenticator/wiki/Key-Uri-Format for more info on issuer names`
			`totp:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`issuer: 'example.com'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
			`access_control:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`default_policy: 'deny'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00			`rules:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`- domain: 'public.example.com'`
			`policy: 'bypass'`
			`- domain: 'admin.example.com'`
			`policy: 'two_factor'`
			`- domain: 'secure.example.com'`
			`policy: 'two_factor'`
			`- domain: 'singlefactor.example.com'`
			`policy: 'one_factor'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
			`# Configuration of the authentication regulation mechanism.`
			`regulation:`
			`# Set it to 0 to disable max_retries.`
			`max_retries: 3`

Misc Spelling Corrections - Mostly changes to spelling of comments/docs/displayed text - A few changes to test function names 2020-01-21 00:10:00 +00:00			# The user is banned if the authentication failed `max_retries` times in a `find_time` seconds window.
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`find_time: '8s'`
Add support for PostgreSQL. 2019-11-16 19:50:58 +00:00
			`# The length of time before a banned user can login again.`
			`ban_time: 10`

			`notifier:`
			`# Use a SMTP server for sending notifications`
			`smtp:`
feat(authentication): suport ldap over unix socket (#5397) This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:39:17 +00:00			`address: 'smtp://smtp:1025'`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`sender: 'admin@example.com'`
			`disable_require_tls: 'true'`
ci: add yamllint (#1895) This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit. 2021-04-10 20:51:00 +00:00			`...`