authelia/internal/suites/OneFactorOnly/configuration.yml

---
###############################################################
#                Authelia minimal configuration               #
###############################################################

jwt_secret: 'unsecure_secret'
default_redirection_url: 'https://home.example.com:8080/'

server:
  address: 'tcp://:9091'
  tls:
    certificate: '/pki/public.backend.crt'
    key: '/pki/private.backend.pem'

log:
  level: 'debug'

authentication_backend:
  file:
    path: '/config/users.yml'

session:
  secret: 'unsecure_session_secret'
  expiration: '1h'  # 1 hour
  inactivity: '5m'  # 5 minutes
  remember_me: '1y'
  cookies:
    - domain: 'example.com'
      authelia_url: 'https://login.example.com:8080'

storage:
  encryption_key: 'a_not_so_secure_encryption_key'
  local:
    path: '/config/db.sqlite'

access_control:
  default_policy: 'deny'
  rules:
    - domain: 'singlefactor.example.com'
      policy: 'one_factor'
    - domain: 'public.example.com'
      policy: 'bypass'
    - domain: 'home.example.com'
      policy: 'bypass'
    - domain: 'unsafe.local'
      policy: 'bypass'

notifier:
  filesystem:
    filename: '/config/notifier.html'
...
ci: add yamllint (#1895) This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit. 2021-04-10 20:51:00 +00:00			`---`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00			`###############################################################`
			`# Authelia minimal configuration #`
			`###############################################################`

refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`jwt_secret: 'unsecure_secret'`
			`default_redirection_url: 'https://home.example.com:8080/'`
feat(configuration): replace several configuration options (#2209) This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0 2021-08-02 11:55:30 +00:00
			`server:`
feat(authentication): suport ldap over unix socket (#5397) This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:39:17 +00:00			`address: 'tcp://:9091'`
feat(configuration): replace several configuration options (#2209) This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0 2021-08-02 11:55:30 +00:00			`tls:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`certificate: '/pki/public.backend.crt'`
			`key: '/pki/private.backend.pem'`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00
refactor(configuration): use key log instead of logging (#2072) * refactor: logging config key to log This refactors the recent pre-release change adding log options to their own configuration section in favor of a log section (from logging). * docs: add step to getting started to get the latest tagged commit This is so we avoid issues with changes on master having differences that don't work on the latest docker tag. * test: adjust tests * docs: adjust doc strings 2021-06-08 13:15:43 +00:00			`log:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`level: 'debug'`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00
			`authentication_backend:`
			`file:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`path: '/config/users.yml'`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00
			`session:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`secret: 'unsecure_session_secret'`
			`expiration: '1h' # 1 hour`
			`inactivity: '5m' # 5 minutes`
			`remember_me: '1y'`
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-25 09:36:40 +00:00			`cookies:`
			`- domain: 'example.com'`
			`authelia_url: 'https://login.example.com:8080'`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00
			`storage:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`encryption_key: 'a_not_so_secure_encryption_key'`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00			`local:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`path: '/config/db.sqlite'`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00
			`access_control:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`default_policy: 'deny'`
[BUGFIX] Skip 2FA step if no ACL rule is two_factor (#684) When no rule is set to two_factor in ACL configuration, 2FA is considered disabled. Therefore, when a user cannot be redirected correctly because no target URL is provided or the URL is unsafe, the user is either redirected to the default URL or to the 'already authenticated' view instead of the second factor view. Fixes #683 2020-03-06 00:31:09 +00:00			`rules:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`- domain: 'singlefactor.example.com'`
			`policy: 'one_factor'`
			`- domain: 'public.example.com'`
			`policy: 'bypass'`
			`- domain: 'home.example.com'`
			`policy: 'bypass'`
			`- domain: 'unsafe.local'`
			`policy: 'bypass'`
[FIX] Redirect to default URL after 1FA when default policy is one_factor. (#611) * Redirect to default URL after 1FA when default policy is one_factor. User is now redirected to the default redirection URL after 1FA if the default policy is set to one_factor and there is no target URL or if the target URL is unsafe. Also, if the default policy is set to one_factor and the user is already authenticated, if she visits the login portal, the 'already authenticated' view is displayed with a logout button. This fixes #581. * Update users.yml * Fix permissions issue causing suite test failure 2020-02-04 21:18:02 +00:00
			`notifier:`
[FEATURE] Notifier Startup Checks (#889) * implement SMTP notifier startup check * check dial, starttls, auth, mail from, rcpt to, reset, and quit * log the error on failure * implement mock * misc optimizations, adjustments, and refactoring * implement validate_skip config option * fix comments to end with period * fix suites that used smtp notifier without a smtp container * add docs * add file notifier startup check * move file mode into const.go * disable gosec linting on insecureskipverify since it's intended, warned, and discouraged * minor PR commentary adjustment * apply suggestions from code review Co-Authored-By: Amir Zarrinkafsh <nightah@me.com> 2020-04-21 04:59:38 +00:00			`filesystem:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`filename: '/config/notifier.html'`
ci: add yamllint (#1895) This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit. 2021-04-10 20:51:00 +00:00			`...`