authelia/internal/suites/Traefik/configuration.yml

---
###############################################################
#                Authelia minimal configuration               #
###############################################################

jwt_secret: 'unsecure_secret'

server:
  address: 'tcp://:9091'
  asset_path: '/config/assets/'
  tls:
    certificate: '/pki/public.backend.crt'
    key: '/pki/private.backend.pem'

log:
  level: 'debug'

authentication_backend:
  file:
    path: '/config/users.yml'

session:
  secret: 'unsecure_session_secret'
  expiration: '1h'  # 1 hour
  inactivity: '5m'  # 5 minutes
  remember_me: '1y'
  cookies:
    - domain: 'example.com'
      authelia_url: 'https://login.example.com:8080'

storage:
  encryption_key: 'a_not_so_secure_encryption_key'
  local:
    path: '/config/db.sqlite'

access_control:
  default_policy: 'bypass'
  rules:
    - domain: 'public.example.com'
      policy: 'bypass'
    - domain: 'admin.example.com'
      policy: 'two_factor'
    - domain: 'secure.example.com'
      policy: 'two_factor'
    - domain: 'singlefactor.example.com'
      policy: 'one_factor'

notifier:
  smtp:
    address: 'smtp://smtp:1025'
    sender: 'admin@example.com'
    disable_require_tls: true
...
ci: add yamllint (#1895) This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit. 2021-04-10 20:51:00 +00:00			`---`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00			`###############################################################`
			`# Authelia minimal configuration #`
			`###############################################################`

refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`jwt_secret: 'unsecure_secret'`
feat(configuration): replace several configuration options (#2209) This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0 2021-08-02 11:55:30 +00:00
			`server:`
feat(authentication): suport ldap over unix socket (#5397) This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:39:17 +00:00			`address: 'tcp://:9091'`
			`asset_path: '/config/assets/'`
feat(configuration): replace several configuration options (#2209) This change adjusts several global options moving them into the server block. It additionally notes other breaking changes in the configuration. BREAKING CHANGE: Several configuration options have been changed and moved into other sections. Migration instructions are documented here: https://authelia.com/docs/configuration/migration.html#4.30.0 2021-08-02 11:55:30 +00:00			`tls:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`certificate: '/pki/public.backend.crt'`
			`key: '/pki/private.backend.pem'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00
refactor(configuration): use key log instead of logging (#2072) * refactor: logging config key to log This refactors the recent pre-release change adding log options to their own configuration section in favor of a log section (from logging). * docs: add step to getting started to get the latest tagged commit This is so we avoid issues with changes on master having differences that don't work on the latest docker tag. * test: adjust tests * docs: adjust doc strings 2021-06-08 13:15:43 +00:00			`log:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`level: 'debug'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00
			`authentication_backend:`
			`file:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`path: '/config/users.yml'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00
			`session:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`secret: 'unsecure_session_secret'`
			`expiration: '1h' # 1 hour`
			`inactivity: '5m' # 5 minutes`
			`remember_me: '1y'`
feat(server): customizable authz endpoints (#4296) This allows users to customize the authz endpoints. Closes #2753, Fixes #3716 Co-authored-by: Amir Zarrinkafsh <nightah@me.com> 2023-01-25 09:36:40 +00:00			`cookies:`
			`- domain: 'example.com'`
			`authelia_url: 'https://login.example.com:8080'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00
			`storage:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`encryption_key: 'a_not_so_secure_encryption_key'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00			`local:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`path: '/config/db.sqlite'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00
			`access_control:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`default_policy: 'bypass'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00			`rules:`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`- domain: 'public.example.com'`
			`policy: 'bypass'`
			`- domain: 'admin.example.com'`
			`policy: 'two_factor'`
			`- domain: 'secure.example.com'`
			`policy: 'two_factor'`
			`- domain: 'singlefactor.example.com'`
			`policy: 'one_factor'`
[BREAKING] Create a suite for Traefik proxy. * Removal of the Redirect header sent by Authelia /api/verify endpoint. * Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host to compute the link sent in identity verification emails. * Authelia used Host header as the application name for U2F authentication but it's now using X-Forwarded-* headers. 2019-04-10 19:27:18 +00:00
			`notifier:`
			`smtp:`
feat(authentication): suport ldap over unix socket (#5397) This adds support for LDAP unix sockets using the ldapi scheme. In addition it improves all of the address related parsing significantly deprecating old options. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:39:17 +00:00			`address: 'smtp://smtp:1025'`
refactor: single quote yaml strings Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com> 2023-05-07 06:41:41 +00:00			`sender: 'admin@example.com'`
ci: add yamllint (#1895) This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit. 2021-04-10 20:51:00 +00:00			`disable_require_tls: true`
			`...`