ci: add yamllint (#1895)

This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit.

.buildkite/pipeline.yml

@@ -1,5 +1,7 @@
+---
 # This represents the hardcoded pipeline set in Buildkite interface which executes the repo provided dynamic pipeline.
-# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid secret leaks.
+# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid
+# secret leaks.
 steps:
   # Blocking pipeline for master branch deployments (concurrency_group).
   - label: ":pipeline: Setup Pipeline"
@@ -13,7 +15,7 @@ steps:
     command: ".buildkite/pipeline.sh | buildkite-agent pipeline upload"
     if: build.branch != "master"
 
-  - wait:
+  - wait:  # yamllint disable-line rule:empty-values
     if: build.pull_request.repository.fork != true && build.branch !~ /^(dependabot|renovate)\/.*/
 
   # Manual intervention by team required to deploy for forked PRs (prevent secret leakage).
@@ -32,9 +34,10 @@ steps:
   - label: ":rocket: Setup Deployment"
     command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
     depends_on: ~
-    if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true
+    if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true  # yamllint disable-line rule:line-length
 
   # Removed dependency optimisation for forked PRs to enforce block step.
   - label: ":rocket: Setup Deployment"
     command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
-    if: build.pull_request.repository.fork == true
+    if: build.pull_request.repository.fork == true
+...

.codecov.yml

@@ -1,10 +1,11 @@
+---
 codecov:
-  require_ci_to_pass: yes
+  require_ci_to_pass: true
 
 comment:
   layout: "reach, diff, flags, files"
   behavior: default
-  require_changes: no
+  require_changes: false
 
 coverage:
   precision: 2
@@ -12,7 +13,7 @@ coverage:
   range: "70...100"
   status:
     project:
-      default: off
+      default: false
       backend:
         base: auto
         flags:
@@ -38,7 +39,8 @@ ignore:
 parsers:
   gcov:
     branch_detection:
-      conditional: yes
-      loop: yes
-      method: no
-      macro: no
+      conditional: true
+      loop: true
+      method: false
+      macro: false
+...

.github/FUNDING.yml

@@ -1,12 +1,14 @@
+---
 # These are supported funding model platforms
 
-github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
-patreon: # Replace with a single Patreon username
+# github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
+# patreon: # Replace with a single Patreon username
 open_collective: authelia-sponsors
-ko_fi: # Replace with a single Ko-fi username
-tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
-community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
-liberapay: # Replace with a single Liberapay username
-issuehunt: # Replace with a single IssueHunt username
-otechie: # Replace with a single Otechie username
-custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
+# ko_fi: # Replace with a single Ko-fi username
+# tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
+# community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
+# liberapay: # Replace with a single Liberapay username
+# issuehunt: # Replace with a single IssueHunt username
+# otechie: # Replace with a single Otechie username
+# custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
+...

.github/ISSUE_TEMPLATE/config.yml

@@ -1,11 +1,13 @@
+---
 blank_issues_enabled: false
 contact_links:
-- name: Documentation
-  url: https://www.authelia.com/docs/
-  about: Read the Documentation
-- name: Matrix
-  url: https://riot.im/app/#/room/#authelia:matrix.org
-  about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact
-- name: Discord
-  url: https://discord.authelia.com
-  about: Discuss Authelia with the Developers on Discord which is bridged to Matrix
+  - name: Documentation
+    url: https://www.authelia.com/docs/
+    about: Read the Documentation
+  - name: Matrix
+    url: https://riot.im/app/#/room/#authelia:matrix.org
+    about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact
+  - name: Discord
+    url: https://discord.authelia.com
+    about: Discuss Authelia with the Developers on Discord which is bridged to Matrix
+...

.golangci.yml

@@ -1,3 +1,4 @@
+---
 run:
   timeout: 3m
 
@@ -33,7 +34,7 @@ linters:
 
 issues:
   exclude:
-    - Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked
+    - Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked  # yamllint disable-line rule:line-length
     - func name will be used as test\.Test.* by other packages, and that stutters; consider calling this
     - (possible misuse of unsafe.Pointer|should have signature)
     - ineffective break statement. Did you mean to break out of the outer loop
@@ -44,4 +45,5 @@ issues:
     - Potential file inclusion via variable
   exclude-use-default: false
   max-issues-per-linter: 0
-  max-same-issues: 0
+  max-same-issues: 0
+...

.reviewdog.yml

@@ -1,3 +1,4 @@
+---
 runner:
   golangci:
     cmd: golangci-lint run
@@ -9,4 +10,10 @@ runner:
   eslint:
     cmd: cd web && eslint -f rdjson '*/**/*.{js,ts,tsx}'
     format: rdjson
-    level: error
+    level: error
+  yamllint:
+    cmd: yamllint --format parsable .
+    errorformat:
+      - '%f:%l:%c: %m'
+    level: warning
+...

.yamllint.yml

@@ -0,0 +1,22 @@
+---
+extends: default
+
+ignore: |
+  internal/configuration/test_resources/config_bad_quoting.yml
+  web/node_modules/
+  compose/
+  config.template.yml
+  internal/configuration/config.template.yml
+
+rules:
+  document-end:
+    level: warning
+  empty-values:
+    level: warning
+  indentation:
+    spaces: 2
+    check-multi-line-strings: true
+  line-length:
+    max: 120
+  octal-values: enable
+...

api/openapi.yml

@@ -2,7 +2,9 @@
 openapi: 3.0.0
 info:
   title: Authelia API
-  description: Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal.
+  description: >
+    Authelia is an open-source authentication and authorization server providing 2-factor authentication and single
+    sign-on (SSO) for your applications via a web portal.
   contact:
     name: Authelia Support
     url: https://github.com/authelia/authelia#contact-options
@@ -28,7 +30,9 @@ paths:
       tags:
         - State
       summary: Application Configuration
-      description: The configuration endpoint provides detailed information including available second factor methods, if any second factor policies exist and the TOTP period configuration.
+      description: >
+        The configuration endpoint provides detailed information including available second factor methods, if any
+        second factor policies exist and the TOTP period configuration.
       responses:
         "200":
           description: Successful Operation
@@ -39,7 +43,7 @@ paths:
         "403":
           description: Forbidden
       security:
-        - authelia_auth: [ ]
+        - authelia_auth: []
   /api/health:
     get:
       tags:
@@ -58,7 +62,9 @@ paths:
       tags:
         - State
       summary: User Application State
-      description: The state endpoint provides detailed information including the user, current authenticate level and Authelia's configured default redirection URL.
+      description: >
+        The state endpoint provides detailed information including the user, current authenticate level and Authelia's
+        configured default redirection URL.
       responses:
         "200":
           description: Successful Operation
@@ -71,7 +77,9 @@ paths:
       tags:
         - Authentication
       summary: Verification
-      description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain.
+      description: >
+        The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
+        domain.
       parameters:
         - $ref: '#/components/parameters/originalURLParam'
         - $ref: '#/components/parameters/forwardedMethodParam'
@@ -108,7 +116,9 @@ paths:
       tags:
         - Authentication
       summary: Verification
-      description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain.
+      description: >
+        The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
+        domain.
       parameters:
         - $ref: '#/components/parameters/originalURLParam'
         - $ref: '#/components/parameters/forwardedMethodParam'
@@ -146,7 +156,8 @@ paths:
       tags:
         - Authentication
       summary: Login
-      description: The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization.
+      description: >
+        The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization.
       requestBody:
         content:
           application/json:
@@ -184,13 +195,19 @@ paths:
               schema:
                 $ref: '#/components/schemas/middlewares.OkResponse'
       security:
-        - authelia_auth: [ ]
+        - authelia_auth: []
   /api/reset-password/identity/start:
     post:
       tags:
         - Password Reset
       summary: Identity Verification Token Creation
-      description: "This endpoint is step 1 of 3 in the password reset process.\n\nIt validates the user session and sends the user an email with a token and a link to reset their password. This step also generates a session cookie for the rest of the process.\n\nThe same session cookie must be used for all steps in this process."
+      description: >
+        This endpoint is step 1 of 3 in the password reset process.
+
+        It validates the user session and sends the user an email with a token and a link to reset their password. This
+        step also generates a session cookie for the rest of the process.
+
+        The same session cookie must be used for all steps in this process.
       requestBody:
         required: true
         content:
@@ -211,7 +228,12 @@ paths:
       tags:
         - Password Reset
       summary: Identity Verification Token Validation
-      description: "This endpoint is step 2 of 3 in the password reset process.\n\nIt validates the user session and reset token.\n\nThe same session cookie must be used for all steps in this process."
+      description: >
+        This endpoint is step 2 of 3 in the password reset process.
+
+        It validates the user session and reset token.
+
+        The same session cookie must be used for all steps in this process.
       requestBody:
         required: true
         content:
@@ -232,7 +254,12 @@ paths:
       tags:
         - Password Reset
       summary: Password Reset
-      description: "This endpoint is step 3 of 3 in the password reset process.\n\nIt validates the user session and changes the password.\n\nThe same session cookie must be used for all steps in this process."
+      description: >
+        This endpoint is step 3 of 3 in the password reset process.
+
+        It validates the user session and changes the password.
+
+        The same session cookie must be used for all steps in this process.
       requestBody:
         required: true
         content:
@@ -253,7 +280,9 @@ paths:
       tags:
         - User Information
       summary: User Configuration
-      description: The user info endpoint provides detailed information including a users display name, preferred and registered second factor method(s).
+      description: >
+        The user info endpoint provides detailed information including a users display name, preferred and registered
+        second factor method(s).
       responses:
         "200":
           description: Successful Operation
@@ -264,7 +293,7 @@ paths:
         "403":
           description: Forbidden
       security:
-        - authelia_auth: [ ]
+        - authelia_auth: []
   /api/user/info/2fa_method:
     post:
       tags:
@@ -286,13 +315,17 @@ paths:
         "403":
           description: Forbidden
       security:
-        - authelia_auth: [ ]
+        - authelia_auth: []
   /api/secondfactor/totp/identity/start:
     post:
       tags:
         - Second Factor
       summary: Identity Verification TOTP Token Creation
-      description: "This endpoint performs identity verification to begin the TOTP device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent step in the `/api/secondfactor/totp/identity/finish` endpoint."
+      description: >
+        This endpoint performs identity verification to begin the TOTP device registration process.
+
+        The session generated from this endpoint must be utilised for the subsequent step in the
+        `/api/secondfactor/totp/identity/finish` endpoint.
       responses:
         "200":
           description: Successful Operation
@@ -307,7 +340,12 @@ paths:
       tags:
         - Second Factor
       summary: Identity Verification TOTP Token Validation and Device Creation
-      description: "This endpoint performs identity and token verification, upon success also generates TOTP device secret and registers said device.\n\nThe session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the step here"
+      description: >
+        This endpoint performs identity and token verification, upon success also generates TOTP device secret and
+        registers said device.
+
+        The session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the
+        step here.
       requestBody:
         required: true
         content:
@@ -328,7 +366,7 @@ paths:
       tags:
         - Second Factor
       summary: Second Factor Authentication - TOTP
-      description: "This endpoint performs second factor authentication with a TOTP key."
+      description: This endpoint performs second factor authentication with a TOTP key.
       requestBody:
         required: true
         content:
@@ -355,7 +393,7 @@ paths:
       tags:
         - Second Factor
       summary: Second Factor Authentication - U2F (Request)
-      description: "This endpoint starts the second factor authentication process with the U2F key."
+      description: This endpoint starts the second factor authentication process with the U2F key.
       responses:
         "200":
           description: Successful Operation
@@ -395,7 +433,11 @@ paths:
       tags:
         - Second Factor
       summary: Identity Verification U2F Token Creation
-      description: "This endpoint performs identity verification to begin the U2F device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent steps in the `/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints."
+      description: >
+        This endpoint performs identity verification to begin the U2F device registration process.
+
+        The session generated from this endpoint must be utilised for the subsequent steps in the
+        `/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints.
       responses:
         "200":
           description: Successful Operation
@@ -410,7 +452,12 @@ paths:
       tags:
         - Second Factor
       summary: Identity Verification U2F Token Validation
-      description: "This endpoint performs identity and token verification, upon success generates a U2F device registration challenge.\n\nThe session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint."
+      description: >
+        This endpoint performs identity and token verification, upon success generates a U2F device registration
+        challenge.
+
+        The session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the
+        subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint.
       requestBody:
         required: true
         content:
@@ -431,7 +478,7 @@ paths:
       tags:
         - Second Factor
       summary: U2F Device Registration
-      description: "This endpoint performs U2F device registration."
+      description: This endpoint performs U2F device registration.
       requestBody:
         required: true
         content:
@@ -452,7 +499,7 @@ paths:
       tags:
         - Second Factor
       summary: Second Factor Authentication - Duo Mobile Push
-      description: "This endpoint performs second factor authentication with a Duo Mobile Push."
+      description: This endpoint performs second factor authentication with a Duo Mobile Push.
       requestBody:
         required: true
         content:
@@ -634,7 +681,7 @@ components:
               example: 5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q
             otpauth_url:
               type: string
-              example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q
+              example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q  # yamllint disable-line rule:line-length
     handlers.UserInfo:
       type: object
       properties:
@@ -682,7 +729,7 @@ components:
       properties:
         token:
           type: string
-          example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY
+          example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY  # yamllint disable-line rule:line-length
     middlewares.OkResponse:
       type: object
       properties:
@@ -770,4 +817,5 @@ components:
     authelia_auth:
       type: apiKey
       name: "{{.Session}}"
-      in: cookie
+      in: cookie
+...

docs/_config.yml

@@ -1,3 +1,4 @@
+---
 title: Authelia
 email: clement.michaud34@gmail.com
 description: Authelia is an open source multi-factor single sign-on portal for web applications
@@ -6,10 +7,13 @@ baseurl: "/docs/"
 # url: "https://www.authelia.com"
 repository: https://github.com/authelia/authelia
 logo: ./images/authelia-title.png
-footer_content: "Copyright &copy; 2020 Authelia. Distributed by an <a href=\"https://github.com/authelia/authelia/blob/master/LICENSE\">Apache 2.0 license.</a>"
+footer_content: >
+  Copyright &copy; 2021 Authelia. Distributed by an
+  <a href=\"https://github.com/authelia/authelia/blob/master/LICENSE\">Apache 2.0 license.</a>
 markdown: kramdown
 theme: just-the-docs
 keep_files:
   - .git
   - CNAME
 ga_tracking: UA-124926127-1
+...

internal/authentication/users_database.template.yml

@@ -1,3 +1,5 @@
+# yamllint disable rule:line-length
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -7,8 +9,10 @@
 users:
   authelia:
     displayname: "Test User"
-    password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk" # Password is 'authelia'
+    password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk"  # Password is 'authelia'
     email: authelia@authelia.com
     groups:
       - admins
-      - dev
+      - dev
+...
+# yamllint enable rule:line-length

internal/configuration/reader_test.go

@@ -164,7 +164,7 @@ func TestShouldErrorParseBadConfigFile(t *testing.T) {
 
 	require.Len(t, errors, 1)
 
-	require.EqualError(t, errors[0], "Error malformed yaml: line 23: did not find expected alphabetic or numeric character")
+	require.EqualError(t, errors[0], "Error malformed yaml: line 24: did not find expected alphabetic or numeric character")
 }
 
 func TestShouldParseConfigFile(t *testing.T) {

internal/configuration/test_resources/config.yml

@@ -1,7 +1,4 @@
-###############################################################
-#                   Authelia configuration                    #
-###############################################################
-
+---
 host: 127.0.0.1
 port: 9091
 
@@ -95,8 +92,8 @@ access_control:
 
 session:
   name: authelia_session
-  expiration: 3600000 # 1 hour
-  inactivity: 300000 # 5 minutes
+  expiration: 3600000  # 1 hour
+  inactivity: 300000  # 5 minutes
   domain: example.com
   redis:
     host: 127.0.0.1
@@ -122,4 +119,5 @@ notifier:
     host: 127.0.0.1
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/configuration/test_resources/config_alt.yml

@@ -1,7 +1,4 @@
-###############################################################
-#                   Authelia configuration                    #
-###############################################################
-
+---
 host: 127.0.0.1
 port: 9091
 
@@ -95,8 +92,8 @@ access_control:
 
 session:
   name: authelia_session
-  expiration: 3600000 # 1 hour
-  inactivity: 300000 # 5 minutes
+  expiration: 3600000  # 1 hour
+  inactivity: 300000  # 5 minutes
   domain: example.com
   redis:
     host: 127.0.0.1
@@ -120,4 +117,5 @@ notifier:
     host: 127.0.0.1
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/configuration/test_resources/config_bad_keys.yml

@@ -1,7 +1,4 @@
-###############################################################
-#                   Authelia configuration                    #
-###############################################################
-
+---
 host: 127.0.0.1
 port: 9091
 loggy_file: /config/svc.log
@@ -96,8 +93,8 @@ access_control:
 
 session:
   name: authelia_session
-  expiration: 3600000 # 1 hour
-  inactivity: 300000 # 5 minutes
+  expiration: 3600000  # 1 hour
+  inactivity: 300000  # 5 minutes
   domain: example.com
   redis:
     host: 127.0.0.1
@@ -121,4 +118,5 @@ notifier:
     host: 127.0.0.1
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/configuration/test_resources/config_bad_quoting.yml

@@ -1,3 +1,4 @@
+---
 host: 0.0.0.0
 port: 9091
 log_level: debug
@@ -49,4 +50,5 @@ notifier:
     password: example.com
     host: smtp.gmail.com
     port: 465
-    sender: example.com
+    sender: example.com
+...

internal/configuration/test_resources/config_with_secret.yml

@@ -1,7 +1,4 @@
-###############################################################
-#                   Authelia configuration                    #
-###############################################################
-
+---
 host: 127.0.0.1
 port: 9091
 jwt_secret: secret_from_config
@@ -96,8 +93,8 @@ access_control:
 
 session:
   name: authelia_session
-  expiration: 3600000 # 1 hour
-  inactivity: 300000 # 5 minutes
+  expiration: 3600000  # 1 hour
+  inactivity: 300000  # 5 minutes
   domain: example.com
   redis:
     host: 127.0.0.1
@@ -121,4 +118,5 @@ notifier:
     host: 127.0.0.1
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/ActiveDirectory/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -36,8 +37,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -69,4 +70,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/ActiveDirectory/docker-compose.yml

@@ -1,6 +1,8 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './ActiveDirectory/configuration.yml:/config/configuration.yml:ro'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/BypassAll/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -17,8 +18,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -44,4 +45,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/BypassAll/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './BypassAll/configuration.yml:/config/configuration.yml:ro'
       - './BypassAll/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/BypassAll/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/CLI/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -17,8 +18,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -39,4 +40,5 @@ access_control:
 
 notifier:
   filesystem:
-    filename: /config/notification.txt
+    filename: /config/notification.txt
+...

internal/suites/CLI/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './CLI/configuration.yml:/config/configuration.yml:ro'
       - './CLI/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/CLI/users.yml

@@ -1,4 +1,5 @@
-###############################################################
+---
+##############################################################
 #                         Users Database                      #
 ###############################################################
 
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/Docker/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -19,8 +20,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -82,4 +83,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/Docker/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './Docker/configuration.yml:/config/configuration.yml:ro'
       - './Docker/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/Docker/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/DuoPush/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -19,8 +20,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 # Configuration of the storage backend used to store data and secrets. i.e. totp data
@@ -98,4 +99,5 @@ regulation:
 
 notifier:
   filesystem:
-    filename: /tmp/notifier.html
+    filename: /tmp/notifier.html
+...

internal/suites/DuoPush/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './DuoPush/configuration.yml:/config/configuration.yml:ro'
       - './DuoPush/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/DuoPush/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/HAProxy/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -17,8 +18,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -43,3 +44,4 @@ notifier:
     port: 1025
     sender: admin@example.com
     disable_require_tls: true
+...

internal/suites/HAProxy/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './HAProxy/configuration.yml:/config/configuration.yml:ro'
       - './HAProxy/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/HAProxy/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/HighAvailability/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                   Authelia configuration                    #
 ###############################################################
@@ -81,8 +82,8 @@ access_control:
 session:
   name: authelia_session
   secret: unsecure_session_secret
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   domain: example.com
   redis:
     username: authelia
@@ -118,4 +119,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/HighAvailability/docker-compose.yml

@@ -1,6 +1,8 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './HighAvailability/configuration.yml:/config/configuration.yml:ro'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/LDAP/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -22,7 +23,7 @@ authentication_backend:
     base_dn: dc=example,dc=com
     username_attribute: uid
     additional_users_dn: ou=users
-    users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson))
+    users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson))  # yamllint disable-line rule:line-length
     additional_groups_dn: ou=groups
     groups_filter: (&(member={dn})(objectclass=groupOfNames))
     group_name_attribute: cn
@@ -34,8 +35,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -67,4 +68,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/LDAP/docker-compose.yml

@@ -1,6 +1,8 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './LDAP/configuration.yml:/config/configuration.yml:ro'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/Mariadb/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -19,8 +20,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 # Configuration of the storage backend used to store data and secrets. i.e. totp data
@@ -68,4 +69,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/Mariadb/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './Mariadb/configuration.yml:/config/configuration.yml:ro'
       - './Mariadb/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/Mariadb/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/MySQL/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -19,8 +20,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 # Configuration of the storage backend used to store data and secrets. i.e. totp data
@@ -68,4 +69,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/MySQL/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './MySQL/configuration.yml:/config/configuration.yml:ro'
       - './MySQL/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/MySQL/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/NetworkACL/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -17,8 +18,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 # Configuration of the storage backend used to store data and secrets. i.e. totp data
@@ -66,4 +67,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/NetworkACL/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './NetworkACL/configuration.yml:/config/configuration.yml:ro'
       - './NetworkACL/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/NetworkACL/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/OneFactorOnly/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -19,8 +20,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -41,4 +42,5 @@ access_control:
 
 notifier:
   filesystem:
-    filename: /tmp/notifier.html
+    filename: /tmp/notifier.html
+...

internal/suites/OneFactorOnly/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './OneFactorOnly/configuration.yml:/config/configuration.yml:ro'
       - './OneFactorOnly/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/OneFactorOnly/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/PathPrefix/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -20,8 +21,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -45,4 +46,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/PathPrefix/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './PathPrefix/configuration.yml:/config/configuration.yml:ro'
       - './PathPrefix/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/PathPrefix/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/Postgres/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -19,8 +20,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 # Configuration of the storage backend used to store data and secrets. i.e. totp data
@@ -68,4 +69,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/Postgres/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './Postgres/configuration.yml:/config/configuration.yml:ro'
       - './Postgres/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/Postgres/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/ShortTimeouts/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -73,4 +74,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/ShortTimeouts/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './ShortTimeouts/configuration.yml:/config/configuration.yml:ro'
       - './ShortTimeouts/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/ShortTimeouts/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/Standalone/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -14,8 +15,8 @@ authentication_backend:
 
 session:
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -82,4 +83,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/Standalone/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   authelia-backend:
@@ -9,4 +10,5 @@ services:
       - './Standalone/users.yml:/config/users.yml'
       - './common/ssl:/config/ssl:ro'
       - '/tmp:/tmp'
-    user: ${USER_ID}:${GROUP_ID}
+    user: ${USER_ID}:${GROUP_ID}
+...

internal/suites/Standalone/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/Traefik/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -17,8 +18,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
 
 storage:
@@ -42,4 +43,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/Traefik/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './Traefik/configuration.yml:/config/configuration.yml:ro'
       - './Traefik/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/Traefik/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/Traefik2/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                Authelia minimal configuration               #
 ###############################################################
@@ -17,8 +18,8 @@ authentication_backend:
 session:
   secret: unsecure_session_secret
   domain: example.com
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
   redis:
     host: redis
@@ -47,4 +48,5 @@ notifier:
     host: smtp
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/Traefik2/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   authelia-backend:
     volumes:
       - './Traefik2/configuration.yml:/config/configuration.yml:ro'
       - './Traefik2/users.yml:/config/users.yml'
-      - './common/ssl:/config/ssl:ro'
+      - './common/ssl:/config/ssl:ro'
+...

internal/suites/Traefik2/users.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                         Users Database                      #
 ###############################################################
@@ -8,7 +9,7 @@
 users:
   john:
     displayname: "John Doe"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: john.doe@authelia.com
     groups:
       - admins
@@ -16,18 +17,19 @@ users:
 
   harry:
     displayname: "Harry Potter"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: harry.potter@authelia.com
     groups: []
 
   bob:
     displayname: "Bob Dylan"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
     email: bob.dylan@authelia.com
     groups:
       - dev
 
   james:
     displayname: "James Dean"
-    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
-    email: james.dean@authelia.com
+    password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"  # yamllint disable-line rule:line-length
+    email: james.dean@authelia.com
+...

internal/suites/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 networks:
   authelianet:
     driver: bridge
     ipam:
       config:
-        - subnet: 192.168.240.0/24
+        - subnet: 192.168.240.0/24
+...

internal/suites/example/compose/authelia/docker-compose.backend.dev.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   authelia-backend:
@@ -23,7 +24,7 @@ services:
       - 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
       - 'traefik.protocol=https'
       # Traefik 2.x
-      - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'
+      - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'  # yamllint disable-line rule:line-length
       - 'traefik.http.routers.authelia_backend.entrypoints=https'
       - 'traefik.http.routers.authelia_backend.tls=true'
       - 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
@@ -32,3 +33,4 @@ services:
     networks:
       authelianet:
         ipv4_address: 192.168.240.50
+...

internal/suites/example/compose/authelia/docker-compose.backend.dist.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   authelia-backend:
@@ -7,7 +8,7 @@ services:
       - 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
       - 'traefik.protocol=https'
       # Traefik 2.x
-      - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'
+      - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'  # yamllint disable-line rule:line-length
       - 'traefik.http.routers.authelia_backend.entrypoints=https'
       - 'traefik.http.routers.authelia_backend.tls=true'
       - 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
@@ -19,3 +20,4 @@ services:
     networks:
       authelianet:
         ipv4_address: 192.168.240.50
+...

internal/suites/example/compose/authelia/docker-compose.frontend.dev.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   authelia-frontend:
@@ -17,10 +18,11 @@ services:
       # Traefik 1.x
       - 'traefik.frontend.rule=Host:login.example.com'
       # Traefik 2.x
-      - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'
+      - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'  # yamllint disable-line rule:line-length
       - 'traefik.http.routers.authelia_frontend.entrypoints=https'
       - 'traefik.http.routers.authelia_frontend.tls=true'
     environment:
       - PUBLIC_URL=${PathPrefix}
     networks:
       - authelianet
+...

internal/suites/example/compose/authelia/docker-compose.frontend.dist.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   authelia-frontend:
@@ -8,7 +9,7 @@ services:
       # Traefik 1.x
       - 'traefik.frontend.rule=Host:login.example.com'
       # Traefik 2.x
-      - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'
+      - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'  # yamllint disable-line rule:line-length
       - 'traefik.http.routers.authelia_frontend.entrypoints=https'
       - 'traefik.http.routers.authelia_frontend.tls=true'
       - 'traefik.http.services.authelia_frontend.loadbalancer.server.port=3000'
@@ -16,3 +17,4 @@ services:
       - authelianet
     expose:
       - 3000
+...

internal/suites/example/compose/duo-api/docker-compose.yml

@@ -1,7 +1,9 @@
+---
 version: '3'
 services:
   duo-api:
     build:
       context: ./example/compose/duo-api
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/haproxy/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   haproxy:
@@ -9,4 +10,5 @@ services:
     networks:
       authelianet:
         # Set the IP to be able to query on port 8080
-        ipv4_address: 192.168.240.100
+        ipv4_address: 192.168.240.100
+...

internal/suites/example/compose/httpbin/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   httpbin:
@@ -17,3 +18,4 @@ services:
       - 'traefik.http.routers.httpbin.priority=150'
       - 'traefik.http.routers.httpbin.tls=true'
       - 'traefik.http.routers.httpbin.middlewares=authelia@docker'
+...

internal/suites/example/compose/kind/config.yml

@@ -1,6 +1,9 @@
+---
 kind: Cluster
 apiVersion: kind.x-k8s.io/v1alpha4
 containerdConfigPatches:
+  # yamllint disable-line rule:indentation
   - |-
     [plugins."io.containerd.grpc.v1.cri".registry.mirrors."registrycache.internal:5000"]
-      endpoint = ["http://registrycache.internal:5000"]
+      endpoint = ["http://registrycache.internal:5000"]
+...

internal/suites/example/compose/kind/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   authelia-kind-proxy:
@@ -39,4 +40,5 @@ services:
         ipv4_address: 192.168.240.110
 
 volumes:
-  kind-volume:
+  kind-volume:  # yamllint disable-line rule:empty-values
+...

internal/suites/example/compose/ldap/docker-compose.admin.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   openldap-admin:
@@ -9,3 +10,4 @@ services:
       - PHPLDAPADMIN_HTTPS=false
     networks:
       - authelianet
+...

internal/suites/example/compose/ldap/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   openldap:
@@ -19,4 +20,5 @@ services:
       - '--loglevel'
       - 'debug'
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/mariadb/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   mariadb:
@@ -8,4 +9,5 @@ services:
       - MYSQL_PASSWORD=password
       - MYSQL_DATABASE=authelia
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/mysql/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   mysql:
@@ -8,4 +9,5 @@ services:
       - MYSQL_PASSWORD=password
       - MYSQL_DATABASE=authelia
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/nginx/backend/docker-compose.yml

@@ -1,19 +1,23 @@
+---
 version: '3'
 services:
   nginx-backend:
     image: nginx:alpine
     labels:
-      - 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com' # Traefik 1.x
-      - 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080' # Traefik 1.x
-      - 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true' # Traefik 1.x
-      - 'traefik.frontend.auth.forward.trustForwardHeader=true' # Traefik 1.x
-      - 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 1.x
-      - 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`, `public.example.com`, `secure.example.com`, `admin.example.com`, `singlefactor.example.com`)' # Traefik 2.x
-      - 'traefik.http.routers.protectedapps.entrypoints=https' # Traefik 2.x
-      - 'traefik.http.routers.protectedapps.tls=true' # Traefik 2.x
-      - 'traefik.http.routers.protectedapps.middlewares=authelia@docker' # Traefik 2.x
+      # Traefik 1.x
+      - 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com'  # yamllint disable-line rule:line-length
+      - 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080'  # yamllint disable-line rule:line-length
+      - 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true'
+      - 'traefik.frontend.auth.forward.trustForwardHeader=true'
+      - 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
+      # Traefik 2.x
+      - 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`,`public.example.com`,`secure.example.com`,`admin.example.com`,`singlefactor.example.com`)'  # yamllint disable-line rule:line-length
+      - 'traefik.http.routers.protectedapps.entrypoints=https'
+      - 'traefik.http.routers.protectedapps.tls=true'
+      - 'traefik.http.routers.protectedapps.middlewares=authelia@docker'
     volumes:
       - ./example/compose/nginx/backend/html:/usr/share/nginx/html
       - ./example/compose/nginx/backend/nginx.conf:/etc/nginx/nginx.conf
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/nginx/portal/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   nginx-portal:
@@ -14,3 +15,4 @@ services:
           - duo.example.com
         # Set the IP to be able to query on port 443
         ipv4_address: 192.168.240.100
+...

internal/suites/example/compose/postgres/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: "3"
 services:
   postgres:
@@ -7,4 +8,5 @@ services:
       - POSTGRES_USER=admin
       - POSTGRES_DB=authelia
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/redis-sentinel/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   redis-node-0:
@@ -93,4 +94,5 @@ services:
       authelianet:
         aliases:
           - redis-sentinel-2.example.com
-        ipv4_address: 192.168.240.122
+        ipv4_address: 192.168.240.122
+...

internal/suites/example/compose/redis/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   redis:
@@ -10,4 +11,5 @@ services:
       - ./example/compose/redis/users.acl:/data/users.acl
       - ./example/compose/redis/entrypoint.sh:/entrypoint.sh
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/samba/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   sambaldap:
@@ -11,4 +12,5 @@ services:
       - DOMAINPASS=Password1
       - NOCOMPLEXITY=true
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/smtp/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   smtp:
@@ -12,4 +13,5 @@ services:
       - 'traefik.http.routers.mail.tls=true'
       - 'traefik.http.services.mail.loadbalancer.server.port=1080'
     networks:
-      - authelianet
+      - authelianet
+...

internal/suites/example/compose/squid/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   # Simulates client 1.
@@ -16,4 +17,5 @@ services:
     networks:
       authelianet:
         # Set the IP to be able to query on port 443
-        ipv4_address: 192.168.240.202
+        ipv4_address: 192.168.240.202
+...

internal/suites/example/compose/traefik/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   traefik:
@@ -21,4 +22,5 @@ services:
     networks:
       authelianet:
         # Set the IP to be able to query on port 8080
-        ipv4_address: 192.168.240.100
+        ipv4_address: 192.168.240.100
+...

internal/suites/example/compose/traefik2/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '3'
 services:
   traefik:
@@ -9,10 +10,11 @@ services:
       - 'traefik.http.routers.api.entrypoints=https'
       - 'traefik.http.routers.api.service=api@internal'
       - 'traefik.http.routers.api.tls=true'
-      - 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # Traefik 2.x
-      - 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true' # Traefik 2.x
-      - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' # Traefik 2.x
-      - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 2.x
+      # Traefik 2.x
+      - 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}'  # yamllint disable-line rule:line-length
+      - 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true'
+      - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
+      - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email'  # yamllint disable-line rule:line-length
     command:
       - '--api'
       - '--providers.docker=true'
@@ -25,4 +27,5 @@ services:
     networks:
       authelianet:
         # Set the IP to be able to query on port 8080
-        ipv4_address: 192.168.240.100
+        ipv4_address: 192.168.240.100
+...

internal/suites/example/kube/apps/apps.yml

@@ -17,34 +17,34 @@ spec:
         app: test-app
     spec:
       containers:
-      - name: test-app
-        image: nginx:alpine
-        command: ["/entrypoint.sh"]
-        ports:
-        - containerPort: 80
-        volumeMounts:
-        - name: config-volume
-          mountPath: /entrypoint.sh
-          subPath: entrypoint.sh
-        - name: config-volume
-          mountPath: /etc/nginx/nginx.conf
-          subPath: nginx.conf
-        - name: config-volume
-          mountPath: /tmp/html.tar.gz
-          subPath: html.tar.gz
+        - name: test-app
+          image: nginx:alpine
+          command: ["/entrypoint.sh"]
+          ports:
+            - containerPort: 80
+          volumeMounts:
+            - name: config-volume
+              mountPath: /entrypoint.sh
+              subPath: entrypoint.sh
+            - name: config-volume
+              mountPath: /etc/nginx/nginx.conf
+              subPath: nginx.conf
+            - name: config-volume
+              mountPath: /tmp/html.tar.gz
+              subPath: html.tar.gz
       volumes:
-      - name: config-volume
-        configMap:
-          name: nginx-config
-          items:
-            - key: entrypoint.sh
-              path: entrypoint.sh
-              mode: 0755
-            - key: nginx.conf
-              path: nginx.conf
-            - key: html.tar.gz
-              path: html.tar.gz
-
+        - name: config-volume
+          configMap:
+            name: nginx-config
+            items:
+              - key: entrypoint.sh
+                path: entrypoint.sh
+                mode: 0755  # yamllint disable-line rule:octal-values
+              - key: nginx.conf
+                path: nginx.conf
+              - key: html.tar.gz
+                path: html.tar.gz
+...
 ---
 apiVersion: v1
 kind: Service
@@ -61,7 +61,7 @@ spec:
       name: http
     - port: 443
       name: https
-
+...
 ---
 apiVersion: extensions/v1beta1
 kind: Ingress
@@ -85,7 +85,7 @@ spec:
             backend:
               serviceName: test-app-service
               servicePort: 80
-
+...
 ---
 apiVersion: extensions/v1beta1
 kind: Ingress
@@ -151,3 +151,4 @@ spec:
             backend:
               serviceName: test-app-service
               servicePort: 80
+...

internal/suites/example/kube/authelia/configs/configuration.yml

@@ -1,3 +1,4 @@
+---
 ###############################################################
 #                   Authelia configuration                    #
 ###############################################################
@@ -78,8 +79,8 @@ access_control:
       policy: two_factor
 
 session:
-  expiration: 3600 # 1 hour
-  inactivity: 300 # 5 minutes
+  expiration: 3600  # 1 hour
+  inactivity: 300  # 5 minutes
   remember_me_duration: 1y
   domain: example.com
   redis:
@@ -103,4 +104,5 @@ notifier:
     host: "mailcatcher-service"
     port: 1025
     sender: admin@example.com
-    disable_require_tls: true
+    disable_require_tls: true
+...

internal/suites/example/kube/authelia/deployment.yml

@@ -68,4 +68,5 @@ spec:
               - key: sql_password
                 path: sql_password
               - key: ldap_password
-                path: ldap_password
+                path: ldap_password
+...

internal/suites/example/kube/authelia/ingress.yml

@@ -9,14 +9,15 @@ metadata:
     nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
 spec:
   tls:
-  - secretName: authelia-tls
-    hosts:
-    - login.example.com
+    - secretName: authelia-tls
+      hosts:
+        - login.example.com
   rules:
-  - host: login.example.com
-    http:
-      paths:
-      - path: /
-        backend:
-          serviceName: authelia-service
-          servicePort: 443
+    - host: login.example.com
+      http:
+        paths:
+          - path: /
+            backend:
+              serviceName: authelia-service
+              servicePort: 443
+...

internal/suites/example/kube/authelia/secret.yml

@@ -8,7 +8,8 @@ metadata:
   labels:
     app: authelia
 data:
-  jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0 #an_unsecure_secret
-  ldap_password: cGFzc3dvcmQ= #password
-  session: dW5zZWN1cmVfcGFzc3dvcmQ= #unsecure_password
-  sql_password: cGFzc3dvcmQ= #password
+  jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0  # an_unsecure_secret
+  ldap_password: cGFzc3dvcmQ=  # password
+  session: dW5zZWN1cmVfcGFzc3dvcmQ=  # unsecure_password
+  sql_password: cGFzc3dvcmQ=  # password
+...

internal/suites/example/kube/authelia/service.yml

@@ -8,6 +8,7 @@ spec:
   selector:
     app: authelia
   ports:
-  - protocol: TCP
-    port: 443
-    targetPort: 443
+    - protocol: TCP
+      port: 443
+      targetPort: 443
+...

internal/suites/example/kube/dashboard.yml

@@ -4,7 +4,7 @@ kind: ServiceAccount
 metadata:
   name: admin-user
   namespace: kubernetes-dashboard
-
+...
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
@@ -15,6 +15,7 @@ roleRef:
   kind: ClusterRole
   name: cluster-admin
 subjects:
-- kind: ServiceAccount
-  name: admin-user
-  namespace: kubernetes-dashboard
+  - kind: ServiceAccount
+    name: admin-user
+    namespace: kubernetes-dashboard
+...

internal/suites/example/kube/ingress-controller/deployment.yml

@@ -23,22 +23,23 @@ spec:
       terminationGracePeriodSeconds: 60
       serviceAccountName: nginx-ingress-controller-serviceaccount
       containers:
-      - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0
-        name: nginx-ingress-controller
-        imagePullPolicy: Always
-        ports:
-        - containerPort: 80
-        - containerPort: 443
-        env:
-        - name: POD_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.name
-        - name: POD_NAMESPACE
-          valueFrom:
-            fieldRef:
-              fieldPath: metadata.namespace
-        args:
-        - /nginx-ingress-controller
-        - --ingress-class=nginx
-        - --election-id=ingress-controller-leader
+        - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0
+          name: nginx-ingress-controller
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 80
+            - containerPort: 443
+          env:
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+            - name: POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+          args:
+            - /nginx-ingress-controller
+            - --ingress-class=nginx
+            - --election-id=ingress-controller-leader
+...

internal/suites/example/kube/ingress-controller/rbac.yml

@@ -1,3 +1,4 @@
+---
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@@ -5,7 +6,7 @@ metadata:
   namespace: authelia
   labels:
     app: nginx-ingress-controller
-
+...
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRole
@@ -60,7 +61,7 @@ rules:
       - ingresses/status
     verbs:
       - update
-
+...
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: Role
@@ -104,7 +105,7 @@ rules:
       - endpoints
     verbs:
       - get
-
+...
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: RoleBinding
@@ -121,7 +122,7 @@ subjects:
   - kind: ServiceAccount
     name: nginx-ingress-controller-serviceaccount
     namespace: authelia
-
+...
 ---
 apiVersion: rbac.authorization.k8s.io/v1beta1
 kind: ClusterRoleBinding
@@ -137,5 +138,4 @@ subjects:
   - kind: ServiceAccount
     name: nginx-ingress-controller-serviceaccount
     namespace: authelia
-
----
+...