From d33d6c2f00bf7dbd63f4a3639b085f04550dbf2c Mon Sep 17 00:00:00 2001 From: James Elliott Date: Sun, 11 Apr 2021 06:51:00 +1000 Subject: [PATCH] ci: add yamllint (#1895) This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit. --- .buildkite/pipeline.yml | 11 ++- .codecov.yml | 16 +-- .github/FUNDING.yml | 20 ++-- .github/ISSUE_TEMPLATE/config.yml | 20 ++-- .golangci.yml | 6 +- .reviewdog.yml | 9 +- .yamllint.yml | 22 +++++ api/openapi.yml | 98 ++++++++++++++----- docs/_config.yml | 6 +- .../users_database.template.yml | 8 +- internal/configuration/reader_test.go | 2 +- .../configuration/test_resources/config.yml | 12 +-- .../test_resources/config_alt.yml | 12 +-- .../test_resources/config_bad_keys.yml | 12 +-- .../test_resources/config_bad_quoting.yml | 4 +- .../test_resources/config_with_secret.yml | 12 +-- .../suites/ActiveDirectory/configuration.yml | 8 +- .../suites/ActiveDirectory/docker-compose.yml | 4 +- internal/suites/BypassAll/configuration.yml | 8 +- internal/suites/BypassAll/docker-compose.yml | 4 +- internal/suites/BypassAll/users.yml | 12 ++- internal/suites/CLI/configuration.yml | 8 +- internal/suites/CLI/docker-compose.yml | 4 +- internal/suites/CLI/users.yml | 14 +-- internal/suites/Docker/configuration.yml | 8 +- internal/suites/Docker/docker-compose.yml | 4 +- internal/suites/Docker/users.yml | 12 ++- internal/suites/DuoPush/configuration.yml | 8 +- internal/suites/DuoPush/docker-compose.yml | 4 +- internal/suites/DuoPush/users.yml | 12 ++- internal/suites/HAProxy/configuration.yml | 6 +- internal/suites/HAProxy/docker-compose.yml | 4 +- internal/suites/HAProxy/users.yml | 12 ++- .../suites/HighAvailability/configuration.yml | 8 +- .../HighAvailability/docker-compose.yml | 4 +- internal/suites/LDAP/configuration.yml | 10 +- internal/suites/LDAP/docker-compose.yml | 4 +- internal/suites/Mariadb/configuration.yml | 8 +- internal/suites/Mariadb/docker-compose.yml | 4 +- internal/suites/Mariadb/users.yml | 12 ++- internal/suites/MySQL/configuration.yml | 8 +- internal/suites/MySQL/docker-compose.yml | 4 +- internal/suites/MySQL/users.yml | 12 ++- internal/suites/NetworkACL/configuration.yml | 8 +- internal/suites/NetworkACL/docker-compose.yml | 4 +- internal/suites/NetworkACL/users.yml | 12 ++- .../suites/OneFactorOnly/configuration.yml | 8 +- .../suites/OneFactorOnly/docker-compose.yml | 4 +- internal/suites/OneFactorOnly/users.yml | 12 ++- internal/suites/PathPrefix/configuration.yml | 8 +- internal/suites/PathPrefix/docker-compose.yml | 4 +- internal/suites/PathPrefix/users.yml | 12 ++- internal/suites/Postgres/configuration.yml | 8 +- internal/suites/Postgres/docker-compose.yml | 4 +- internal/suites/Postgres/users.yml | 12 ++- .../suites/ShortTimeouts/configuration.yml | 4 +- .../suites/ShortTimeouts/docker-compose.yml | 4 +- internal/suites/ShortTimeouts/users.yml | 12 ++- internal/suites/Standalone/configuration.yml | 8 +- internal/suites/Standalone/docker-compose.yml | 4 +- internal/suites/Standalone/users.yml | 12 ++- internal/suites/Traefik/configuration.yml | 8 +- internal/suites/Traefik/docker-compose.yml | 4 +- internal/suites/Traefik/users.yml | 12 ++- internal/suites/Traefik2/configuration.yml | 8 +- internal/suites/Traefik2/docker-compose.yml | 4 +- internal/suites/Traefik2/users.yml | 12 ++- internal/suites/docker-compose.yml | 4 +- .../authelia/docker-compose.backend.dev.yml | 4 +- .../authelia/docker-compose.backend.dist.yml | 4 +- .../authelia/docker-compose.frontend.dev.yml | 4 +- .../authelia/docker-compose.frontend.dist.yml | 4 +- .../compose/duo-api/docker-compose.yml | 4 +- .../compose/haproxy/docker-compose.yml | 4 +- .../compose/httpbin/docker-compose.yml | 2 + .../suites/example/compose/kind/config.yml | 5 +- .../example/compose/kind/docker-compose.yml | 4 +- .../compose/ldap/docker-compose.admin.yml | 2 + .../example/compose/ldap/docker-compose.yml | 4 +- .../compose/mariadb/docker-compose.yml | 4 +- .../example/compose/mysql/docker-compose.yml | 4 +- .../compose/nginx/backend/docker-compose.yml | 24 +++-- .../compose/nginx/portal/docker-compose.yml | 2 + .../compose/postgres/docker-compose.yml | 4 +- .../compose/redis-sentinel/docker-compose.yml | 4 +- .../example/compose/redis/docker-compose.yml | 4 +- .../example/compose/samba/docker-compose.yml | 4 +- .../example/compose/smtp/docker-compose.yml | 4 +- .../example/compose/squid/docker-compose.yml | 4 +- .../compose/traefik/docker-compose.yml | 4 +- .../compose/traefik2/docker-compose.yml | 13 ++- internal/suites/example/kube/apps/apps.yml | 59 +++++------ .../kube/authelia/configs/configuration.yml | 8 +- .../example/kube/authelia/deployment.yml | 3 +- .../suites/example/kube/authelia/ingress.yml | 21 ++-- .../suites/example/kube/authelia/secret.yml | 9 +- .../suites/example/kube/authelia/service.yml | 7 +- internal/suites/example/kube/dashboard.yml | 9 +- .../kube/ingress-controller/deployment.yml | 39 ++++---- .../example/kube/ingress-controller/rbac.yml | 12 +-- .../kube/ingress-controller/service.yml | 1 + .../suites/example/kube/ldap/deployment.yml | 77 ++++++++------- internal/suites/example/kube/ldap/service.yml | 5 +- .../suites/example/kube/mail/deployment.yml | 12 +-- internal/suites/example/kube/mail/ingress.yml | 21 ++-- internal/suites/example/kube/mail/service.yml | 13 +-- internal/suites/example/kube/namespace.yml | 1 + .../suites/example/kube/storage/mariadb.yml | 7 +- .../suites/example/kube/storage/redis.yml | 15 +-- internal/suites/example/kube/test.yml | 7 +- .../suites/example/swarm/docker-compose.yml | 17 ++-- 111 files changed, 697 insertions(+), 430 deletions(-) create mode 100644 .yamllint.yml diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index 184a31c65..cd55c506d 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -1,5 +1,7 @@ +--- # This represents the hardcoded pipeline set in Buildkite interface which executes the repo provided dynamic pipeline. -# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid secret leaks. +# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid +# secret leaks. steps: # Blocking pipeline for master branch deployments (concurrency_group). - label: ":pipeline: Setup Pipeline" @@ -13,7 +15,7 @@ steps: command: ".buildkite/pipeline.sh | buildkite-agent pipeline upload" if: build.branch != "master" - - wait: + - wait: # yamllint disable-line rule:empty-values if: build.pull_request.repository.fork != true && build.branch !~ /^(dependabot|renovate)\/.*/ # Manual intervention by team required to deploy for forked PRs (prevent secret leakage). @@ -32,9 +34,10 @@ steps: - label: ":rocket: Setup Deployment" command: ".buildkite/deployment.sh | buildkite-agent pipeline upload" depends_on: ~ - if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true + if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true # yamllint disable-line rule:line-length # Removed dependency optimisation for forked PRs to enforce block step. - label: ":rocket: Setup Deployment" command: ".buildkite/deployment.sh | buildkite-agent pipeline upload" - if: build.pull_request.repository.fork == true \ No newline at end of file + if: build.pull_request.repository.fork == true +... diff --git a/.codecov.yml b/.codecov.yml index a2712598e..262c8c3bb 100644 --- a/.codecov.yml +++ b/.codecov.yml @@ -1,10 +1,11 @@ +--- codecov: - require_ci_to_pass: yes + require_ci_to_pass: true comment: layout: "reach, diff, flags, files" behavior: default - require_changes: no + require_changes: false coverage: precision: 2 @@ -12,7 +13,7 @@ coverage: range: "70...100" status: project: - default: off + default: false backend: base: auto flags: @@ -38,7 +39,8 @@ ignore: parsers: gcov: branch_detection: - conditional: yes - loop: yes - method: no - macro: no \ No newline at end of file + conditional: true + loop: true + method: false + macro: false +... diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 9ca8a7e18..e94cb1b1b 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,12 +1,14 @@ +--- # These are supported funding model platforms -github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] -patreon: # Replace with a single Patreon username +# github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] +# patreon: # Replace with a single Patreon username open_collective: authelia-sponsors -ko_fi: # Replace with a single Ko-fi username -tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel -community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry -liberapay: # Replace with a single Liberapay username -issuehunt: # Replace with a single IssueHunt username -otechie: # Replace with a single Otechie username -custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] +# ko_fi: # Replace with a single Ko-fi username +# tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel +# community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry +# liberapay: # Replace with a single Liberapay username +# issuehunt: # Replace with a single IssueHunt username +# otechie: # Replace with a single Otechie username +# custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2'] +... diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index 68f066acf..915d9a01c 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,11 +1,13 @@ +--- blank_issues_enabled: false contact_links: -- name: Documentation - url: https://www.authelia.com/docs/ - about: Read the Documentation -- name: Matrix - url: https://riot.im/app/#/room/#authelia:matrix.org - about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact -- name: Discord - url: https://discord.authelia.com - about: Discuss Authelia with the Developers on Discord which is bridged to Matrix \ No newline at end of file + - name: Documentation + url: https://www.authelia.com/docs/ + about: Read the Documentation + - name: Matrix + url: https://riot.im/app/#/room/#authelia:matrix.org + about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact + - name: Discord + url: https://discord.authelia.com + about: Discuss Authelia with the Developers on Discord which is bridged to Matrix +... diff --git a/.golangci.yml b/.golangci.yml index ec2af8df2..d0360de70 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,3 +1,4 @@ +--- run: timeout: 3m @@ -33,7 +34,7 @@ linters: issues: exclude: - - Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked + - Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked # yamllint disable-line rule:line-length - func name will be used as test\.Test.* by other packages, and that stutters; consider calling this - (possible misuse of unsafe.Pointer|should have signature) - ineffective break statement. Did you mean to break out of the outer loop @@ -44,4 +45,5 @@ issues: - Potential file inclusion via variable exclude-use-default: false max-issues-per-linter: 0 - max-same-issues: 0 \ No newline at end of file + max-same-issues: 0 +... diff --git a/.reviewdog.yml b/.reviewdog.yml index 11ab15ca2..dd5262b0b 100644 --- a/.reviewdog.yml +++ b/.reviewdog.yml @@ -1,3 +1,4 @@ +--- runner: golangci: cmd: golangci-lint run @@ -9,4 +10,10 @@ runner: eslint: cmd: cd web && eslint -f rdjson '*/**/*.{js,ts,tsx}' format: rdjson - level: error \ No newline at end of file + level: error + yamllint: + cmd: yamllint --format parsable . + errorformat: + - '%f:%l:%c: %m' + level: warning +... diff --git a/.yamllint.yml b/.yamllint.yml new file mode 100644 index 000000000..1b0ec865f --- /dev/null +++ b/.yamllint.yml @@ -0,0 +1,22 @@ +--- +extends: default + +ignore: | + internal/configuration/test_resources/config_bad_quoting.yml + web/node_modules/ + compose/ + config.template.yml + internal/configuration/config.template.yml + +rules: + document-end: + level: warning + empty-values: + level: warning + indentation: + spaces: 2 + check-multi-line-strings: true + line-length: + max: 120 + octal-values: enable +... diff --git a/api/openapi.yml b/api/openapi.yml index dfc05e020..c0d48be46 100644 --- a/api/openapi.yml +++ b/api/openapi.yml @@ -2,7 +2,9 @@ openapi: 3.0.0 info: title: Authelia API - description: Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. + description: > + Authelia is an open-source authentication and authorization server providing 2-factor authentication and single + sign-on (SSO) for your applications via a web portal. contact: name: Authelia Support url: https://github.com/authelia/authelia#contact-options @@ -28,7 +30,9 @@ paths: tags: - State summary: Application Configuration - description: The configuration endpoint provides detailed information including available second factor methods, if any second factor policies exist and the TOTP period configuration. + description: > + The configuration endpoint provides detailed information including available second factor methods, if any + second factor policies exist and the TOTP period configuration. responses: "200": description: Successful Operation @@ -39,7 +43,7 @@ paths: "403": description: Forbidden security: - - authelia_auth: [ ] + - authelia_auth: [] /api/health: get: tags: @@ -58,7 +62,9 @@ paths: tags: - State summary: User Application State - description: The state endpoint provides detailed information including the user, current authenticate level and Authelia's configured default redirection URL. + description: > + The state endpoint provides detailed information including the user, current authenticate level and Authelia's + configured default redirection URL. responses: "200": description: Successful Operation @@ -71,7 +77,9 @@ paths: tags: - Authentication summary: Verification - description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain. + description: > + The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified + domain. parameters: - $ref: '#/components/parameters/originalURLParam' - $ref: '#/components/parameters/forwardedMethodParam' @@ -108,7 +116,9 @@ paths: tags: - Authentication summary: Verification - description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain. + description: > + The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified + domain. parameters: - $ref: '#/components/parameters/originalURLParam' - $ref: '#/components/parameters/forwardedMethodParam' @@ -146,7 +156,8 @@ paths: tags: - Authentication summary: Login - description: The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization. + description: > + The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization. requestBody: content: application/json: @@ -184,13 +195,19 @@ paths: schema: $ref: '#/components/schemas/middlewares.OkResponse' security: - - authelia_auth: [ ] + - authelia_auth: [] /api/reset-password/identity/start: post: tags: - Password Reset summary: Identity Verification Token Creation - description: "This endpoint is step 1 of 3 in the password reset process.\n\nIt validates the user session and sends the user an email with a token and a link to reset their password. This step also generates a session cookie for the rest of the process.\n\nThe same session cookie must be used for all steps in this process." + description: > + This endpoint is step 1 of 3 in the password reset process. + + It validates the user session and sends the user an email with a token and a link to reset their password. This + step also generates a session cookie for the rest of the process. + + The same session cookie must be used for all steps in this process. requestBody: required: true content: @@ -211,7 +228,12 @@ paths: tags: - Password Reset summary: Identity Verification Token Validation - description: "This endpoint is step 2 of 3 in the password reset process.\n\nIt validates the user session and reset token.\n\nThe same session cookie must be used for all steps in this process." + description: > + This endpoint is step 2 of 3 in the password reset process. + + It validates the user session and reset token. + + The same session cookie must be used for all steps in this process. requestBody: required: true content: @@ -232,7 +254,12 @@ paths: tags: - Password Reset summary: Password Reset - description: "This endpoint is step 3 of 3 in the password reset process.\n\nIt validates the user session and changes the password.\n\nThe same session cookie must be used for all steps in this process." + description: > + This endpoint is step 3 of 3 in the password reset process. + + It validates the user session and changes the password. + + The same session cookie must be used for all steps in this process. requestBody: required: true content: @@ -253,7 +280,9 @@ paths: tags: - User Information summary: User Configuration - description: The user info endpoint provides detailed information including a users display name, preferred and registered second factor method(s). + description: > + The user info endpoint provides detailed information including a users display name, preferred and registered + second factor method(s). responses: "200": description: Successful Operation @@ -264,7 +293,7 @@ paths: "403": description: Forbidden security: - - authelia_auth: [ ] + - authelia_auth: [] /api/user/info/2fa_method: post: tags: @@ -286,13 +315,17 @@ paths: "403": description: Forbidden security: - - authelia_auth: [ ] + - authelia_auth: [] /api/secondfactor/totp/identity/start: post: tags: - Second Factor summary: Identity Verification TOTP Token Creation - description: "This endpoint performs identity verification to begin the TOTP device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent step in the `/api/secondfactor/totp/identity/finish` endpoint." + description: > + This endpoint performs identity verification to begin the TOTP device registration process. + + The session generated from this endpoint must be utilised for the subsequent step in the + `/api/secondfactor/totp/identity/finish` endpoint. responses: "200": description: Successful Operation @@ -307,7 +340,12 @@ paths: tags: - Second Factor summary: Identity Verification TOTP Token Validation and Device Creation - description: "This endpoint performs identity and token verification, upon success also generates TOTP device secret and registers said device.\n\nThe session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the step here" + description: > + This endpoint performs identity and token verification, upon success also generates TOTP device secret and + registers said device. + + The session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the + step here. requestBody: required: true content: @@ -328,7 +366,7 @@ paths: tags: - Second Factor summary: Second Factor Authentication - TOTP - description: "This endpoint performs second factor authentication with a TOTP key." + description: This endpoint performs second factor authentication with a TOTP key. requestBody: required: true content: @@ -355,7 +393,7 @@ paths: tags: - Second Factor summary: Second Factor Authentication - U2F (Request) - description: "This endpoint starts the second factor authentication process with the U2F key." + description: This endpoint starts the second factor authentication process with the U2F key. responses: "200": description: Successful Operation @@ -395,7 +433,11 @@ paths: tags: - Second Factor summary: Identity Verification U2F Token Creation - description: "This endpoint performs identity verification to begin the U2F device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent steps in the `/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints." + description: > + This endpoint performs identity verification to begin the U2F device registration process. + + The session generated from this endpoint must be utilised for the subsequent steps in the + `/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints. responses: "200": description: Successful Operation @@ -410,7 +452,12 @@ paths: tags: - Second Factor summary: Identity Verification U2F Token Validation - description: "This endpoint performs identity and token verification, upon success generates a U2F device registration challenge.\n\nThe session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint." + description: > + This endpoint performs identity and token verification, upon success generates a U2F device registration + challenge. + + The session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the + subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint. requestBody: required: true content: @@ -431,7 +478,7 @@ paths: tags: - Second Factor summary: U2F Device Registration - description: "This endpoint performs U2F device registration." + description: This endpoint performs U2F device registration. requestBody: required: true content: @@ -452,7 +499,7 @@ paths: tags: - Second Factor summary: Second Factor Authentication - Duo Mobile Push - description: "This endpoint performs second factor authentication with a Duo Mobile Push." + description: This endpoint performs second factor authentication with a Duo Mobile Push. requestBody: required: true content: @@ -634,7 +681,7 @@ components: example: 5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q otpauth_url: type: string - example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q + example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q # yamllint disable-line rule:line-length handlers.UserInfo: type: object properties: @@ -682,7 +729,7 @@ components: properties: token: type: string - example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY + example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY # yamllint disable-line rule:line-length middlewares.OkResponse: type: object properties: @@ -770,4 +817,5 @@ components: authelia_auth: type: apiKey name: "{{.Session}}" - in: cookie \ No newline at end of file + in: cookie +... diff --git a/docs/_config.yml b/docs/_config.yml index 59b2ac636..1093a83e1 100644 --- a/docs/_config.yml +++ b/docs/_config.yml @@ -1,3 +1,4 @@ +--- title: Authelia email: clement.michaud34@gmail.com description: Authelia is an open source multi-factor single sign-on portal for web applications @@ -6,10 +7,13 @@ baseurl: "/docs/" # url: "https://www.authelia.com" repository: https://github.com/authelia/authelia logo: ./images/authelia-title.png -footer_content: "Copyright © 2020 Authelia. Distributed by an Apache 2.0 license." +footer_content: > + Copyright © 2021 Authelia. Distributed by an + Apache 2.0 license. markdown: kramdown theme: just-the-docs keep_files: - .git - CNAME ga_tracking: UA-124926127-1 +... diff --git a/internal/authentication/users_database.template.yml b/internal/authentication/users_database.template.yml index 6073495cc..a6a691080 100644 --- a/internal/authentication/users_database.template.yml +++ b/internal/authentication/users_database.template.yml @@ -1,3 +1,5 @@ +# yamllint disable rule:line-length +--- ############################################################### # Users Database # ############################################################### @@ -7,8 +9,10 @@ users: authelia: displayname: "Test User" - password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk" # Password is 'authelia' + password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk" # Password is 'authelia' email: authelia@authelia.com groups: - admins - - dev \ No newline at end of file + - dev +... +# yamllint enable rule:line-length diff --git a/internal/configuration/reader_test.go b/internal/configuration/reader_test.go index 95d37acf5..3fe72b2bd 100644 --- a/internal/configuration/reader_test.go +++ b/internal/configuration/reader_test.go @@ -164,7 +164,7 @@ func TestShouldErrorParseBadConfigFile(t *testing.T) { require.Len(t, errors, 1) - require.EqualError(t, errors[0], "Error malformed yaml: line 23: did not find expected alphabetic or numeric character") + require.EqualError(t, errors[0], "Error malformed yaml: line 24: did not find expected alphabetic or numeric character") } func TestShouldParseConfigFile(t *testing.T) { diff --git a/internal/configuration/test_resources/config.yml b/internal/configuration/test_resources/config.yml index 110c79958..067dfbedc 100644 --- a/internal/configuration/test_resources/config.yml +++ b/internal/configuration/test_resources/config.yml @@ -1,7 +1,4 @@ -############################################################### -# Authelia configuration # -############################################################### - +--- host: 127.0.0.1 port: 9091 @@ -95,8 +92,8 @@ access_control: session: name: authelia_session - expiration: 3600000 # 1 hour - inactivity: 300000 # 5 minutes + expiration: 3600000 # 1 hour + inactivity: 300000 # 5 minutes domain: example.com redis: host: 127.0.0.1 @@ -122,4 +119,5 @@ notifier: host: 127.0.0.1 port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/configuration/test_resources/config_alt.yml b/internal/configuration/test_resources/config_alt.yml index b0bb95c1a..a4c7319ac 100644 --- a/internal/configuration/test_resources/config_alt.yml +++ b/internal/configuration/test_resources/config_alt.yml @@ -1,7 +1,4 @@ -############################################################### -# Authelia configuration # -############################################################### - +--- host: 127.0.0.1 port: 9091 @@ -95,8 +92,8 @@ access_control: session: name: authelia_session - expiration: 3600000 # 1 hour - inactivity: 300000 # 5 minutes + expiration: 3600000 # 1 hour + inactivity: 300000 # 5 minutes domain: example.com redis: host: 127.0.0.1 @@ -120,4 +117,5 @@ notifier: host: 127.0.0.1 port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/configuration/test_resources/config_bad_keys.yml b/internal/configuration/test_resources/config_bad_keys.yml index 7c914fa68..ea5595109 100644 --- a/internal/configuration/test_resources/config_bad_keys.yml +++ b/internal/configuration/test_resources/config_bad_keys.yml @@ -1,7 +1,4 @@ -############################################################### -# Authelia configuration # -############################################################### - +--- host: 127.0.0.1 port: 9091 loggy_file: /config/svc.log @@ -96,8 +93,8 @@ access_control: session: name: authelia_session - expiration: 3600000 # 1 hour - inactivity: 300000 # 5 minutes + expiration: 3600000 # 1 hour + inactivity: 300000 # 5 minutes domain: example.com redis: host: 127.0.0.1 @@ -121,4 +118,5 @@ notifier: host: 127.0.0.1 port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/configuration/test_resources/config_bad_quoting.yml b/internal/configuration/test_resources/config_bad_quoting.yml index 8027be8ab..cdc2cc446 100644 --- a/internal/configuration/test_resources/config_bad_quoting.yml +++ b/internal/configuration/test_resources/config_bad_quoting.yml @@ -1,3 +1,4 @@ +--- host: 0.0.0.0 port: 9091 log_level: debug @@ -49,4 +50,5 @@ notifier: password: example.com host: smtp.gmail.com port: 465 - sender: example.com \ No newline at end of file + sender: example.com +... diff --git a/internal/configuration/test_resources/config_with_secret.yml b/internal/configuration/test_resources/config_with_secret.yml index ddeee2d12..c1681b7ac 100644 --- a/internal/configuration/test_resources/config_with_secret.yml +++ b/internal/configuration/test_resources/config_with_secret.yml @@ -1,7 +1,4 @@ -############################################################### -# Authelia configuration # -############################################################### - +--- host: 127.0.0.1 port: 9091 jwt_secret: secret_from_config @@ -96,8 +93,8 @@ access_control: session: name: authelia_session - expiration: 3600000 # 1 hour - inactivity: 300000 # 5 minutes + expiration: 3600000 # 1 hour + inactivity: 300000 # 5 minutes domain: example.com redis: host: 127.0.0.1 @@ -121,4 +118,5 @@ notifier: host: 127.0.0.1 port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/ActiveDirectory/configuration.yml b/internal/suites/ActiveDirectory/configuration.yml index 24fddbdba..7835fd026 100644 --- a/internal/suites/ActiveDirectory/configuration.yml +++ b/internal/suites/ActiveDirectory/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -36,8 +37,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -69,4 +70,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/ActiveDirectory/docker-compose.yml b/internal/suites/ActiveDirectory/docker-compose.yml index b99373451..84634997e 100644 --- a/internal/suites/ActiveDirectory/docker-compose.yml +++ b/internal/suites/ActiveDirectory/docker-compose.yml @@ -1,6 +1,8 @@ +--- version: '3' services: authelia-backend: volumes: - './ActiveDirectory/configuration.yml:/config/configuration.yml:ro' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/BypassAll/configuration.yml b/internal/suites/BypassAll/configuration.yml index dd0bb2469..1b2341ebc 100644 --- a/internal/suites/BypassAll/configuration.yml +++ b/internal/suites/BypassAll/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -17,8 +18,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -44,4 +45,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/BypassAll/docker-compose.yml b/internal/suites/BypassAll/docker-compose.yml index 5b8d56193..943aa1b94 100644 --- a/internal/suites/BypassAll/docker-compose.yml +++ b/internal/suites/BypassAll/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './BypassAll/configuration.yml:/config/configuration.yml:ro' - './BypassAll/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/BypassAll/users.yml b/internal/suites/BypassAll/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/BypassAll/users.yml +++ b/internal/suites/BypassAll/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/CLI/configuration.yml b/internal/suites/CLI/configuration.yml index 344012071..1f529d1d5 100644 --- a/internal/suites/CLI/configuration.yml +++ b/internal/suites/CLI/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -17,8 +18,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -39,4 +40,5 @@ access_control: notifier: filesystem: - filename: /config/notification.txt \ No newline at end of file + filename: /config/notification.txt +... diff --git a/internal/suites/CLI/docker-compose.yml b/internal/suites/CLI/docker-compose.yml index 47644e6d7..5935d4a51 100644 --- a/internal/suites/CLI/docker-compose.yml +++ b/internal/suites/CLI/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './CLI/configuration.yml:/config/configuration.yml:ro' - './CLI/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/CLI/users.yml b/internal/suites/CLI/users.yml index 475800c0f..c190246ce 100644 --- a/internal/suites/CLI/users.yml +++ b/internal/suites/CLI/users.yml @@ -1,4 +1,5 @@ -############################################################### +--- +############################################################## # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/Docker/configuration.yml b/internal/suites/Docker/configuration.yml index a72593bb0..302abf6ca 100644 --- a/internal/suites/Docker/configuration.yml +++ b/internal/suites/Docker/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -19,8 +20,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -82,4 +83,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/Docker/docker-compose.yml b/internal/suites/Docker/docker-compose.yml index 9aeff6891..0e1c25b29 100644 --- a/internal/suites/Docker/docker-compose.yml +++ b/internal/suites/Docker/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './Docker/configuration.yml:/config/configuration.yml:ro' - './Docker/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/Docker/users.yml b/internal/suites/Docker/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/Docker/users.yml +++ b/internal/suites/Docker/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/DuoPush/configuration.yml b/internal/suites/DuoPush/configuration.yml index 5dc17b62e..293c70697 100644 --- a/internal/suites/DuoPush/configuration.yml +++ b/internal/suites/DuoPush/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -19,8 +20,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y # Configuration of the storage backend used to store data and secrets. i.e. totp data @@ -98,4 +99,5 @@ regulation: notifier: filesystem: - filename: /tmp/notifier.html \ No newline at end of file + filename: /tmp/notifier.html +... diff --git a/internal/suites/DuoPush/docker-compose.yml b/internal/suites/DuoPush/docker-compose.yml index ea931e124..3ba51bd2d 100644 --- a/internal/suites/DuoPush/docker-compose.yml +++ b/internal/suites/DuoPush/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './DuoPush/configuration.yml:/config/configuration.yml:ro' - './DuoPush/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/DuoPush/users.yml b/internal/suites/DuoPush/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/DuoPush/users.yml +++ b/internal/suites/DuoPush/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/HAProxy/configuration.yml b/internal/suites/HAProxy/configuration.yml index 991f10d04..def48b8a5 100644 --- a/internal/suites/HAProxy/configuration.yml +++ b/internal/suites/HAProxy/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -17,8 +18,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -43,3 +44,4 @@ notifier: port: 1025 sender: admin@example.com disable_require_tls: true +... diff --git a/internal/suites/HAProxy/docker-compose.yml b/internal/suites/HAProxy/docker-compose.yml index 6553cdb15..c6f7a5dc1 100644 --- a/internal/suites/HAProxy/docker-compose.yml +++ b/internal/suites/HAProxy/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './HAProxy/configuration.yml:/config/configuration.yml:ro' - './HAProxy/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/HAProxy/users.yml b/internal/suites/HAProxy/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/HAProxy/users.yml +++ b/internal/suites/HAProxy/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/HighAvailability/configuration.yml b/internal/suites/HighAvailability/configuration.yml index e0f0456ed..8da779478 100644 --- a/internal/suites/HighAvailability/configuration.yml +++ b/internal/suites/HighAvailability/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia configuration # ############################################################### @@ -81,8 +82,8 @@ access_control: session: name: authelia_session secret: unsecure_session_secret - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes domain: example.com redis: username: authelia @@ -118,4 +119,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/HighAvailability/docker-compose.yml b/internal/suites/HighAvailability/docker-compose.yml index 5cb53220f..15bc66e04 100644 --- a/internal/suites/HighAvailability/docker-compose.yml +++ b/internal/suites/HighAvailability/docker-compose.yml @@ -1,6 +1,8 @@ +--- version: '3' services: authelia-backend: volumes: - './HighAvailability/configuration.yml:/config/configuration.yml:ro' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/LDAP/configuration.yml b/internal/suites/LDAP/configuration.yml index bda70ba86..06eba5023 100644 --- a/internal/suites/LDAP/configuration.yml +++ b/internal/suites/LDAP/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -22,7 +23,7 @@ authentication_backend: base_dn: dc=example,dc=com username_attribute: uid additional_users_dn: ou=users - users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson)) + users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson)) # yamllint disable-line rule:line-length additional_groups_dn: ou=groups groups_filter: (&(member={dn})(objectclass=groupOfNames)) group_name_attribute: cn @@ -34,8 +35,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -67,4 +68,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/LDAP/docker-compose.yml b/internal/suites/LDAP/docker-compose.yml index f60766d88..e00299c59 100644 --- a/internal/suites/LDAP/docker-compose.yml +++ b/internal/suites/LDAP/docker-compose.yml @@ -1,6 +1,8 @@ +--- version: '3' services: authelia-backend: volumes: - './LDAP/configuration.yml:/config/configuration.yml:ro' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/Mariadb/configuration.yml b/internal/suites/Mariadb/configuration.yml index 7b8458870..43b330d47 100644 --- a/internal/suites/Mariadb/configuration.yml +++ b/internal/suites/Mariadb/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -19,8 +20,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y # Configuration of the storage backend used to store data and secrets. i.e. totp data @@ -68,4 +69,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/Mariadb/docker-compose.yml b/internal/suites/Mariadb/docker-compose.yml index 0ef478773..049b28c3e 100644 --- a/internal/suites/Mariadb/docker-compose.yml +++ b/internal/suites/Mariadb/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './Mariadb/configuration.yml:/config/configuration.yml:ro' - './Mariadb/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/Mariadb/users.yml b/internal/suites/Mariadb/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/Mariadb/users.yml +++ b/internal/suites/Mariadb/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/MySQL/configuration.yml b/internal/suites/MySQL/configuration.yml index c752254c3..8658fb622 100644 --- a/internal/suites/MySQL/configuration.yml +++ b/internal/suites/MySQL/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -19,8 +20,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y # Configuration of the storage backend used to store data and secrets. i.e. totp data @@ -68,4 +69,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/MySQL/docker-compose.yml b/internal/suites/MySQL/docker-compose.yml index e6e9b6041..a360680e1 100644 --- a/internal/suites/MySQL/docker-compose.yml +++ b/internal/suites/MySQL/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './MySQL/configuration.yml:/config/configuration.yml:ro' - './MySQL/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/MySQL/users.yml b/internal/suites/MySQL/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/MySQL/users.yml +++ b/internal/suites/MySQL/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/NetworkACL/configuration.yml b/internal/suites/NetworkACL/configuration.yml index 71e142cee..21c728c41 100644 --- a/internal/suites/NetworkACL/configuration.yml +++ b/internal/suites/NetworkACL/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -17,8 +18,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y # Configuration of the storage backend used to store data and secrets. i.e. totp data @@ -66,4 +67,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/NetworkACL/docker-compose.yml b/internal/suites/NetworkACL/docker-compose.yml index dd1b1dedf..ae77fe1fc 100644 --- a/internal/suites/NetworkACL/docker-compose.yml +++ b/internal/suites/NetworkACL/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './NetworkACL/configuration.yml:/config/configuration.yml:ro' - './NetworkACL/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/NetworkACL/users.yml b/internal/suites/NetworkACL/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/NetworkACL/users.yml +++ b/internal/suites/NetworkACL/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/OneFactorOnly/configuration.yml b/internal/suites/OneFactorOnly/configuration.yml index 5ae40fa93..9fee88003 100644 --- a/internal/suites/OneFactorOnly/configuration.yml +++ b/internal/suites/OneFactorOnly/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -19,8 +20,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -41,4 +42,5 @@ access_control: notifier: filesystem: - filename: /tmp/notifier.html \ No newline at end of file + filename: /tmp/notifier.html +... diff --git a/internal/suites/OneFactorOnly/docker-compose.yml b/internal/suites/OneFactorOnly/docker-compose.yml index 7be2d0e5b..fc9276507 100644 --- a/internal/suites/OneFactorOnly/docker-compose.yml +++ b/internal/suites/OneFactorOnly/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './OneFactorOnly/configuration.yml:/config/configuration.yml:ro' - './OneFactorOnly/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/OneFactorOnly/users.yml b/internal/suites/OneFactorOnly/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/OneFactorOnly/users.yml +++ b/internal/suites/OneFactorOnly/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/PathPrefix/configuration.yml b/internal/suites/PathPrefix/configuration.yml index b2e7ca94e..a306f86ef 100644 --- a/internal/suites/PathPrefix/configuration.yml +++ b/internal/suites/PathPrefix/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -20,8 +21,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -45,4 +46,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/PathPrefix/docker-compose.yml b/internal/suites/PathPrefix/docker-compose.yml index 78be7a626..428f056ce 100644 --- a/internal/suites/PathPrefix/docker-compose.yml +++ b/internal/suites/PathPrefix/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './PathPrefix/configuration.yml:/config/configuration.yml:ro' - './PathPrefix/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/PathPrefix/users.yml b/internal/suites/PathPrefix/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/PathPrefix/users.yml +++ b/internal/suites/PathPrefix/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/Postgres/configuration.yml b/internal/suites/Postgres/configuration.yml index f56739d87..b1bfad9d6 100644 --- a/internal/suites/Postgres/configuration.yml +++ b/internal/suites/Postgres/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -19,8 +20,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y # Configuration of the storage backend used to store data and secrets. i.e. totp data @@ -68,4 +69,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/Postgres/docker-compose.yml b/internal/suites/Postgres/docker-compose.yml index d3539af4f..187ba6661 100644 --- a/internal/suites/Postgres/docker-compose.yml +++ b/internal/suites/Postgres/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './Postgres/configuration.yml:/config/configuration.yml:ro' - './Postgres/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/Postgres/users.yml b/internal/suites/Postgres/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/Postgres/users.yml +++ b/internal/suites/Postgres/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/ShortTimeouts/configuration.yml b/internal/suites/ShortTimeouts/configuration.yml index 812a1c6c5..4e22ead06 100644 --- a/internal/suites/ShortTimeouts/configuration.yml +++ b/internal/suites/ShortTimeouts/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -73,4 +74,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/ShortTimeouts/docker-compose.yml b/internal/suites/ShortTimeouts/docker-compose.yml index 87edd07f3..6568c9d45 100644 --- a/internal/suites/ShortTimeouts/docker-compose.yml +++ b/internal/suites/ShortTimeouts/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './ShortTimeouts/configuration.yml:/config/configuration.yml:ro' - './ShortTimeouts/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/ShortTimeouts/users.yml b/internal/suites/ShortTimeouts/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/ShortTimeouts/users.yml +++ b/internal/suites/ShortTimeouts/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/Standalone/configuration.yml b/internal/suites/Standalone/configuration.yml index 3555ac815..b92785f01 100644 --- a/internal/suites/Standalone/configuration.yml +++ b/internal/suites/Standalone/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -14,8 +15,8 @@ authentication_backend: session: domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -82,4 +83,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/Standalone/docker-compose.yml b/internal/suites/Standalone/docker-compose.yml index e6e087992..1aaabf6b4 100644 --- a/internal/suites/Standalone/docker-compose.yml +++ b/internal/suites/Standalone/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: authelia-backend: @@ -9,4 +10,5 @@ services: - './Standalone/users.yml:/config/users.yml' - './common/ssl:/config/ssl:ro' - '/tmp:/tmp' - user: ${USER_ID}:${GROUP_ID} \ No newline at end of file + user: ${USER_ID}:${GROUP_ID} +... diff --git a/internal/suites/Standalone/users.yml b/internal/suites/Standalone/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/Standalone/users.yml +++ b/internal/suites/Standalone/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/Traefik/configuration.yml b/internal/suites/Traefik/configuration.yml index 59224cca4..def48b8a5 100644 --- a/internal/suites/Traefik/configuration.yml +++ b/internal/suites/Traefik/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -17,8 +18,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y storage: @@ -42,4 +43,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/Traefik/docker-compose.yml b/internal/suites/Traefik/docker-compose.yml index 355eac407..a80813d91 100644 --- a/internal/suites/Traefik/docker-compose.yml +++ b/internal/suites/Traefik/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './Traefik/configuration.yml:/config/configuration.yml:ro' - './Traefik/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/Traefik/users.yml b/internal/suites/Traefik/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/Traefik/users.yml +++ b/internal/suites/Traefik/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/Traefik2/configuration.yml b/internal/suites/Traefik2/configuration.yml index bda5f5d65..c72ff5d76 100644 --- a/internal/suites/Traefik2/configuration.yml +++ b/internal/suites/Traefik2/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia minimal configuration # ############################################################### @@ -17,8 +18,8 @@ authentication_backend: session: secret: unsecure_session_secret domain: example.com - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y redis: host: redis @@ -47,4 +48,5 @@ notifier: host: smtp port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/Traefik2/docker-compose.yml b/internal/suites/Traefik2/docker-compose.yml index dcddd1d37..3d2c16e79 100644 --- a/internal/suites/Traefik2/docker-compose.yml +++ b/internal/suites/Traefik2/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: authelia-backend: volumes: - './Traefik2/configuration.yml:/config/configuration.yml:ro' - './Traefik2/users.yml:/config/users.yml' - - './common/ssl:/config/ssl:ro' \ No newline at end of file + - './common/ssl:/config/ssl:ro' +... diff --git a/internal/suites/Traefik2/users.yml b/internal/suites/Traefik2/users.yml index 475800c0f..a52978b20 100644 --- a/internal/suites/Traefik2/users.yml +++ b/internal/suites/Traefik2/users.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Users Database # ############################################################### @@ -8,7 +9,7 @@ users: john: displayname: "John Doe" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: john.doe@authelia.com groups: - admins @@ -16,18 +17,19 @@ users: harry: displayname: "Harry Potter" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: harry.potter@authelia.com groups: [] bob: displayname: "Bob Dylan" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length email: bob.dylan@authelia.com groups: - dev james: displayname: "James Dean" - password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" - email: james.dean@authelia.com \ No newline at end of file + password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length + email: james.dean@authelia.com +... diff --git a/internal/suites/docker-compose.yml b/internal/suites/docker-compose.yml index 3d3bde369..2f787a38e 100644 --- a/internal/suites/docker-compose.yml +++ b/internal/suites/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' networks: authelianet: driver: bridge ipam: config: - - subnet: 192.168.240.0/24 \ No newline at end of file + - subnet: 192.168.240.0/24 +... diff --git a/internal/suites/example/compose/authelia/docker-compose.backend.dev.yml b/internal/suites/example/compose/authelia/docker-compose.backend.dev.yml index 77bfc5344..099af6512 100644 --- a/internal/suites/example/compose/authelia/docker-compose.backend.dev.yml +++ b/internal/suites/example/compose/authelia/docker-compose.backend.dev.yml @@ -1,3 +1,4 @@ +--- version: '3' services: authelia-backend: @@ -23,7 +24,7 @@ services: - 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api' - 'traefik.protocol=https' # Traefik 2.x - - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' + - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' # yamllint disable-line rule:line-length - 'traefik.http.routers.authelia_backend.entrypoints=https' - 'traefik.http.routers.authelia_backend.tls=true' - 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https' @@ -32,3 +33,4 @@ services: networks: authelianet: ipv4_address: 192.168.240.50 +... diff --git a/internal/suites/example/compose/authelia/docker-compose.backend.dist.yml b/internal/suites/example/compose/authelia/docker-compose.backend.dist.yml index 05a89128b..9a00dbce3 100644 --- a/internal/suites/example/compose/authelia/docker-compose.backend.dist.yml +++ b/internal/suites/example/compose/authelia/docker-compose.backend.dist.yml @@ -1,3 +1,4 @@ +--- version: '3' services: authelia-backend: @@ -7,7 +8,7 @@ services: - 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api' - 'traefik.protocol=https' # Traefik 2.x - - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' + - 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' # yamllint disable-line rule:line-length - 'traefik.http.routers.authelia_backend.entrypoints=https' - 'traefik.http.routers.authelia_backend.tls=true' - 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https' @@ -19,3 +20,4 @@ services: networks: authelianet: ipv4_address: 192.168.240.50 +... diff --git a/internal/suites/example/compose/authelia/docker-compose.frontend.dev.yml b/internal/suites/example/compose/authelia/docker-compose.frontend.dev.yml index d22a7709b..c8f1fd586 100644 --- a/internal/suites/example/compose/authelia/docker-compose.frontend.dev.yml +++ b/internal/suites/example/compose/authelia/docker-compose.frontend.dev.yml @@ -1,3 +1,4 @@ +--- version: '3' services: authelia-frontend: @@ -17,10 +18,11 @@ services: # Traefik 1.x - 'traefik.frontend.rule=Host:login.example.com' # Traefik 2.x - - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' + - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' # yamllint disable-line rule:line-length - 'traefik.http.routers.authelia_frontend.entrypoints=https' - 'traefik.http.routers.authelia_frontend.tls=true' environment: - PUBLIC_URL=${PathPrefix} networks: - authelianet +... diff --git a/internal/suites/example/compose/authelia/docker-compose.frontend.dist.yml b/internal/suites/example/compose/authelia/docker-compose.frontend.dist.yml index 9657e4d47..f4e85176f 100644 --- a/internal/suites/example/compose/authelia/docker-compose.frontend.dist.yml +++ b/internal/suites/example/compose/authelia/docker-compose.frontend.dist.yml @@ -1,3 +1,4 @@ +--- version: '3' services: authelia-frontend: @@ -8,7 +9,7 @@ services: # Traefik 1.x - 'traefik.frontend.rule=Host:login.example.com' # Traefik 2.x - - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' + - 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' # yamllint disable-line rule:line-length - 'traefik.http.routers.authelia_frontend.entrypoints=https' - 'traefik.http.routers.authelia_frontend.tls=true' - 'traefik.http.services.authelia_frontend.loadbalancer.server.port=3000' @@ -16,3 +17,4 @@ services: - authelianet expose: - 3000 +... diff --git a/internal/suites/example/compose/duo-api/docker-compose.yml b/internal/suites/example/compose/duo-api/docker-compose.yml index ce7ebb169..ceb40177f 100644 --- a/internal/suites/example/compose/duo-api/docker-compose.yml +++ b/internal/suites/example/compose/duo-api/docker-compose.yml @@ -1,7 +1,9 @@ +--- version: '3' services: duo-api: build: context: ./example/compose/duo-api networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/haproxy/docker-compose.yml b/internal/suites/example/compose/haproxy/docker-compose.yml index e0f81520c..39b530c6c 100644 --- a/internal/suites/example/compose/haproxy/docker-compose.yml +++ b/internal/suites/example/compose/haproxy/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: haproxy: @@ -9,4 +10,5 @@ services: networks: authelianet: # Set the IP to be able to query on port 8080 - ipv4_address: 192.168.240.100 \ No newline at end of file + ipv4_address: 192.168.240.100 +... diff --git a/internal/suites/example/compose/httpbin/docker-compose.yml b/internal/suites/example/compose/httpbin/docker-compose.yml index a76ba589a..091bec1c0 100644 --- a/internal/suites/example/compose/httpbin/docker-compose.yml +++ b/internal/suites/example/compose/httpbin/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: httpbin: @@ -17,3 +18,4 @@ services: - 'traefik.http.routers.httpbin.priority=150' - 'traefik.http.routers.httpbin.tls=true' - 'traefik.http.routers.httpbin.middlewares=authelia@docker' +... diff --git a/internal/suites/example/compose/kind/config.yml b/internal/suites/example/compose/kind/config.yml index a29dbac8a..4e44444bd 100644 --- a/internal/suites/example/compose/kind/config.yml +++ b/internal/suites/example/compose/kind/config.yml @@ -1,6 +1,9 @@ +--- kind: Cluster apiVersion: kind.x-k8s.io/v1alpha4 containerdConfigPatches: + # yamllint disable-line rule:indentation - |- [plugins."io.containerd.grpc.v1.cri".registry.mirrors."registrycache.internal:5000"] - endpoint = ["http://registrycache.internal:5000"] \ No newline at end of file + endpoint = ["http://registrycache.internal:5000"] +... diff --git a/internal/suites/example/compose/kind/docker-compose.yml b/internal/suites/example/compose/kind/docker-compose.yml index 7870c4905..d8d599880 100644 --- a/internal/suites/example/compose/kind/docker-compose.yml +++ b/internal/suites/example/compose/kind/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: authelia-kind-proxy: @@ -39,4 +40,5 @@ services: ipv4_address: 192.168.240.110 volumes: - kind-volume: \ No newline at end of file + kind-volume: # yamllint disable-line rule:empty-values +... diff --git a/internal/suites/example/compose/ldap/docker-compose.admin.yml b/internal/suites/example/compose/ldap/docker-compose.admin.yml index d2f9f2a6d..475190893 100644 --- a/internal/suites/example/compose/ldap/docker-compose.admin.yml +++ b/internal/suites/example/compose/ldap/docker-compose.admin.yml @@ -1,3 +1,4 @@ +--- version: '3' services: openldap-admin: @@ -9,3 +10,4 @@ services: - PHPLDAPADMIN_HTTPS=false networks: - authelianet +... diff --git a/internal/suites/example/compose/ldap/docker-compose.yml b/internal/suites/example/compose/ldap/docker-compose.yml index fa0dc93cc..0c0665c79 100644 --- a/internal/suites/example/compose/ldap/docker-compose.yml +++ b/internal/suites/example/compose/ldap/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: openldap: @@ -19,4 +20,5 @@ services: - '--loglevel' - 'debug' networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/mariadb/docker-compose.yml b/internal/suites/example/compose/mariadb/docker-compose.yml index 01ba0b4a6..eba280d64 100644 --- a/internal/suites/example/compose/mariadb/docker-compose.yml +++ b/internal/suites/example/compose/mariadb/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: mariadb: @@ -8,4 +9,5 @@ services: - MYSQL_PASSWORD=password - MYSQL_DATABASE=authelia networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/mysql/docker-compose.yml b/internal/suites/example/compose/mysql/docker-compose.yml index 208cc8b24..c9fa617d1 100644 --- a/internal/suites/example/compose/mysql/docker-compose.yml +++ b/internal/suites/example/compose/mysql/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: mysql: @@ -8,4 +9,5 @@ services: - MYSQL_PASSWORD=password - MYSQL_DATABASE=authelia networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/nginx/backend/docker-compose.yml b/internal/suites/example/compose/nginx/backend/docker-compose.yml index 6121db1a5..00c1f5633 100644 --- a/internal/suites/example/compose/nginx/backend/docker-compose.yml +++ b/internal/suites/example/compose/nginx/backend/docker-compose.yml @@ -1,19 +1,23 @@ +--- version: '3' services: nginx-backend: image: nginx:alpine labels: - - 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com' # Traefik 1.x - - 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080' # Traefik 1.x - - 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true' # Traefik 1.x - - 'traefik.frontend.auth.forward.trustForwardHeader=true' # Traefik 1.x - - 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 1.x - - 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`, `public.example.com`, `secure.example.com`, `admin.example.com`, `singlefactor.example.com`)' # Traefik 2.x - - 'traefik.http.routers.protectedapps.entrypoints=https' # Traefik 2.x - - 'traefik.http.routers.protectedapps.tls=true' # Traefik 2.x - - 'traefik.http.routers.protectedapps.middlewares=authelia@docker' # Traefik 2.x + # Traefik 1.x + - 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com' # yamllint disable-line rule:line-length + - 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080' # yamllint disable-line rule:line-length + - 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true' + - 'traefik.frontend.auth.forward.trustForwardHeader=true' + - 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email' + # Traefik 2.x + - 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`,`public.example.com`,`secure.example.com`,`admin.example.com`,`singlefactor.example.com`)' # yamllint disable-line rule:line-length + - 'traefik.http.routers.protectedapps.entrypoints=https' + - 'traefik.http.routers.protectedapps.tls=true' + - 'traefik.http.routers.protectedapps.middlewares=authelia@docker' volumes: - ./example/compose/nginx/backend/html:/usr/share/nginx/html - ./example/compose/nginx/backend/nginx.conf:/etc/nginx/nginx.conf networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/nginx/portal/docker-compose.yml b/internal/suites/example/compose/nginx/portal/docker-compose.yml index b387d7f3e..517e192fb 100644 --- a/internal/suites/example/compose/nginx/portal/docker-compose.yml +++ b/internal/suites/example/compose/nginx/portal/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: nginx-portal: @@ -14,3 +15,4 @@ services: - duo.example.com # Set the IP to be able to query on port 443 ipv4_address: 192.168.240.100 +... diff --git a/internal/suites/example/compose/postgres/docker-compose.yml b/internal/suites/example/compose/postgres/docker-compose.yml index 7a3385adb..9e16b4ef9 100644 --- a/internal/suites/example/compose/postgres/docker-compose.yml +++ b/internal/suites/example/compose/postgres/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: "3" services: postgres: @@ -7,4 +8,5 @@ services: - POSTGRES_USER=admin - POSTGRES_DB=authelia networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/redis-sentinel/docker-compose.yml b/internal/suites/example/compose/redis-sentinel/docker-compose.yml index 5cc68bf75..594753ddb 100644 --- a/internal/suites/example/compose/redis-sentinel/docker-compose.yml +++ b/internal/suites/example/compose/redis-sentinel/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: redis-node-0: @@ -93,4 +94,5 @@ services: authelianet: aliases: - redis-sentinel-2.example.com - ipv4_address: 192.168.240.122 \ No newline at end of file + ipv4_address: 192.168.240.122 +... diff --git a/internal/suites/example/compose/redis/docker-compose.yml b/internal/suites/example/compose/redis/docker-compose.yml index 90c60d643..68f0e869b 100644 --- a/internal/suites/example/compose/redis/docker-compose.yml +++ b/internal/suites/example/compose/redis/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: redis: @@ -10,4 +11,5 @@ services: - ./example/compose/redis/users.acl:/data/users.acl - ./example/compose/redis/entrypoint.sh:/entrypoint.sh networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/samba/docker-compose.yml b/internal/suites/example/compose/samba/docker-compose.yml index b6b9b9fb4..49b7c6358 100644 --- a/internal/suites/example/compose/samba/docker-compose.yml +++ b/internal/suites/example/compose/samba/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: sambaldap: @@ -11,4 +12,5 @@ services: - DOMAINPASS=Password1 - NOCOMPLEXITY=true networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/smtp/docker-compose.yml b/internal/suites/example/compose/smtp/docker-compose.yml index 6c87b41aa..3305d0fa6 100644 --- a/internal/suites/example/compose/smtp/docker-compose.yml +++ b/internal/suites/example/compose/smtp/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: smtp: @@ -12,4 +13,5 @@ services: - 'traefik.http.routers.mail.tls=true' - 'traefik.http.services.mail.loadbalancer.server.port=1080' networks: - - authelianet \ No newline at end of file + - authelianet +... diff --git a/internal/suites/example/compose/squid/docker-compose.yml b/internal/suites/example/compose/squid/docker-compose.yml index 9776ba993..750022756 100644 --- a/internal/suites/example/compose/squid/docker-compose.yml +++ b/internal/suites/example/compose/squid/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: # Simulates client 1. @@ -16,4 +17,5 @@ services: networks: authelianet: # Set the IP to be able to query on port 443 - ipv4_address: 192.168.240.202 \ No newline at end of file + ipv4_address: 192.168.240.202 +... diff --git a/internal/suites/example/compose/traefik/docker-compose.yml b/internal/suites/example/compose/traefik/docker-compose.yml index ea3eea985..976cb5045 100644 --- a/internal/suites/example/compose/traefik/docker-compose.yml +++ b/internal/suites/example/compose/traefik/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: traefik: @@ -21,4 +22,5 @@ services: networks: authelianet: # Set the IP to be able to query on port 8080 - ipv4_address: 192.168.240.100 \ No newline at end of file + ipv4_address: 192.168.240.100 +... diff --git a/internal/suites/example/compose/traefik2/docker-compose.yml b/internal/suites/example/compose/traefik2/docker-compose.yml index 72deebb20..46172d87c 100644 --- a/internal/suites/example/compose/traefik2/docker-compose.yml +++ b/internal/suites/example/compose/traefik2/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3' services: traefik: @@ -9,10 +10,11 @@ services: - 'traefik.http.routers.api.entrypoints=https' - 'traefik.http.routers.api.service=api@internal' - 'traefik.http.routers.api.tls=true' - - 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # Traefik 2.x - - 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true' # Traefik 2.x - - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' # Traefik 2.x - - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 2.x + # Traefik 2.x + - 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # yamllint disable-line rule:line-length + - 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true' + - 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' + - 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # yamllint disable-line rule:line-length command: - '--api' - '--providers.docker=true' @@ -25,4 +27,5 @@ services: networks: authelianet: # Set the IP to be able to query on port 8080 - ipv4_address: 192.168.240.100 \ No newline at end of file + ipv4_address: 192.168.240.100 +... diff --git a/internal/suites/example/kube/apps/apps.yml b/internal/suites/example/kube/apps/apps.yml index c1870b5c5..498292ffb 100644 --- a/internal/suites/example/kube/apps/apps.yml +++ b/internal/suites/example/kube/apps/apps.yml @@ -17,34 +17,34 @@ spec: app: test-app spec: containers: - - name: test-app - image: nginx:alpine - command: ["/entrypoint.sh"] - ports: - - containerPort: 80 - volumeMounts: - - name: config-volume - mountPath: /entrypoint.sh - subPath: entrypoint.sh - - name: config-volume - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - - name: config-volume - mountPath: /tmp/html.tar.gz - subPath: html.tar.gz + - name: test-app + image: nginx:alpine + command: ["/entrypoint.sh"] + ports: + - containerPort: 80 + volumeMounts: + - name: config-volume + mountPath: /entrypoint.sh + subPath: entrypoint.sh + - name: config-volume + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + - name: config-volume + mountPath: /tmp/html.tar.gz + subPath: html.tar.gz volumes: - - name: config-volume - configMap: - name: nginx-config - items: - - key: entrypoint.sh - path: entrypoint.sh - mode: 0755 - - key: nginx.conf - path: nginx.conf - - key: html.tar.gz - path: html.tar.gz - + - name: config-volume + configMap: + name: nginx-config + items: + - key: entrypoint.sh + path: entrypoint.sh + mode: 0755 # yamllint disable-line rule:octal-values + - key: nginx.conf + path: nginx.conf + - key: html.tar.gz + path: html.tar.gz +... --- apiVersion: v1 kind: Service @@ -61,7 +61,7 @@ spec: name: http - port: 443 name: https - +... --- apiVersion: extensions/v1beta1 kind: Ingress @@ -85,7 +85,7 @@ spec: backend: serviceName: test-app-service servicePort: 80 - +... --- apiVersion: extensions/v1beta1 kind: Ingress @@ -151,3 +151,4 @@ spec: backend: serviceName: test-app-service servicePort: 80 +... diff --git a/internal/suites/example/kube/authelia/configs/configuration.yml b/internal/suites/example/kube/authelia/configs/configuration.yml index 2fe7ce3d9..3bb74691b 100644 --- a/internal/suites/example/kube/authelia/configs/configuration.yml +++ b/internal/suites/example/kube/authelia/configs/configuration.yml @@ -1,3 +1,4 @@ +--- ############################################################### # Authelia configuration # ############################################################### @@ -78,8 +79,8 @@ access_control: policy: two_factor session: - expiration: 3600 # 1 hour - inactivity: 300 # 5 minutes + expiration: 3600 # 1 hour + inactivity: 300 # 5 minutes remember_me_duration: 1y domain: example.com redis: @@ -103,4 +104,5 @@ notifier: host: "mailcatcher-service" port: 1025 sender: admin@example.com - disable_require_tls: true \ No newline at end of file + disable_require_tls: true +... diff --git a/internal/suites/example/kube/authelia/deployment.yml b/internal/suites/example/kube/authelia/deployment.yml index 5530fc3d9..6de87f878 100644 --- a/internal/suites/example/kube/authelia/deployment.yml +++ b/internal/suites/example/kube/authelia/deployment.yml @@ -68,4 +68,5 @@ spec: - key: sql_password path: sql_password - key: ldap_password - path: ldap_password \ No newline at end of file + path: ldap_password +... diff --git a/internal/suites/example/kube/authelia/ingress.yml b/internal/suites/example/kube/authelia/ingress.yml index 3b2699f25..5d7f78cbf 100644 --- a/internal/suites/example/kube/authelia/ingress.yml +++ b/internal/suites/example/kube/authelia/ingress.yml @@ -9,14 +9,15 @@ metadata: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" spec: tls: - - secretName: authelia-tls - hosts: - - login.example.com + - secretName: authelia-tls + hosts: + - login.example.com rules: - - host: login.example.com - http: - paths: - - path: / - backend: - serviceName: authelia-service - servicePort: 443 + - host: login.example.com + http: + paths: + - path: / + backend: + serviceName: authelia-service + servicePort: 443 +... diff --git a/internal/suites/example/kube/authelia/secret.yml b/internal/suites/example/kube/authelia/secret.yml index 9a31917b9..8524cf115 100644 --- a/internal/suites/example/kube/authelia/secret.yml +++ b/internal/suites/example/kube/authelia/secret.yml @@ -8,7 +8,8 @@ metadata: labels: app: authelia data: - jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0 #an_unsecure_secret - ldap_password: cGFzc3dvcmQ= #password - session: dW5zZWN1cmVfcGFzc3dvcmQ= #unsecure_password - sql_password: cGFzc3dvcmQ= #password + jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0 # an_unsecure_secret + ldap_password: cGFzc3dvcmQ= # password + session: dW5zZWN1cmVfcGFzc3dvcmQ= # unsecure_password + sql_password: cGFzc3dvcmQ= # password +... diff --git a/internal/suites/example/kube/authelia/service.yml b/internal/suites/example/kube/authelia/service.yml index 50025fb43..af7686132 100644 --- a/internal/suites/example/kube/authelia/service.yml +++ b/internal/suites/example/kube/authelia/service.yml @@ -8,6 +8,7 @@ spec: selector: app: authelia ports: - - protocol: TCP - port: 443 - targetPort: 443 + - protocol: TCP + port: 443 + targetPort: 443 +... diff --git a/internal/suites/example/kube/dashboard.yml b/internal/suites/example/kube/dashboard.yml index fe4bebcc7..4abe4a715 100644 --- a/internal/suites/example/kube/dashboard.yml +++ b/internal/suites/example/kube/dashboard.yml @@ -4,7 +4,7 @@ kind: ServiceAccount metadata: name: admin-user namespace: kubernetes-dashboard - +... --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding @@ -15,6 +15,7 @@ roleRef: kind: ClusterRole name: cluster-admin subjects: -- kind: ServiceAccount - name: admin-user - namespace: kubernetes-dashboard + - kind: ServiceAccount + name: admin-user + namespace: kubernetes-dashboard +... diff --git a/internal/suites/example/kube/ingress-controller/deployment.yml b/internal/suites/example/kube/ingress-controller/deployment.yml index 0531e9d9a..432941e22 100644 --- a/internal/suites/example/kube/ingress-controller/deployment.yml +++ b/internal/suites/example/kube/ingress-controller/deployment.yml @@ -23,22 +23,23 @@ spec: terminationGracePeriodSeconds: 60 serviceAccountName: nginx-ingress-controller-serviceaccount containers: - - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0 - name: nginx-ingress-controller - imagePullPolicy: Always - ports: - - containerPort: 80 - - containerPort: 443 - env: - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - args: - - /nginx-ingress-controller - - --ingress-class=nginx - - --election-id=ingress-controller-leader + - image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0 + name: nginx-ingress-controller + imagePullPolicy: Always + ports: + - containerPort: 80 + - containerPort: 443 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + args: + - /nginx-ingress-controller + - --ingress-class=nginx + - --election-id=ingress-controller-leader +... diff --git a/internal/suites/example/kube/ingress-controller/rbac.yml b/internal/suites/example/kube/ingress-controller/rbac.yml index 9c3fda7a7..d4ec42faa 100644 --- a/internal/suites/example/kube/ingress-controller/rbac.yml +++ b/internal/suites/example/kube/ingress-controller/rbac.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -5,7 +6,7 @@ metadata: namespace: authelia labels: app: nginx-ingress-controller - +... --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole @@ -60,7 +61,7 @@ rules: - ingresses/status verbs: - update - +... --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -104,7 +105,7 @@ rules: - endpoints verbs: - get - +... --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding @@ -121,7 +122,7 @@ subjects: - kind: ServiceAccount name: nginx-ingress-controller-serviceaccount namespace: authelia - +... --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding @@ -137,5 +138,4 @@ subjects: - kind: ServiceAccount name: nginx-ingress-controller-serviceaccount namespace: authelia - ---- +... diff --git a/internal/suites/example/kube/ingress-controller/service.yml b/internal/suites/example/kube/ingress-controller/service.yml index 12785e67d..ce299dd43 100644 --- a/internal/suites/example/kube/ingress-controller/service.yml +++ b/internal/suites/example/kube/ingress-controller/service.yml @@ -15,3 +15,4 @@ spec: name: http - port: 443 name: https +... diff --git a/internal/suites/example/kube/ldap/deployment.yml b/internal/suites/example/kube/ldap/deployment.yml index 584135024..996895be6 100644 --- a/internal/suites/example/kube/ldap/deployment.yml +++ b/internal/suites/example/kube/ldap/deployment.yml @@ -17,42 +17,43 @@ spec: app: ldap spec: containers: - - name: ldap - image: osixia/openldap:1.3.0 - ports: - - containerPort: 389 - - containerPort: 636 - args: ["--copy-service", "--loglevel", "debug"] - env: - - name: LDAP_ORGANISATION - value: MyCompany - - name: LDAP_DOMAIN - value: example.com - - name: LDAP_ADMIN_PASSWORD - value: password - - name: LDAP_CONFIG_PASSWORD - value: password - - name: LDAP_ADDITIONAL_MODULES - value: memberof - - name: LDAP_ADDITIONAL_SCHEMAS - value: openldap - - name: LDAP_FORCE_RECONFIGURE - value: "true" - - name: LDAP_TLS_VERIFY_CLIENT - value: try - volumeMounts: - - name: config-volume - mountPath: /container/service/slapd/assets/config/bootstrap/ldif/custom/base.ldif - subPath: base.ldif - - name: config-volume - mountPath: /container/service/slapd/assets/config/bootstrap/ldif/custom/access.rules - subPath: access.rules + - name: ldap + image: osixia/openldap:1.3.0 + ports: + - containerPort: 389 + - containerPort: 636 + args: ["--copy-service", "--loglevel", "debug"] + env: + - name: LDAP_ORGANISATION + value: MyCompany + - name: LDAP_DOMAIN + value: example.com + - name: LDAP_ADMIN_PASSWORD + value: password + - name: LDAP_CONFIG_PASSWORD + value: password + - name: LDAP_ADDITIONAL_MODULES + value: memberof + - name: LDAP_ADDITIONAL_SCHEMAS + value: openldap + - name: LDAP_FORCE_RECONFIGURE + value: "true" + - name: LDAP_TLS_VERIFY_CLIENT + value: try + volumeMounts: + - name: config-volume + mountPath: /container/service/slapd/assets/config/bootstrap/ldif/custom/base.ldif + subPath: base.ldif + - name: config-volume + mountPath: /container/service/slapd/assets/config/bootstrap/ldif/custom/access.rules + subPath: access.rules volumes: - - name: config-volume - configMap: - name: ldap-config - items: - - key: base.ldif - path: base.ldif - - key: access.rules - path: access.rules + - name: config-volume + configMap: + name: ldap-config + items: + - key: base.ldif + path: base.ldif + - key: access.rules + path: access.rules +... diff --git a/internal/suites/example/kube/ldap/service.yml b/internal/suites/example/kube/ldap/service.yml index 5e10446b8..e932f4e77 100644 --- a/internal/suites/example/kube/ldap/service.yml +++ b/internal/suites/example/kube/ldap/service.yml @@ -8,5 +8,6 @@ spec: selector: app: ldap ports: - - protocol: TCP - port: 636 + - protocol: TCP + port: 636 +... diff --git a/internal/suites/example/kube/mail/deployment.yml b/internal/suites/example/kube/mail/deployment.yml index 220ad487f..6bec15f5d 100644 --- a/internal/suites/example/kube/mail/deployment.yml +++ b/internal/suites/example/kube/mail/deployment.yml @@ -17,9 +17,9 @@ spec: app: mailcatcher spec: containers: - - name: mailcatcher - image: schickling/mailcatcher - ports: - - containerPort: 1025 - - containerPort: 1080 - + - name: mailcatcher + image: schickling/mailcatcher + ports: + - containerPort: 1025 + - containerPort: 1080 +... diff --git a/internal/suites/example/kube/mail/ingress.yml b/internal/suites/example/kube/mail/ingress.yml index 5de208739..ed2291f95 100644 --- a/internal/suites/example/kube/mail/ingress.yml +++ b/internal/suites/example/kube/mail/ingress.yml @@ -8,14 +8,15 @@ metadata: kubernetes.io/ingress.class: "nginx" spec: tls: - - secretName: mail-tls - hosts: - - mail.example.com + - secretName: mail-tls + hosts: + - mail.example.com rules: - - host: mail.example.com - http: - paths: - - path: / - backend: - serviceName: mailcatcher-service - servicePort: 1080 + - host: mail.example.com + http: + paths: + - path: / + backend: + serviceName: mailcatcher-service + servicePort: 1080 +... diff --git a/internal/suites/example/kube/mail/service.yml b/internal/suites/example/kube/mail/service.yml index f51d7dd98..1d33a5c5e 100644 --- a/internal/suites/example/kube/mail/service.yml +++ b/internal/suites/example/kube/mail/service.yml @@ -8,9 +8,10 @@ spec: selector: app: mailcatcher ports: - - protocol: TCP - port: 1080 - name: ui - - protocol: TCP - port: 1025 - name: smtp + - protocol: TCP + port: 1080 + name: ui + - protocol: TCP + port: 1025 + name: smtp +... diff --git a/internal/suites/example/kube/namespace.yml b/internal/suites/example/kube/namespace.yml index 9dfdb53f8..a48c0b839 100644 --- a/internal/suites/example/kube/namespace.yml +++ b/internal/suites/example/kube/namespace.yml @@ -3,3 +3,4 @@ apiVersion: v1 kind: Namespace metadata: name: authelia +... diff --git a/internal/suites/example/kube/storage/mariadb.yml b/internal/suites/example/kube/storage/mariadb.yml index 137fce072..711dee245 100644 --- a/internal/suites/example/kube/storage/mariadb.yml +++ b/internal/suites/example/kube/storage/mariadb.yml @@ -39,7 +39,7 @@ spec: - name: data-volume hostPath: path: /data/storage/mysql - +... --- apiVersion: v1 kind: Service @@ -50,5 +50,6 @@ spec: selector: app: mariadb ports: - - protocol: TCP - port: 3306 + - protocol: TCP + port: 3306 +... diff --git a/internal/suites/example/kube/storage/redis.yml b/internal/suites/example/kube/storage/redis.yml index 9eb67550a..7cb4fb3d9 100644 --- a/internal/suites/example/kube/storage/redis.yml +++ b/internal/suites/example/kube/storage/redis.yml @@ -17,11 +17,11 @@ spec: app: redis spec: containers: - - name: redis - image: redis:3.2.11-alpine - ports: - - containerPort: 6379 - + - name: redis + image: redis:3.2.11-alpine + ports: + - containerPort: 6379 +... --- apiVersion: v1 kind: Service @@ -32,5 +32,6 @@ spec: selector: app: redis ports: - - protocol: TCP - port: 6379 + - protocol: TCP + port: 6379 +... diff --git a/internal/suites/example/kube/test.yml b/internal/suites/example/kube/test.yml index 5dc93c8bb..af95181a2 100644 --- a/internal/suites/example/kube/test.yml +++ b/internal/suites/example/kube/test.yml @@ -17,6 +17,7 @@ spec: app: test-app1 spec: containers: - - name: test-app1 - image: authelia/authelia:kube - imagePullPolicy: Never + - name: test-app1 + image: authelia/authelia:kube + imagePullPolicy: Never +... diff --git a/internal/suites/example/swarm/docker-compose.yml b/internal/suites/example/swarm/docker-compose.yml index 060fe16e3..4a082bc0e 100644 --- a/internal/suites/example/swarm/docker-compose.yml +++ b/internal/suites/example/swarm/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '3.4' services: authelia: @@ -8,23 +9,25 @@ services: target: /config/configuration.yml uid: '0' gid: '0' - mode: 0444 + mode: 0444 # yamllint disable-line rule:octal-values environment: - NODE_TLS_REJECT_UNAUTHORIZED=0 - # Where the authelia volume is to be mounted. To only use a single volume, the minimal config needs to be changed to read the users_database.yml also from this subdirectory. + # Where the authelia volume is to be mounted. To only use a single volume, the minimal config + # needs to be changed to read the users_database.yml also from this subdirectory. # Otherwise a second volume will need to be configured here to mount the users_database.yml. volumes: - authelia:/config/storage networks: - overlay deploy: - #Configure Authelia to automatically restart on failure. + # Configure Authelia to automatically restart on failure. restart_policy: condition: on-failure delay: 5s max_attempts: 3 window: 120s - # Mode: global would start authelia on all available nodes, replicated limits it to how many replicas are configured. + # Mode: global would start authelia on all available nodes, + # replicated limits it to how many replicas are configured. mode: replicated # How many replicas are wanted. Can be any number >0 up to however many nodes are available. replicas: 1 @@ -32,7 +35,8 @@ services: constraints: - node.role == worker -#The volume for authelia needs to be configured. There are many drivers available. Such as local storage, ceph-rdb, nfs, cifs etc. +# The volume for authelia needs to be configured. +# There are many drivers available. Such as local storage, ceph-rdb, nfs, cifs etc. volumes: authelia: driver: default @@ -45,4 +49,5 @@ networks: # This is needed if Docker configs are being used to provide Authelia with its configuration. configs: authelia: - external: true \ No newline at end of file + external: true +...