ci: add yamllint (#1895)
This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit.pull/1901/head^2
parent
ad7808d430
commit
d33d6c2f00
|
@ -1,5 +1,7 @@
|
||||||
|
---
|
||||||
# This represents the hardcoded pipeline set in Buildkite interface which executes the repo provided dynamic pipeline.
|
# This represents the hardcoded pipeline set in Buildkite interface which executes the repo provided dynamic pipeline.
|
||||||
# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid secret leaks.
|
# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid
|
||||||
|
# secret leaks.
|
||||||
steps:
|
steps:
|
||||||
# Blocking pipeline for master branch deployments (concurrency_group).
|
# Blocking pipeline for master branch deployments (concurrency_group).
|
||||||
- label: ":pipeline: Setup Pipeline"
|
- label: ":pipeline: Setup Pipeline"
|
||||||
|
@ -13,7 +15,7 @@ steps:
|
||||||
command: ".buildkite/pipeline.sh | buildkite-agent pipeline upload"
|
command: ".buildkite/pipeline.sh | buildkite-agent pipeline upload"
|
||||||
if: build.branch != "master"
|
if: build.branch != "master"
|
||||||
|
|
||||||
- wait:
|
- wait: # yamllint disable-line rule:empty-values
|
||||||
if: build.pull_request.repository.fork != true && build.branch !~ /^(dependabot|renovate)\/.*/
|
if: build.pull_request.repository.fork != true && build.branch !~ /^(dependabot|renovate)\/.*/
|
||||||
|
|
||||||
# Manual intervention by team required to deploy for forked PRs (prevent secret leakage).
|
# Manual intervention by team required to deploy for forked PRs (prevent secret leakage).
|
||||||
|
@ -32,9 +34,10 @@ steps:
|
||||||
- label: ":rocket: Setup Deployment"
|
- label: ":rocket: Setup Deployment"
|
||||||
command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
|
command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
|
||||||
depends_on: ~
|
depends_on: ~
|
||||||
if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true
|
if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true # yamllint disable-line rule:line-length
|
||||||
|
|
||||||
# Removed dependency optimisation for forked PRs to enforce block step.
|
# Removed dependency optimisation for forked PRs to enforce block step.
|
||||||
- label: ":rocket: Setup Deployment"
|
- label: ":rocket: Setup Deployment"
|
||||||
command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
|
command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
|
||||||
if: build.pull_request.repository.fork == true
|
if: build.pull_request.repository.fork == true
|
||||||
|
...
|
||||||
|
|
16
.codecov.yml
16
.codecov.yml
|
@ -1,10 +1,11 @@
|
||||||
|
---
|
||||||
codecov:
|
codecov:
|
||||||
require_ci_to_pass: yes
|
require_ci_to_pass: true
|
||||||
|
|
||||||
comment:
|
comment:
|
||||||
layout: "reach, diff, flags, files"
|
layout: "reach, diff, flags, files"
|
||||||
behavior: default
|
behavior: default
|
||||||
require_changes: no
|
require_changes: false
|
||||||
|
|
||||||
coverage:
|
coverage:
|
||||||
precision: 2
|
precision: 2
|
||||||
|
@ -12,7 +13,7 @@ coverage:
|
||||||
range: "70...100"
|
range: "70...100"
|
||||||
status:
|
status:
|
||||||
project:
|
project:
|
||||||
default: off
|
default: false
|
||||||
backend:
|
backend:
|
||||||
base: auto
|
base: auto
|
||||||
flags:
|
flags:
|
||||||
|
@ -38,7 +39,8 @@ ignore:
|
||||||
parsers:
|
parsers:
|
||||||
gcov:
|
gcov:
|
||||||
branch_detection:
|
branch_detection:
|
||||||
conditional: yes
|
conditional: true
|
||||||
loop: yes
|
loop: true
|
||||||
method: no
|
method: false
|
||||||
macro: no
|
macro: false
|
||||||
|
...
|
||||||
|
|
|
@ -1,12 +1,14 @@
|
||||||
|
---
|
||||||
# These are supported funding model platforms
|
# These are supported funding model platforms
|
||||||
|
|
||||||
github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
|
# github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
|
||||||
patreon: # Replace with a single Patreon username
|
# patreon: # Replace with a single Patreon username
|
||||||
open_collective: authelia-sponsors
|
open_collective: authelia-sponsors
|
||||||
ko_fi: # Replace with a single Ko-fi username
|
# ko_fi: # Replace with a single Ko-fi username
|
||||||
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
|
# tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
|
||||||
community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
|
# community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
|
||||||
liberapay: # Replace with a single Liberapay username
|
# liberapay: # Replace with a single Liberapay username
|
||||||
issuehunt: # Replace with a single IssueHunt username
|
# issuehunt: # Replace with a single IssueHunt username
|
||||||
otechie: # Replace with a single Otechie username
|
# otechie: # Replace with a single Otechie username
|
||||||
custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
|
# custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
|
||||||
|
...
|
||||||
|
|
|
@ -1,11 +1,13 @@
|
||||||
|
---
|
||||||
blank_issues_enabled: false
|
blank_issues_enabled: false
|
||||||
contact_links:
|
contact_links:
|
||||||
- name: Documentation
|
- name: Documentation
|
||||||
url: https://www.authelia.com/docs/
|
url: https://www.authelia.com/docs/
|
||||||
about: Read the Documentation
|
about: Read the Documentation
|
||||||
- name: Matrix
|
- name: Matrix
|
||||||
url: https://riot.im/app/#/room/#authelia:matrix.org
|
url: https://riot.im/app/#/room/#authelia:matrix.org
|
||||||
about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact
|
about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact
|
||||||
- name: Discord
|
- name: Discord
|
||||||
url: https://discord.authelia.com
|
url: https://discord.authelia.com
|
||||||
about: Discuss Authelia with the Developers on Discord which is bridged to Matrix
|
about: Discuss Authelia with the Developers on Discord which is bridged to Matrix
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
run:
|
run:
|
||||||
timeout: 3m
|
timeout: 3m
|
||||||
|
|
||||||
|
@ -33,7 +34,7 @@ linters:
|
||||||
|
|
||||||
issues:
|
issues:
|
||||||
exclude:
|
exclude:
|
||||||
- Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked
|
- Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked # yamllint disable-line rule:line-length
|
||||||
- func name will be used as test\.Test.* by other packages, and that stutters; consider calling this
|
- func name will be used as test\.Test.* by other packages, and that stutters; consider calling this
|
||||||
- (possible misuse of unsafe.Pointer|should have signature)
|
- (possible misuse of unsafe.Pointer|should have signature)
|
||||||
- ineffective break statement. Did you mean to break out of the outer loop
|
- ineffective break statement. Did you mean to break out of the outer loop
|
||||||
|
@ -45,3 +46,4 @@ issues:
|
||||||
exclude-use-default: false
|
exclude-use-default: false
|
||||||
max-issues-per-linter: 0
|
max-issues-per-linter: 0
|
||||||
max-same-issues: 0
|
max-same-issues: 0
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
runner:
|
runner:
|
||||||
golangci:
|
golangci:
|
||||||
cmd: golangci-lint run
|
cmd: golangci-lint run
|
||||||
|
@ -10,3 +11,9 @@ runner:
|
||||||
cmd: cd web && eslint -f rdjson '*/**/*.{js,ts,tsx}'
|
cmd: cd web && eslint -f rdjson '*/**/*.{js,ts,tsx}'
|
||||||
format: rdjson
|
format: rdjson
|
||||||
level: error
|
level: error
|
||||||
|
yamllint:
|
||||||
|
cmd: yamllint --format parsable .
|
||||||
|
errorformat:
|
||||||
|
- '%f:%l:%c: %m'
|
||||||
|
level: warning
|
||||||
|
...
|
||||||
|
|
|
@ -0,0 +1,22 @@
|
||||||
|
---
|
||||||
|
extends: default
|
||||||
|
|
||||||
|
ignore: |
|
||||||
|
internal/configuration/test_resources/config_bad_quoting.yml
|
||||||
|
web/node_modules/
|
||||||
|
compose/
|
||||||
|
config.template.yml
|
||||||
|
internal/configuration/config.template.yml
|
||||||
|
|
||||||
|
rules:
|
||||||
|
document-end:
|
||||||
|
level: warning
|
||||||
|
empty-values:
|
||||||
|
level: warning
|
||||||
|
indentation:
|
||||||
|
spaces: 2
|
||||||
|
check-multi-line-strings: true
|
||||||
|
line-length:
|
||||||
|
max: 120
|
||||||
|
octal-values: enable
|
||||||
|
...
|
|
@ -2,7 +2,9 @@
|
||||||
openapi: 3.0.0
|
openapi: 3.0.0
|
||||||
info:
|
info:
|
||||||
title: Authelia API
|
title: Authelia API
|
||||||
description: Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal.
|
description: >
|
||||||
|
Authelia is an open-source authentication and authorization server providing 2-factor authentication and single
|
||||||
|
sign-on (SSO) for your applications via a web portal.
|
||||||
contact:
|
contact:
|
||||||
name: Authelia Support
|
name: Authelia Support
|
||||||
url: https://github.com/authelia/authelia#contact-options
|
url: https://github.com/authelia/authelia#contact-options
|
||||||
|
@ -28,7 +30,9 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- State
|
- State
|
||||||
summary: Application Configuration
|
summary: Application Configuration
|
||||||
description: The configuration endpoint provides detailed information including available second factor methods, if any second factor policies exist and the TOTP period configuration.
|
description: >
|
||||||
|
The configuration endpoint provides detailed information including available second factor methods, if any
|
||||||
|
second factor policies exist and the TOTP period configuration.
|
||||||
responses:
|
responses:
|
||||||
"200":
|
"200":
|
||||||
description: Successful Operation
|
description: Successful Operation
|
||||||
|
@ -39,7 +43,7 @@ paths:
|
||||||
"403":
|
"403":
|
||||||
description: Forbidden
|
description: Forbidden
|
||||||
security:
|
security:
|
||||||
- authelia_auth: [ ]
|
- authelia_auth: []
|
||||||
/api/health:
|
/api/health:
|
||||||
get:
|
get:
|
||||||
tags:
|
tags:
|
||||||
|
@ -58,7 +62,9 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- State
|
- State
|
||||||
summary: User Application State
|
summary: User Application State
|
||||||
description: The state endpoint provides detailed information including the user, current authenticate level and Authelia's configured default redirection URL.
|
description: >
|
||||||
|
The state endpoint provides detailed information including the user, current authenticate level and Authelia's
|
||||||
|
configured default redirection URL.
|
||||||
responses:
|
responses:
|
||||||
"200":
|
"200":
|
||||||
description: Successful Operation
|
description: Successful Operation
|
||||||
|
@ -71,7 +77,9 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Authentication
|
- Authentication
|
||||||
summary: Verification
|
summary: Verification
|
||||||
description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain.
|
description: >
|
||||||
|
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||||
|
domain.
|
||||||
parameters:
|
parameters:
|
||||||
- $ref: '#/components/parameters/originalURLParam'
|
- $ref: '#/components/parameters/originalURLParam'
|
||||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||||
|
@ -108,7 +116,9 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Authentication
|
- Authentication
|
||||||
summary: Verification
|
summary: Verification
|
||||||
description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain.
|
description: >
|
||||||
|
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||||
|
domain.
|
||||||
parameters:
|
parameters:
|
||||||
- $ref: '#/components/parameters/originalURLParam'
|
- $ref: '#/components/parameters/originalURLParam'
|
||||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||||
|
@ -146,7 +156,8 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Authentication
|
- Authentication
|
||||||
summary: Login
|
summary: Login
|
||||||
description: The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization.
|
description: >
|
||||||
|
The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization.
|
||||||
requestBody:
|
requestBody:
|
||||||
content:
|
content:
|
||||||
application/json:
|
application/json:
|
||||||
|
@ -184,13 +195,19 @@ paths:
|
||||||
schema:
|
schema:
|
||||||
$ref: '#/components/schemas/middlewares.OkResponse'
|
$ref: '#/components/schemas/middlewares.OkResponse'
|
||||||
security:
|
security:
|
||||||
- authelia_auth: [ ]
|
- authelia_auth: []
|
||||||
/api/reset-password/identity/start:
|
/api/reset-password/identity/start:
|
||||||
post:
|
post:
|
||||||
tags:
|
tags:
|
||||||
- Password Reset
|
- Password Reset
|
||||||
summary: Identity Verification Token Creation
|
summary: Identity Verification Token Creation
|
||||||
description: "This endpoint is step 1 of 3 in the password reset process.\n\nIt validates the user session and sends the user an email with a token and a link to reset their password. This step also generates a session cookie for the rest of the process.\n\nThe same session cookie must be used for all steps in this process."
|
description: >
|
||||||
|
This endpoint is step 1 of 3 in the password reset process.
|
||||||
|
|
||||||
|
It validates the user session and sends the user an email with a token and a link to reset their password. This
|
||||||
|
step also generates a session cookie for the rest of the process.
|
||||||
|
|
||||||
|
The same session cookie must be used for all steps in this process.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -211,7 +228,12 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Password Reset
|
- Password Reset
|
||||||
summary: Identity Verification Token Validation
|
summary: Identity Verification Token Validation
|
||||||
description: "This endpoint is step 2 of 3 in the password reset process.\n\nIt validates the user session and reset token.\n\nThe same session cookie must be used for all steps in this process."
|
description: >
|
||||||
|
This endpoint is step 2 of 3 in the password reset process.
|
||||||
|
|
||||||
|
It validates the user session and reset token.
|
||||||
|
|
||||||
|
The same session cookie must be used for all steps in this process.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -232,7 +254,12 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Password Reset
|
- Password Reset
|
||||||
summary: Password Reset
|
summary: Password Reset
|
||||||
description: "This endpoint is step 3 of 3 in the password reset process.\n\nIt validates the user session and changes the password.\n\nThe same session cookie must be used for all steps in this process."
|
description: >
|
||||||
|
This endpoint is step 3 of 3 in the password reset process.
|
||||||
|
|
||||||
|
It validates the user session and changes the password.
|
||||||
|
|
||||||
|
The same session cookie must be used for all steps in this process.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -253,7 +280,9 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- User Information
|
- User Information
|
||||||
summary: User Configuration
|
summary: User Configuration
|
||||||
description: The user info endpoint provides detailed information including a users display name, preferred and registered second factor method(s).
|
description: >
|
||||||
|
The user info endpoint provides detailed information including a users display name, preferred and registered
|
||||||
|
second factor method(s).
|
||||||
responses:
|
responses:
|
||||||
"200":
|
"200":
|
||||||
description: Successful Operation
|
description: Successful Operation
|
||||||
|
@ -264,7 +293,7 @@ paths:
|
||||||
"403":
|
"403":
|
||||||
description: Forbidden
|
description: Forbidden
|
||||||
security:
|
security:
|
||||||
- authelia_auth: [ ]
|
- authelia_auth: []
|
||||||
/api/user/info/2fa_method:
|
/api/user/info/2fa_method:
|
||||||
post:
|
post:
|
||||||
tags:
|
tags:
|
||||||
|
@ -286,13 +315,17 @@ paths:
|
||||||
"403":
|
"403":
|
||||||
description: Forbidden
|
description: Forbidden
|
||||||
security:
|
security:
|
||||||
- authelia_auth: [ ]
|
- authelia_auth: []
|
||||||
/api/secondfactor/totp/identity/start:
|
/api/secondfactor/totp/identity/start:
|
||||||
post:
|
post:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: Identity Verification TOTP Token Creation
|
summary: Identity Verification TOTP Token Creation
|
||||||
description: "This endpoint performs identity verification to begin the TOTP device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent step in the `/api/secondfactor/totp/identity/finish` endpoint."
|
description: >
|
||||||
|
This endpoint performs identity verification to begin the TOTP device registration process.
|
||||||
|
|
||||||
|
The session generated from this endpoint must be utilised for the subsequent step in the
|
||||||
|
`/api/secondfactor/totp/identity/finish` endpoint.
|
||||||
responses:
|
responses:
|
||||||
"200":
|
"200":
|
||||||
description: Successful Operation
|
description: Successful Operation
|
||||||
|
@ -307,7 +340,12 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: Identity Verification TOTP Token Validation and Device Creation
|
summary: Identity Verification TOTP Token Validation and Device Creation
|
||||||
description: "This endpoint performs identity and token verification, upon success also generates TOTP device secret and registers said device.\n\nThe session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the step here"
|
description: >
|
||||||
|
This endpoint performs identity and token verification, upon success also generates TOTP device secret and
|
||||||
|
registers said device.
|
||||||
|
|
||||||
|
The session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the
|
||||||
|
step here.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -328,7 +366,7 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: Second Factor Authentication - TOTP
|
summary: Second Factor Authentication - TOTP
|
||||||
description: "This endpoint performs second factor authentication with a TOTP key."
|
description: This endpoint performs second factor authentication with a TOTP key.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -355,7 +393,7 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: Second Factor Authentication - U2F (Request)
|
summary: Second Factor Authentication - U2F (Request)
|
||||||
description: "This endpoint starts the second factor authentication process with the U2F key."
|
description: This endpoint starts the second factor authentication process with the U2F key.
|
||||||
responses:
|
responses:
|
||||||
"200":
|
"200":
|
||||||
description: Successful Operation
|
description: Successful Operation
|
||||||
|
@ -395,7 +433,11 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: Identity Verification U2F Token Creation
|
summary: Identity Verification U2F Token Creation
|
||||||
description: "This endpoint performs identity verification to begin the U2F device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent steps in the `/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints."
|
description: >
|
||||||
|
This endpoint performs identity verification to begin the U2F device registration process.
|
||||||
|
|
||||||
|
The session generated from this endpoint must be utilised for the subsequent steps in the
|
||||||
|
`/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints.
|
||||||
responses:
|
responses:
|
||||||
"200":
|
"200":
|
||||||
description: Successful Operation
|
description: Successful Operation
|
||||||
|
@ -410,7 +452,12 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: Identity Verification U2F Token Validation
|
summary: Identity Verification U2F Token Validation
|
||||||
description: "This endpoint performs identity and token verification, upon success generates a U2F device registration challenge.\n\nThe session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint."
|
description: >
|
||||||
|
This endpoint performs identity and token verification, upon success generates a U2F device registration
|
||||||
|
challenge.
|
||||||
|
|
||||||
|
The session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the
|
||||||
|
subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -431,7 +478,7 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: U2F Device Registration
|
summary: U2F Device Registration
|
||||||
description: "This endpoint performs U2F device registration."
|
description: This endpoint performs U2F device registration.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -452,7 +499,7 @@ paths:
|
||||||
tags:
|
tags:
|
||||||
- Second Factor
|
- Second Factor
|
||||||
summary: Second Factor Authentication - Duo Mobile Push
|
summary: Second Factor Authentication - Duo Mobile Push
|
||||||
description: "This endpoint performs second factor authentication with a Duo Mobile Push."
|
description: This endpoint performs second factor authentication with a Duo Mobile Push.
|
||||||
requestBody:
|
requestBody:
|
||||||
required: true
|
required: true
|
||||||
content:
|
content:
|
||||||
|
@ -634,7 +681,7 @@ components:
|
||||||
example: 5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q
|
example: 5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q
|
||||||
otpauth_url:
|
otpauth_url:
|
||||||
type: string
|
type: string
|
||||||
example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q
|
example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q # yamllint disable-line rule:line-length
|
||||||
handlers.UserInfo:
|
handlers.UserInfo:
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
|
@ -682,7 +729,7 @@ components:
|
||||||
properties:
|
properties:
|
||||||
token:
|
token:
|
||||||
type: string
|
type: string
|
||||||
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY
|
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY # yamllint disable-line rule:line-length
|
||||||
middlewares.OkResponse:
|
middlewares.OkResponse:
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
|
@ -771,3 +818,4 @@ components:
|
||||||
type: apiKey
|
type: apiKey
|
||||||
name: "{{.Session}}"
|
name: "{{.Session}}"
|
||||||
in: cookie
|
in: cookie
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
title: Authelia
|
title: Authelia
|
||||||
email: clement.michaud34@gmail.com
|
email: clement.michaud34@gmail.com
|
||||||
description: Authelia is an open source multi-factor single sign-on portal for web applications
|
description: Authelia is an open source multi-factor single sign-on portal for web applications
|
||||||
|
@ -6,10 +7,13 @@ baseurl: "/docs/"
|
||||||
# url: "https://www.authelia.com"
|
# url: "https://www.authelia.com"
|
||||||
repository: https://github.com/authelia/authelia
|
repository: https://github.com/authelia/authelia
|
||||||
logo: ./images/authelia-title.png
|
logo: ./images/authelia-title.png
|
||||||
footer_content: "Copyright © 2020 Authelia. Distributed by an <a href=\"https://github.com/authelia/authelia/blob/master/LICENSE\">Apache 2.0 license.</a>"
|
footer_content: >
|
||||||
|
Copyright © 2021 Authelia. Distributed by an
|
||||||
|
<a href=\"https://github.com/authelia/authelia/blob/master/LICENSE\">Apache 2.0 license.</a>
|
||||||
markdown: kramdown
|
markdown: kramdown
|
||||||
theme: just-the-docs
|
theme: just-the-docs
|
||||||
keep_files:
|
keep_files:
|
||||||
- .git
|
- .git
|
||||||
- CNAME
|
- CNAME
|
||||||
ga_tracking: UA-124926127-1
|
ga_tracking: UA-124926127-1
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
# yamllint disable rule:line-length
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -7,8 +9,10 @@
|
||||||
users:
|
users:
|
||||||
authelia:
|
authelia:
|
||||||
displayname: "Test User"
|
displayname: "Test User"
|
||||||
password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk" # Password is 'authelia'
|
password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk" # Password is 'authelia'
|
||||||
email: authelia@authelia.com
|
email: authelia@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
- dev
|
- dev
|
||||||
|
...
|
||||||
|
# yamllint enable rule:line-length
|
||||||
|
|
|
@ -164,7 +164,7 @@ func TestShouldErrorParseBadConfigFile(t *testing.T) {
|
||||||
|
|
||||||
require.Len(t, errors, 1)
|
require.Len(t, errors, 1)
|
||||||
|
|
||||||
require.EqualError(t, errors[0], "Error malformed yaml: line 23: did not find expected alphabetic or numeric character")
|
require.EqualError(t, errors[0], "Error malformed yaml: line 24: did not find expected alphabetic or numeric character")
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestShouldParseConfigFile(t *testing.T) {
|
func TestShouldParseConfigFile(t *testing.T) {
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
###############################################################
|
---
|
||||||
# Authelia configuration #
|
|
||||||
###############################################################
|
|
||||||
|
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
port: 9091
|
port: 9091
|
||||||
|
|
||||||
|
@ -95,8 +92,8 @@ access_control:
|
||||||
|
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
expiration: 3600000 # 1 hour
|
expiration: 3600000 # 1 hour
|
||||||
inactivity: 300000 # 5 minutes
|
inactivity: 300000 # 5 minutes
|
||||||
domain: example.com
|
domain: example.com
|
||||||
redis:
|
redis:
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
|
@ -123,3 +120,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
###############################################################
|
---
|
||||||
# Authelia configuration #
|
|
||||||
###############################################################
|
|
||||||
|
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
port: 9091
|
port: 9091
|
||||||
|
|
||||||
|
@ -95,8 +92,8 @@ access_control:
|
||||||
|
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
expiration: 3600000 # 1 hour
|
expiration: 3600000 # 1 hour
|
||||||
inactivity: 300000 # 5 minutes
|
inactivity: 300000 # 5 minutes
|
||||||
domain: example.com
|
domain: example.com
|
||||||
redis:
|
redis:
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
|
@ -121,3 +118,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
###############################################################
|
---
|
||||||
# Authelia configuration #
|
|
||||||
###############################################################
|
|
||||||
|
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
port: 9091
|
port: 9091
|
||||||
loggy_file: /config/svc.log
|
loggy_file: /config/svc.log
|
||||||
|
@ -96,8 +93,8 @@ access_control:
|
||||||
|
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
expiration: 3600000 # 1 hour
|
expiration: 3600000 # 1 hour
|
||||||
inactivity: 300000 # 5 minutes
|
inactivity: 300000 # 5 minutes
|
||||||
domain: example.com
|
domain: example.com
|
||||||
redis:
|
redis:
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
|
@ -122,3 +119,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
host: 0.0.0.0
|
host: 0.0.0.0
|
||||||
port: 9091
|
port: 9091
|
||||||
log_level: debug
|
log_level: debug
|
||||||
|
@ -50,3 +51,4 @@ notifier:
|
||||||
host: smtp.gmail.com
|
host: smtp.gmail.com
|
||||||
port: 465
|
port: 465
|
||||||
sender: example.com
|
sender: example.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
###############################################################
|
---
|
||||||
# Authelia configuration #
|
|
||||||
###############################################################
|
|
||||||
|
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
port: 9091
|
port: 9091
|
||||||
jwt_secret: secret_from_config
|
jwt_secret: secret_from_config
|
||||||
|
@ -96,8 +93,8 @@ access_control:
|
||||||
|
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
expiration: 3600000 # 1 hour
|
expiration: 3600000 # 1 hour
|
||||||
inactivity: 300000 # 5 minutes
|
inactivity: 300000 # 5 minutes
|
||||||
domain: example.com
|
domain: example.com
|
||||||
redis:
|
redis:
|
||||||
host: 127.0.0.1
|
host: 127.0.0.1
|
||||||
|
@ -122,3 +119,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -36,8 +37,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -70,3 +71,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
volumes:
|
volumes:
|
||||||
- './ActiveDirectory/configuration.yml:/config/configuration.yml:ro'
|
- './ActiveDirectory/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -17,8 +18,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -45,3 +46,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './BypassAll/configuration.yml:/config/configuration.yml:ro'
|
- './BypassAll/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './BypassAll/users.yml:/config/users.yml'
|
- './BypassAll/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -17,8 +18,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -40,3 +41,4 @@ access_control:
|
||||||
notifier:
|
notifier:
|
||||||
filesystem:
|
filesystem:
|
||||||
filename: /config/notification.txt
|
filename: /config/notification.txt
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './CLI/configuration.yml:/config/configuration.yml:ro'
|
- './CLI/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './CLI/users.yml:/config/users.yml'
|
- './CLI/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
###############################################################
|
---
|
||||||
|
##############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -19,8 +20,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -83,3 +84,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './Docker/configuration.yml:/config/configuration.yml:ro'
|
- './Docker/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './Docker/users.yml:/config/users.yml'
|
- './Docker/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -19,8 +20,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
||||||
|
@ -99,3 +100,4 @@ regulation:
|
||||||
notifier:
|
notifier:
|
||||||
filesystem:
|
filesystem:
|
||||||
filename: /tmp/notifier.html
|
filename: /tmp/notifier.html
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './DuoPush/configuration.yml:/config/configuration.yml:ro'
|
- './DuoPush/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './DuoPush/users.yml:/config/users.yml'
|
- './DuoPush/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -17,8 +18,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -43,3 +44,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './HAProxy/configuration.yml:/config/configuration.yml:ro'
|
- './HAProxy/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './HAProxy/users.yml:/config/users.yml'
|
- './HAProxy/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia configuration #
|
# Authelia configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -81,8 +82,8 @@ access_control:
|
||||||
session:
|
session:
|
||||||
name: authelia_session
|
name: authelia_session
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
domain: example.com
|
domain: example.com
|
||||||
redis:
|
redis:
|
||||||
username: authelia
|
username: authelia
|
||||||
|
@ -119,3 +120,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
volumes:
|
volumes:
|
||||||
- './HighAvailability/configuration.yml:/config/configuration.yml:ro'
|
- './HighAvailability/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -22,7 +23,7 @@ authentication_backend:
|
||||||
base_dn: dc=example,dc=com
|
base_dn: dc=example,dc=com
|
||||||
username_attribute: uid
|
username_attribute: uid
|
||||||
additional_users_dn: ou=users
|
additional_users_dn: ou=users
|
||||||
users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson))
|
users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson)) # yamllint disable-line rule:line-length
|
||||||
additional_groups_dn: ou=groups
|
additional_groups_dn: ou=groups
|
||||||
groups_filter: (&(member={dn})(objectclass=groupOfNames))
|
groups_filter: (&(member={dn})(objectclass=groupOfNames))
|
||||||
group_name_attribute: cn
|
group_name_attribute: cn
|
||||||
|
@ -34,8 +35,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -68,3 +69,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
volumes:
|
volumes:
|
||||||
- './LDAP/configuration.yml:/config/configuration.yml:ro'
|
- './LDAP/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -19,8 +20,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
||||||
|
@ -69,3 +70,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './Mariadb/configuration.yml:/config/configuration.yml:ro'
|
- './Mariadb/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './Mariadb/users.yml:/config/users.yml'
|
- './Mariadb/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -19,8 +20,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
||||||
|
@ -69,3 +70,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './MySQL/configuration.yml:/config/configuration.yml:ro'
|
- './MySQL/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './MySQL/users.yml:/config/users.yml'
|
- './MySQL/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -17,8 +18,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
||||||
|
@ -67,3 +68,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './NetworkACL/configuration.yml:/config/configuration.yml:ro'
|
- './NetworkACL/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './NetworkACL/users.yml:/config/users.yml'
|
- './NetworkACL/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -19,8 +20,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -42,3 +43,4 @@ access_control:
|
||||||
notifier:
|
notifier:
|
||||||
filesystem:
|
filesystem:
|
||||||
filename: /tmp/notifier.html
|
filename: /tmp/notifier.html
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './OneFactorOnly/configuration.yml:/config/configuration.yml:ro'
|
- './OneFactorOnly/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './OneFactorOnly/users.yml:/config/users.yml'
|
- './OneFactorOnly/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -20,8 +21,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -46,3 +47,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './PathPrefix/configuration.yml:/config/configuration.yml:ro'
|
- './PathPrefix/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './PathPrefix/users.yml:/config/users.yml'
|
- './PathPrefix/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -19,8 +20,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
# Configuration of the storage backend used to store data and secrets. i.e. totp data
|
||||||
|
@ -69,3 +70,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './Postgres/configuration.yml:/config/configuration.yml:ro'
|
- './Postgres/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './Postgres/users.yml:/config/users.yml'
|
- './Postgres/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -74,3 +75,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './ShortTimeouts/configuration.yml:/config/configuration.yml:ro'
|
- './ShortTimeouts/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './ShortTimeouts/users.yml:/config/users.yml'
|
- './ShortTimeouts/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -14,8 +15,8 @@ authentication_backend:
|
||||||
|
|
||||||
session:
|
session:
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -83,3 +84,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -10,3 +11,4 @@ services:
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
- '/tmp:/tmp'
|
- '/tmp:/tmp'
|
||||||
user: ${USER_ID}:${GROUP_ID}
|
user: ${USER_ID}:${GROUP_ID}
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -17,8 +18,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
|
|
||||||
storage:
|
storage:
|
||||||
|
@ -43,3 +44,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './Traefik/configuration.yml:/config/configuration.yml:ro'
|
- './Traefik/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './Traefik/users.yml:/config/users.yml'
|
- './Traefik/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia minimal configuration #
|
# Authelia minimal configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -17,8 +18,8 @@ authentication_backend:
|
||||||
session:
|
session:
|
||||||
secret: unsecure_session_secret
|
secret: unsecure_session_secret
|
||||||
domain: example.com
|
domain: example.com
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
redis:
|
redis:
|
||||||
host: redis
|
host: redis
|
||||||
|
@ -48,3 +49,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
- './Traefik2/configuration.yml:/config/configuration.yml:ro'
|
- './Traefik2/configuration.yml:/config/configuration.yml:ro'
|
||||||
- './Traefik2/users.yml:/config/users.yml'
|
- './Traefik2/users.yml:/config/users.yml'
|
||||||
- './common/ssl:/config/ssl:ro'
|
- './common/ssl:/config/ssl:ro'
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Users Database #
|
# Users Database #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -8,7 +9,7 @@
|
||||||
users:
|
users:
|
||||||
john:
|
john:
|
||||||
displayname: "John Doe"
|
displayname: "John Doe"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: john.doe@authelia.com
|
email: john.doe@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- admins
|
- admins
|
||||||
|
@ -16,18 +17,19 @@ users:
|
||||||
|
|
||||||
harry:
|
harry:
|
||||||
displayname: "Harry Potter"
|
displayname: "Harry Potter"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: harry.potter@authelia.com
|
email: harry.potter@authelia.com
|
||||||
groups: []
|
groups: []
|
||||||
|
|
||||||
bob:
|
bob:
|
||||||
displayname: "Bob Dylan"
|
displayname: "Bob Dylan"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: bob.dylan@authelia.com
|
email: bob.dylan@authelia.com
|
||||||
groups:
|
groups:
|
||||||
- dev
|
- dev
|
||||||
|
|
||||||
james:
|
james:
|
||||||
displayname: "James Dean"
|
displayname: "James Dean"
|
||||||
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
|
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
|
||||||
email: james.dean@authelia.com
|
email: james.dean@authelia.com
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
networks:
|
networks:
|
||||||
authelianet:
|
authelianet:
|
||||||
|
@ -5,3 +6,4 @@ networks:
|
||||||
ipam:
|
ipam:
|
||||||
config:
|
config:
|
||||||
- subnet: 192.168.240.0/24
|
- subnet: 192.168.240.0/24
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -23,7 +24,7 @@ services:
|
||||||
- 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
|
- 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
|
||||||
- 'traefik.protocol=https'
|
- 'traefik.protocol=https'
|
||||||
# Traefik 2.x
|
# Traefik 2.x
|
||||||
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'
|
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.http.routers.authelia_backend.entrypoints=https'
|
- 'traefik.http.routers.authelia_backend.entrypoints=https'
|
||||||
- 'traefik.http.routers.authelia_backend.tls=true'
|
- 'traefik.http.routers.authelia_backend.tls=true'
|
||||||
- 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
|
- 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
|
||||||
|
@ -32,3 +33,4 @@ services:
|
||||||
networks:
|
networks:
|
||||||
authelianet:
|
authelianet:
|
||||||
ipv4_address: 192.168.240.50
|
ipv4_address: 192.168.240.50
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-backend:
|
authelia-backend:
|
||||||
|
@ -7,7 +8,7 @@ services:
|
||||||
- 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
|
- 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
|
||||||
- 'traefik.protocol=https'
|
- 'traefik.protocol=https'
|
||||||
# Traefik 2.x
|
# Traefik 2.x
|
||||||
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'
|
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.http.routers.authelia_backend.entrypoints=https'
|
- 'traefik.http.routers.authelia_backend.entrypoints=https'
|
||||||
- 'traefik.http.routers.authelia_backend.tls=true'
|
- 'traefik.http.routers.authelia_backend.tls=true'
|
||||||
- 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
|
- 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
|
||||||
|
@ -19,3 +20,4 @@ services:
|
||||||
networks:
|
networks:
|
||||||
authelianet:
|
authelianet:
|
||||||
ipv4_address: 192.168.240.50
|
ipv4_address: 192.168.240.50
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-frontend:
|
authelia-frontend:
|
||||||
|
@ -17,10 +18,11 @@ services:
|
||||||
# Traefik 1.x
|
# Traefik 1.x
|
||||||
- 'traefik.frontend.rule=Host:login.example.com'
|
- 'traefik.frontend.rule=Host:login.example.com'
|
||||||
# Traefik 2.x
|
# Traefik 2.x
|
||||||
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'
|
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.http.routers.authelia_frontend.entrypoints=https'
|
- 'traefik.http.routers.authelia_frontend.entrypoints=https'
|
||||||
- 'traefik.http.routers.authelia_frontend.tls=true'
|
- 'traefik.http.routers.authelia_frontend.tls=true'
|
||||||
environment:
|
environment:
|
||||||
- PUBLIC_URL=${PathPrefix}
|
- PUBLIC_URL=${PathPrefix}
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-frontend:
|
authelia-frontend:
|
||||||
|
@ -8,7 +9,7 @@ services:
|
||||||
# Traefik 1.x
|
# Traefik 1.x
|
||||||
- 'traefik.frontend.rule=Host:login.example.com'
|
- 'traefik.frontend.rule=Host:login.example.com'
|
||||||
# Traefik 2.x
|
# Traefik 2.x
|
||||||
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'
|
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.http.routers.authelia_frontend.entrypoints=https'
|
- 'traefik.http.routers.authelia_frontend.entrypoints=https'
|
||||||
- 'traefik.http.routers.authelia_frontend.tls=true'
|
- 'traefik.http.routers.authelia_frontend.tls=true'
|
||||||
- 'traefik.http.services.authelia_frontend.loadbalancer.server.port=3000'
|
- 'traefik.http.services.authelia_frontend.loadbalancer.server.port=3000'
|
||||||
|
@ -16,3 +17,4 @@ services:
|
||||||
- authelianet
|
- authelianet
|
||||||
expose:
|
expose:
|
||||||
- 3000
|
- 3000
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
duo-api:
|
duo-api:
|
||||||
|
@ -5,3 +6,4 @@ services:
|
||||||
context: ./example/compose/duo-api
|
context: ./example/compose/duo-api
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
haproxy:
|
haproxy:
|
||||||
|
@ -10,3 +11,4 @@ services:
|
||||||
authelianet:
|
authelianet:
|
||||||
# Set the IP to be able to query on port 8080
|
# Set the IP to be able to query on port 8080
|
||||||
ipv4_address: 192.168.240.100
|
ipv4_address: 192.168.240.100
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
httpbin:
|
httpbin:
|
||||||
|
@ -17,3 +18,4 @@ services:
|
||||||
- 'traefik.http.routers.httpbin.priority=150'
|
- 'traefik.http.routers.httpbin.priority=150'
|
||||||
- 'traefik.http.routers.httpbin.tls=true'
|
- 'traefik.http.routers.httpbin.tls=true'
|
||||||
- 'traefik.http.routers.httpbin.middlewares=authelia@docker'
|
- 'traefik.http.routers.httpbin.middlewares=authelia@docker'
|
||||||
|
...
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
|
---
|
||||||
kind: Cluster
|
kind: Cluster
|
||||||
apiVersion: kind.x-k8s.io/v1alpha4
|
apiVersion: kind.x-k8s.io/v1alpha4
|
||||||
containerdConfigPatches:
|
containerdConfigPatches:
|
||||||
|
# yamllint disable-line rule:indentation
|
||||||
- |-
|
- |-
|
||||||
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registrycache.internal:5000"]
|
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registrycache.internal:5000"]
|
||||||
endpoint = ["http://registrycache.internal:5000"]
|
endpoint = ["http://registrycache.internal:5000"]
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
authelia-kind-proxy:
|
authelia-kind-proxy:
|
||||||
|
@ -39,4 +40,5 @@ services:
|
||||||
ipv4_address: 192.168.240.110
|
ipv4_address: 192.168.240.110
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
kind-volume:
|
kind-volume: # yamllint disable-line rule:empty-values
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
openldap-admin:
|
openldap-admin:
|
||||||
|
@ -9,3 +10,4 @@ services:
|
||||||
- PHPLDAPADMIN_HTTPS=false
|
- PHPLDAPADMIN_HTTPS=false
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
openldap:
|
openldap:
|
||||||
|
@ -20,3 +21,4 @@ services:
|
||||||
- 'debug'
|
- 'debug'
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
mariadb:
|
mariadb:
|
||||||
|
@ -9,3 +10,4 @@ services:
|
||||||
- MYSQL_DATABASE=authelia
|
- MYSQL_DATABASE=authelia
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
mysql:
|
mysql:
|
||||||
|
@ -9,3 +10,4 @@ services:
|
||||||
- MYSQL_DATABASE=authelia
|
- MYSQL_DATABASE=authelia
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,19 +1,23 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
nginx-backend:
|
nginx-backend:
|
||||||
image: nginx:alpine
|
image: nginx:alpine
|
||||||
labels:
|
labels:
|
||||||
- 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com' # Traefik 1.x
|
# Traefik 1.x
|
||||||
- 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080' # Traefik 1.x
|
- 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true' # Traefik 1.x
|
- 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.frontend.auth.forward.trustForwardHeader=true' # Traefik 1.x
|
- 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true'
|
||||||
- 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 1.x
|
- 'traefik.frontend.auth.forward.trustForwardHeader=true'
|
||||||
- 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`, `public.example.com`, `secure.example.com`, `admin.example.com`, `singlefactor.example.com`)' # Traefik 2.x
|
- 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
|
||||||
- 'traefik.http.routers.protectedapps.entrypoints=https' # Traefik 2.x
|
# Traefik 2.x
|
||||||
- 'traefik.http.routers.protectedapps.tls=true' # Traefik 2.x
|
- 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`,`public.example.com`,`secure.example.com`,`admin.example.com`,`singlefactor.example.com`)' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.http.routers.protectedapps.middlewares=authelia@docker' # Traefik 2.x
|
- 'traefik.http.routers.protectedapps.entrypoints=https'
|
||||||
|
- 'traefik.http.routers.protectedapps.tls=true'
|
||||||
|
- 'traefik.http.routers.protectedapps.middlewares=authelia@docker'
|
||||||
volumes:
|
volumes:
|
||||||
- ./example/compose/nginx/backend/html:/usr/share/nginx/html
|
- ./example/compose/nginx/backend/html:/usr/share/nginx/html
|
||||||
- ./example/compose/nginx/backend/nginx.conf:/etc/nginx/nginx.conf
|
- ./example/compose/nginx/backend/nginx.conf:/etc/nginx/nginx.conf
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
nginx-portal:
|
nginx-portal:
|
||||||
|
@ -14,3 +15,4 @@ services:
|
||||||
- duo.example.com
|
- duo.example.com
|
||||||
# Set the IP to be able to query on port 443
|
# Set the IP to be able to query on port 443
|
||||||
ipv4_address: 192.168.240.100
|
ipv4_address: 192.168.240.100
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: "3"
|
version: "3"
|
||||||
services:
|
services:
|
||||||
postgres:
|
postgres:
|
||||||
|
@ -8,3 +9,4 @@ services:
|
||||||
- POSTGRES_DB=authelia
|
- POSTGRES_DB=authelia
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
redis-node-0:
|
redis-node-0:
|
||||||
|
@ -94,3 +95,4 @@ services:
|
||||||
aliases:
|
aliases:
|
||||||
- redis-sentinel-2.example.com
|
- redis-sentinel-2.example.com
|
||||||
ipv4_address: 192.168.240.122
|
ipv4_address: 192.168.240.122
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
redis:
|
redis:
|
||||||
|
@ -11,3 +12,4 @@ services:
|
||||||
- ./example/compose/redis/entrypoint.sh:/entrypoint.sh
|
- ./example/compose/redis/entrypoint.sh:/entrypoint.sh
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
sambaldap:
|
sambaldap:
|
||||||
|
@ -12,3 +13,4 @@ services:
|
||||||
- NOCOMPLEXITY=true
|
- NOCOMPLEXITY=true
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
smtp:
|
smtp:
|
||||||
|
@ -13,3 +14,4 @@ services:
|
||||||
- 'traefik.http.services.mail.loadbalancer.server.port=1080'
|
- 'traefik.http.services.mail.loadbalancer.server.port=1080'
|
||||||
networks:
|
networks:
|
||||||
- authelianet
|
- authelianet
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
# Simulates client 1.
|
# Simulates client 1.
|
||||||
|
@ -17,3 +18,4 @@ services:
|
||||||
authelianet:
|
authelianet:
|
||||||
# Set the IP to be able to query on port 443
|
# Set the IP to be able to query on port 443
|
||||||
ipv4_address: 192.168.240.202
|
ipv4_address: 192.168.240.202
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
|
@ -22,3 +23,4 @@ services:
|
||||||
authelianet:
|
authelianet:
|
||||||
# Set the IP to be able to query on port 8080
|
# Set the IP to be able to query on port 8080
|
||||||
ipv4_address: 192.168.240.100
|
ipv4_address: 192.168.240.100
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
version: '3'
|
version: '3'
|
||||||
services:
|
services:
|
||||||
traefik:
|
traefik:
|
||||||
|
@ -9,10 +10,11 @@ services:
|
||||||
- 'traefik.http.routers.api.entrypoints=https'
|
- 'traefik.http.routers.api.entrypoints=https'
|
||||||
- 'traefik.http.routers.api.service=api@internal'
|
- 'traefik.http.routers.api.service=api@internal'
|
||||||
- 'traefik.http.routers.api.tls=true'
|
- 'traefik.http.routers.api.tls=true'
|
||||||
- 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # Traefik 2.x
|
# Traefik 2.x
|
||||||
- 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true' # Traefik 2.x
|
- 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # yamllint disable-line rule:line-length
|
||||||
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' # Traefik 2.x
|
- 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true'
|
||||||
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 2.x
|
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
|
||||||
|
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # yamllint disable-line rule:line-length
|
||||||
command:
|
command:
|
||||||
- '--api'
|
- '--api'
|
||||||
- '--providers.docker=true'
|
- '--providers.docker=true'
|
||||||
|
@ -26,3 +28,4 @@ services:
|
||||||
authelianet:
|
authelianet:
|
||||||
# Set the IP to be able to query on port 8080
|
# Set the IP to be able to query on port 8080
|
||||||
ipv4_address: 192.168.240.100
|
ipv4_address: 192.168.240.100
|
||||||
|
...
|
||||||
|
|
|
@ -17,34 +17,34 @@ spec:
|
||||||
app: test-app
|
app: test-app
|
||||||
spec:
|
spec:
|
||||||
containers:
|
containers:
|
||||||
- name: test-app
|
- name: test-app
|
||||||
image: nginx:alpine
|
image: nginx:alpine
|
||||||
command: ["/entrypoint.sh"]
|
command: ["/entrypoint.sh"]
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
mountPath: /entrypoint.sh
|
mountPath: /entrypoint.sh
|
||||||
subPath: entrypoint.sh
|
subPath: entrypoint.sh
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
mountPath: /etc/nginx/nginx.conf
|
mountPath: /etc/nginx/nginx.conf
|
||||||
subPath: nginx.conf
|
subPath: nginx.conf
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
mountPath: /tmp/html.tar.gz
|
mountPath: /tmp/html.tar.gz
|
||||||
subPath: html.tar.gz
|
subPath: html.tar.gz
|
||||||
volumes:
|
volumes:
|
||||||
- name: config-volume
|
- name: config-volume
|
||||||
configMap:
|
configMap:
|
||||||
name: nginx-config
|
name: nginx-config
|
||||||
items:
|
items:
|
||||||
- key: entrypoint.sh
|
- key: entrypoint.sh
|
||||||
path: entrypoint.sh
|
path: entrypoint.sh
|
||||||
mode: 0755
|
mode: 0755 # yamllint disable-line rule:octal-values
|
||||||
- key: nginx.conf
|
- key: nginx.conf
|
||||||
path: nginx.conf
|
path: nginx.conf
|
||||||
- key: html.tar.gz
|
- key: html.tar.gz
|
||||||
path: html.tar.gz
|
path: html.tar.gz
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
|
@ -61,7 +61,7 @@ spec:
|
||||||
name: http
|
name: http
|
||||||
- port: 443
|
- port: 443
|
||||||
name: https
|
name: https
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
|
@ -85,7 +85,7 @@ spec:
|
||||||
backend:
|
backend:
|
||||||
serviceName: test-app-service
|
serviceName: test-app-service
|
||||||
servicePort: 80
|
servicePort: 80
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
|
@ -151,3 +151,4 @@ spec:
|
||||||
backend:
|
backend:
|
||||||
serviceName: test-app-service
|
serviceName: test-app-service
|
||||||
servicePort: 80
|
servicePort: 80
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
###############################################################
|
###############################################################
|
||||||
# Authelia configuration #
|
# Authelia configuration #
|
||||||
###############################################################
|
###############################################################
|
||||||
|
@ -78,8 +79,8 @@ access_control:
|
||||||
policy: two_factor
|
policy: two_factor
|
||||||
|
|
||||||
session:
|
session:
|
||||||
expiration: 3600 # 1 hour
|
expiration: 3600 # 1 hour
|
||||||
inactivity: 300 # 5 minutes
|
inactivity: 300 # 5 minutes
|
||||||
remember_me_duration: 1y
|
remember_me_duration: 1y
|
||||||
domain: example.com
|
domain: example.com
|
||||||
redis:
|
redis:
|
||||||
|
@ -104,3 +105,4 @@ notifier:
|
||||||
port: 1025
|
port: 1025
|
||||||
sender: admin@example.com
|
sender: admin@example.com
|
||||||
disable_require_tls: true
|
disable_require_tls: true
|
||||||
|
...
|
||||||
|
|
|
@ -69,3 +69,4 @@ spec:
|
||||||
path: sql_password
|
path: sql_password
|
||||||
- key: ldap_password
|
- key: ldap_password
|
||||||
path: ldap_password
|
path: ldap_password
|
||||||
|
...
|
||||||
|
|
|
@ -9,14 +9,15 @@ metadata:
|
||||||
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
|
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
|
||||||
spec:
|
spec:
|
||||||
tls:
|
tls:
|
||||||
- secretName: authelia-tls
|
- secretName: authelia-tls
|
||||||
hosts:
|
hosts:
|
||||||
- login.example.com
|
- login.example.com
|
||||||
rules:
|
rules:
|
||||||
- host: login.example.com
|
- host: login.example.com
|
||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
backend:
|
backend:
|
||||||
serviceName: authelia-service
|
serviceName: authelia-service
|
||||||
servicePort: 443
|
servicePort: 443
|
||||||
|
...
|
||||||
|
|
|
@ -8,7 +8,8 @@ metadata:
|
||||||
labels:
|
labels:
|
||||||
app: authelia
|
app: authelia
|
||||||
data:
|
data:
|
||||||
jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0 #an_unsecure_secret
|
jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0 # an_unsecure_secret
|
||||||
ldap_password: cGFzc3dvcmQ= #password
|
ldap_password: cGFzc3dvcmQ= # password
|
||||||
session: dW5zZWN1cmVfcGFzc3dvcmQ= #unsecure_password
|
session: dW5zZWN1cmVfcGFzc3dvcmQ= # unsecure_password
|
||||||
sql_password: cGFzc3dvcmQ= #password
|
sql_password: cGFzc3dvcmQ= # password
|
||||||
|
...
|
||||||
|
|
|
@ -8,6 +8,7 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
app: authelia
|
app: authelia
|
||||||
ports:
|
ports:
|
||||||
- protocol: TCP
|
- protocol: TCP
|
||||||
port: 443
|
port: 443
|
||||||
targetPort: 443
|
targetPort: 443
|
||||||
|
...
|
||||||
|
|
|
@ -4,7 +4,7 @@ kind: ServiceAccount
|
||||||
metadata:
|
metadata:
|
||||||
name: admin-user
|
name: admin-user
|
||||||
namespace: kubernetes-dashboard
|
namespace: kubernetes-dashboard
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1
|
apiVersion: rbac.authorization.k8s.io/v1
|
||||||
kind: ClusterRoleBinding
|
kind: ClusterRoleBinding
|
||||||
|
@ -15,6 +15,7 @@ roleRef:
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
name: cluster-admin
|
name: cluster-admin
|
||||||
subjects:
|
subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: admin-user
|
name: admin-user
|
||||||
namespace: kubernetes-dashboard
|
namespace: kubernetes-dashboard
|
||||||
|
...
|
||||||
|
|
|
@ -23,22 +23,23 @@ spec:
|
||||||
terminationGracePeriodSeconds: 60
|
terminationGracePeriodSeconds: 60
|
||||||
serviceAccountName: nginx-ingress-controller-serviceaccount
|
serviceAccountName: nginx-ingress-controller-serviceaccount
|
||||||
containers:
|
containers:
|
||||||
- image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0
|
- image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0
|
||||||
name: nginx-ingress-controller
|
name: nginx-ingress-controller
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 80
|
- containerPort: 80
|
||||||
- containerPort: 443
|
- containerPort: 443
|
||||||
env:
|
env:
|
||||||
- name: POD_NAME
|
- name: POD_NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: metadata.name
|
fieldPath: metadata.name
|
||||||
- name: POD_NAMESPACE
|
- name: POD_NAMESPACE
|
||||||
valueFrom:
|
valueFrom:
|
||||||
fieldRef:
|
fieldRef:
|
||||||
fieldPath: metadata.namespace
|
fieldPath: metadata.namespace
|
||||||
args:
|
args:
|
||||||
- /nginx-ingress-controller
|
- /nginx-ingress-controller
|
||||||
- --ingress-class=nginx
|
- --ingress-class=nginx
|
||||||
- --election-id=ingress-controller-leader
|
- --election-id=ingress-controller-leader
|
||||||
|
...
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
---
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ServiceAccount
|
kind: ServiceAccount
|
||||||
metadata:
|
metadata:
|
||||||
|
@ -5,7 +6,7 @@ metadata:
|
||||||
namespace: authelia
|
namespace: authelia
|
||||||
labels:
|
labels:
|
||||||
app: nginx-ingress-controller
|
app: nginx-ingress-controller
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
@ -60,7 +61,7 @@ rules:
|
||||||
- ingresses/status
|
- ingresses/status
|
||||||
verbs:
|
verbs:
|
||||||
- update
|
- update
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||||
kind: Role
|
kind: Role
|
||||||
|
@ -104,7 +105,7 @@ rules:
|
||||||
- endpoints
|
- endpoints
|
||||||
verbs:
|
verbs:
|
||||||
- get
|
- get
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||||
kind: RoleBinding
|
kind: RoleBinding
|
||||||
|
@ -121,7 +122,7 @@ subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: nginx-ingress-controller-serviceaccount
|
name: nginx-ingress-controller-serviceaccount
|
||||||
namespace: authelia
|
namespace: authelia
|
||||||
|
...
|
||||||
---
|
---
|
||||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||||
kind: ClusterRoleBinding
|
kind: ClusterRoleBinding
|
||||||
|
@ -137,5 +138,4 @@ subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: nginx-ingress-controller-serviceaccount
|
name: nginx-ingress-controller-serviceaccount
|
||||||
namespace: authelia
|
namespace: authelia
|
||||||
|
...
|
||||||
---
|
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue