ci: add yamllint (#1895)

This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit.
pull/1901/head^2
James Elliott 2021-04-11 06:51:00 +10:00 committed by GitHub
parent ad7808d430
commit d33d6c2f00
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
111 changed files with 697 additions and 430 deletions

View File

@ -1,5 +1,7 @@
---
# This represents the hardcoded pipeline set in Buildkite interface which executes the repo provided dynamic pipeline.
# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid secret leaks.
# It is used to ensure that insecure code from external PR cannot be executed before a maintainers approval, to avoid
# secret leaks.
steps:
# Blocking pipeline for master branch deployments (concurrency_group).
- label: ":pipeline: Setup Pipeline"
@ -13,7 +15,7 @@ steps:
command: ".buildkite/pipeline.sh | buildkite-agent pipeline upload"
if: build.branch != "master"
- wait:
- wait: # yamllint disable-line rule:empty-values
if: build.pull_request.repository.fork != true && build.branch !~ /^(dependabot|renovate)\/.*/
# Manual intervention by team required to deploy for forked PRs (prevent secret leakage).
@ -32,9 +34,10 @@ steps:
- label: ":rocket: Setup Deployment"
command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
depends_on: ~
if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true
if: build.branch != "master" && build.branch !~ /^(dependabot|renovate)\/.*/ && build.pull_request.repository.fork != true # yamllint disable-line rule:line-length
# Removed dependency optimisation for forked PRs to enforce block step.
- label: ":rocket: Setup Deployment"
command: ".buildkite/deployment.sh | buildkite-agent pipeline upload"
if: build.pull_request.repository.fork == true
...

View File

@ -1,10 +1,11 @@
---
codecov:
require_ci_to_pass: yes
require_ci_to_pass: true
comment:
layout: "reach, diff, flags, files"
behavior: default
require_changes: no
require_changes: false
coverage:
precision: 2
@ -12,7 +13,7 @@ coverage:
range: "70...100"
status:
project:
default: off
default: false
backend:
base: auto
flags:
@ -38,7 +39,8 @@ ignore:
parsers:
gcov:
branch_detection:
conditional: yes
loop: yes
method: no
macro: no
conditional: true
loop: true
method: false
macro: false
...

20
.github/FUNDING.yml vendored
View File

@ -1,12 +1,14 @@
---
# These are supported funding model platforms
github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: # Replace with a single Patreon username
# github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
# patreon: # Replace with a single Patreon username
open_collective: authelia-sponsors
ko_fi: # Replace with a single Ko-fi username
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
liberapay: # Replace with a single Liberapay username
issuehunt: # Replace with a single IssueHunt username
otechie: # Replace with a single Otechie username
custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
# ko_fi: # Replace with a single Ko-fi username
# tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
# community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
# liberapay: # Replace with a single Liberapay username
# issuehunt: # Replace with a single IssueHunt username
# otechie: # Replace with a single Otechie username
# custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
...

View File

@ -1,11 +1,13 @@
---
blank_issues_enabled: false
contact_links:
- name: Documentation
url: https://www.authelia.com/docs/
about: Read the Documentation
- name: Matrix
url: https://riot.im/app/#/room/#authelia:matrix.org
about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact
- name: Discord
url: https://discord.authelia.com
about: Discuss Authelia with the Developers on Discord which is bridged to Matrix
- name: Documentation
url: https://www.authelia.com/docs/
about: Read the Documentation
- name: Matrix
url: https://riot.im/app/#/room/#authelia:matrix.org
about: Discuss Authelia with the Developers on Matrix which is the preferred method of contact
- name: Discord
url: https://discord.authelia.com
about: Discuss Authelia with the Developers on Discord which is bridged to Matrix
...

View File

@ -1,3 +1,4 @@
---
run:
timeout: 3m
@ -33,7 +34,7 @@ linters:
issues:
exclude:
- Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked
- Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked # yamllint disable-line rule:line-length
- func name will be used as test\.Test.* by other packages, and that stutters; consider calling this
- (possible misuse of unsafe.Pointer|should have signature)
- ineffective break statement. Did you mean to break out of the outer loop
@ -45,3 +46,4 @@ issues:
exclude-use-default: false
max-issues-per-linter: 0
max-same-issues: 0
...

View File

@ -1,3 +1,4 @@
---
runner:
golangci:
cmd: golangci-lint run
@ -10,3 +11,9 @@ runner:
cmd: cd web && eslint -f rdjson '*/**/*.{js,ts,tsx}'
format: rdjson
level: error
yamllint:
cmd: yamllint --format parsable .
errorformat:
- '%f:%l:%c: %m'
level: warning
...

22
.yamllint.yml 100644
View File

@ -0,0 +1,22 @@
---
extends: default
ignore: |
internal/configuration/test_resources/config_bad_quoting.yml
web/node_modules/
compose/
config.template.yml
internal/configuration/config.template.yml
rules:
document-end:
level: warning
empty-values:
level: warning
indentation:
spaces: 2
check-multi-line-strings: true
line-length:
max: 120
octal-values: enable
...

View File

@ -2,7 +2,9 @@
openapi: 3.0.0
info:
title: Authelia API
description: Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal.
description: >
Authelia is an open-source authentication and authorization server providing 2-factor authentication and single
sign-on (SSO) for your applications via a web portal.
contact:
name: Authelia Support
url: https://github.com/authelia/authelia#contact-options
@ -28,7 +30,9 @@ paths:
tags:
- State
summary: Application Configuration
description: The configuration endpoint provides detailed information including available second factor methods, if any second factor policies exist and the TOTP period configuration.
description: >
The configuration endpoint provides detailed information including available second factor methods, if any
second factor policies exist and the TOTP period configuration.
responses:
"200":
description: Successful Operation
@ -39,7 +43,7 @@ paths:
"403":
description: Forbidden
security:
- authelia_auth: [ ]
- authelia_auth: []
/api/health:
get:
tags:
@ -58,7 +62,9 @@ paths:
tags:
- State
summary: User Application State
description: The state endpoint provides detailed information including the user, current authenticate level and Authelia's configured default redirection URL.
description: >
The state endpoint provides detailed information including the user, current authenticate level and Authelia's
configured default redirection URL.
responses:
"200":
description: Successful Operation
@ -71,7 +77,9 @@ paths:
tags:
- Authentication
summary: Verification
description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain.
description: >
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
domain.
parameters:
- $ref: '#/components/parameters/originalURLParam'
- $ref: '#/components/parameters/forwardedMethodParam'
@ -108,7 +116,9 @@ paths:
tags:
- Authentication
summary: Verification
description: The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified domain.
description: >
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
domain.
parameters:
- $ref: '#/components/parameters/originalURLParam'
- $ref: '#/components/parameters/forwardedMethodParam'
@ -146,7 +156,8 @@ paths:
tags:
- Authentication
summary: Login
description: The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization.
description: >
The firstfactor endpoint allows a user to login and generates an authentication cookie for authorization.
requestBody:
content:
application/json:
@ -184,13 +195,19 @@ paths:
schema:
$ref: '#/components/schemas/middlewares.OkResponse'
security:
- authelia_auth: [ ]
- authelia_auth: []
/api/reset-password/identity/start:
post:
tags:
- Password Reset
summary: Identity Verification Token Creation
description: "This endpoint is step 1 of 3 in the password reset process.\n\nIt validates the user session and sends the user an email with a token and a link to reset their password. This step also generates a session cookie for the rest of the process.\n\nThe same session cookie must be used for all steps in this process."
description: >
This endpoint is step 1 of 3 in the password reset process.
It validates the user session and sends the user an email with a token and a link to reset their password. This
step also generates a session cookie for the rest of the process.
The same session cookie must be used for all steps in this process.
requestBody:
required: true
content:
@ -211,7 +228,12 @@ paths:
tags:
- Password Reset
summary: Identity Verification Token Validation
description: "This endpoint is step 2 of 3 in the password reset process.\n\nIt validates the user session and reset token.\n\nThe same session cookie must be used for all steps in this process."
description: >
This endpoint is step 2 of 3 in the password reset process.
It validates the user session and reset token.
The same session cookie must be used for all steps in this process.
requestBody:
required: true
content:
@ -232,7 +254,12 @@ paths:
tags:
- Password Reset
summary: Password Reset
description: "This endpoint is step 3 of 3 in the password reset process.\n\nIt validates the user session and changes the password.\n\nThe same session cookie must be used for all steps in this process."
description: >
This endpoint is step 3 of 3 in the password reset process.
It validates the user session and changes the password.
The same session cookie must be used for all steps in this process.
requestBody:
required: true
content:
@ -253,7 +280,9 @@ paths:
tags:
- User Information
summary: User Configuration
description: The user info endpoint provides detailed information including a users display name, preferred and registered second factor method(s).
description: >
The user info endpoint provides detailed information including a users display name, preferred and registered
second factor method(s).
responses:
"200":
description: Successful Operation
@ -264,7 +293,7 @@ paths:
"403":
description: Forbidden
security:
- authelia_auth: [ ]
- authelia_auth: []
/api/user/info/2fa_method:
post:
tags:
@ -286,13 +315,17 @@ paths:
"403":
description: Forbidden
security:
- authelia_auth: [ ]
- authelia_auth: []
/api/secondfactor/totp/identity/start:
post:
tags:
- Second Factor
summary: Identity Verification TOTP Token Creation
description: "This endpoint performs identity verification to begin the TOTP device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent step in the `/api/secondfactor/totp/identity/finish` endpoint."
description: >
This endpoint performs identity verification to begin the TOTP device registration process.
The session generated from this endpoint must be utilised for the subsequent step in the
`/api/secondfactor/totp/identity/finish` endpoint.
responses:
"200":
description: Successful Operation
@ -307,7 +340,12 @@ paths:
tags:
- Second Factor
summary: Identity Verification TOTP Token Validation and Device Creation
description: "This endpoint performs identity and token verification, upon success also generates TOTP device secret and registers said device.\n\nThe session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the step here"
description: >
This endpoint performs identity and token verification, upon success also generates TOTP device secret and
registers said device.
The session cookie generated from the `/api/secondfactor/totp/identity/start` endpoint must be utilised for the
step here.
requestBody:
required: true
content:
@ -328,7 +366,7 @@ paths:
tags:
- Second Factor
summary: Second Factor Authentication - TOTP
description: "This endpoint performs second factor authentication with a TOTP key."
description: This endpoint performs second factor authentication with a TOTP key.
requestBody:
required: true
content:
@ -355,7 +393,7 @@ paths:
tags:
- Second Factor
summary: Second Factor Authentication - U2F (Request)
description: "This endpoint starts the second factor authentication process with the U2F key."
description: This endpoint starts the second factor authentication process with the U2F key.
responses:
"200":
description: Successful Operation
@ -395,7 +433,11 @@ paths:
tags:
- Second Factor
summary: Identity Verification U2F Token Creation
description: "This endpoint performs identity verification to begin the U2F device registration process.\n\nThe session generated from this endpoint must be utilised for the subsequent steps in the `/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints."
description: >
This endpoint performs identity verification to begin the U2F device registration process.
The session generated from this endpoint must be utilised for the subsequent steps in the
`/api/secondfactor/u2f/identity/finish` and `/api/secondfactor/u2f/register` endpoints.
responses:
"200":
description: Successful Operation
@ -410,7 +452,12 @@ paths:
tags:
- Second Factor
summary: Identity Verification U2F Token Validation
description: "This endpoint performs identity and token verification, upon success generates a U2F device registration challenge.\n\nThe session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint."
description: >
This endpoint performs identity and token verification, upon success generates a U2F device registration
challenge.
The session cookie generated from the `/api/secondfactor/u2f/identity/start` endpoint must be utilised for the
subsequent steps here and in the `/api/secondfactor/u2f/register` endpoint.
requestBody:
required: true
content:
@ -431,7 +478,7 @@ paths:
tags:
- Second Factor
summary: U2F Device Registration
description: "This endpoint performs U2F device registration."
description: This endpoint performs U2F device registration.
requestBody:
required: true
content:
@ -452,7 +499,7 @@ paths:
tags:
- Second Factor
summary: Second Factor Authentication - Duo Mobile Push
description: "This endpoint performs second factor authentication with a Duo Mobile Push."
description: This endpoint performs second factor authentication with a Duo Mobile Push.
requestBody:
required: true
content:
@ -634,7 +681,7 @@ components:
example: 5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q
otpauth_url:
type: string
example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q
example: otpauth://totp/auth.example.com:john?algorithm=SHA1&digits=6&issuer=auth.example.com&period=30&secret=5ZH7Y5CTFWOXN7EOLGBMMXADRNQFHVUDZSYKCN5HMFAIRSLAWY3Q # yamllint disable-line rule:line-length
handlers.UserInfo:
type: object
properties:
@ -682,7 +729,7 @@ components:
properties:
token:
type: string
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY
example: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDc5MjU1OTYsImlzcyI6IkF1dGhlbGlhIiwiYWN0aW9uIjoiUmVzZXRQYXNzd29yZCIsInVzZXJuYW1lIjoiQW1pciJ9.636yqRrUCGCe4jsMCsonleX5CYWHncYqZum-YYb6VaY # yamllint disable-line rule:line-length
middlewares.OkResponse:
type: object
properties:
@ -771,3 +818,4 @@ components:
type: apiKey
name: "{{.Session}}"
in: cookie
...

View File

@ -1,3 +1,4 @@
---
title: Authelia
email: clement.michaud34@gmail.com
description: Authelia is an open source multi-factor single sign-on portal for web applications
@ -6,10 +7,13 @@ baseurl: "/docs/"
# url: "https://www.authelia.com"
repository: https://github.com/authelia/authelia
logo: ./images/authelia-title.png
footer_content: "Copyright &copy; 2020 Authelia. Distributed by an <a href=\"https://github.com/authelia/authelia/blob/master/LICENSE\">Apache 2.0 license.</a>"
footer_content: >
Copyright &copy; 2021 Authelia. Distributed by an
<a href=\"https://github.com/authelia/authelia/blob/master/LICENSE\">Apache 2.0 license.</a>
markdown: kramdown
theme: just-the-docs
keep_files:
- .git
- CNAME
ga_tracking: UA-124926127-1
...

View File

@ -1,3 +1,5 @@
# yamllint disable rule:line-length
---
###############################################################
# Users Database #
###############################################################
@ -7,8 +9,10 @@
users:
authelia:
displayname: "Test User"
password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk" # Password is 'authelia'
password: "$argon2id$v=19$m=32768,t=1,p=8$eUhVT1dQa082YVk2VUhDMQ$E8QI4jHbUBt3EdsU1NFDu4Bq5jObKNx7nBKSn1EYQxk" # Password is 'authelia'
email: authelia@authelia.com
groups:
- admins
- dev
...
# yamllint enable rule:line-length

View File

@ -164,7 +164,7 @@ func TestShouldErrorParseBadConfigFile(t *testing.T) {
require.Len(t, errors, 1)
require.EqualError(t, errors[0], "Error malformed yaml: line 23: did not find expected alphabetic or numeric character")
require.EqualError(t, errors[0], "Error malformed yaml: line 24: did not find expected alphabetic or numeric character")
}
func TestShouldParseConfigFile(t *testing.T) {

View File

@ -1,7 +1,4 @@
###############################################################
# Authelia configuration #
###############################################################
---
host: 127.0.0.1
port: 9091
@ -95,8 +92,8 @@ access_control:
session:
name: authelia_session
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
domain: example.com
redis:
host: 127.0.0.1
@ -123,3 +120,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,7 +1,4 @@
###############################################################
# Authelia configuration #
###############################################################
---
host: 127.0.0.1
port: 9091
@ -95,8 +92,8 @@ access_control:
session:
name: authelia_session
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
domain: example.com
redis:
host: 127.0.0.1
@ -121,3 +118,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,7 +1,4 @@
###############################################################
# Authelia configuration #
###############################################################
---
host: 127.0.0.1
port: 9091
loggy_file: /config/svc.log
@ -96,8 +93,8 @@ access_control:
session:
name: authelia_session
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
domain: example.com
redis:
host: 127.0.0.1
@ -122,3 +119,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
host: 0.0.0.0
port: 9091
log_level: debug
@ -50,3 +51,4 @@ notifier:
host: smtp.gmail.com
port: 465
sender: example.com
...

View File

@ -1,7 +1,4 @@
###############################################################
# Authelia configuration #
###############################################################
---
host: 127.0.0.1
port: 9091
jwt_secret: secret_from_config
@ -96,8 +93,8 @@ access_control:
session:
name: authelia_session
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
expiration: 3600000 # 1 hour
inactivity: 300000 # 5 minutes
domain: example.com
redis:
host: 127.0.0.1
@ -122,3 +119,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -36,8 +37,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -70,3 +71,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,6 +1,8 @@
---
version: '3'
services:
authelia-backend:
volumes:
- './ActiveDirectory/configuration.yml:/config/configuration.yml:ro'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -17,8 +18,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -45,3 +46,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './BypassAll/configuration.yml:/config/configuration.yml:ro'
- './BypassAll/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -17,8 +18,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -40,3 +41,4 @@ access_control:
notifier:
filesystem:
filename: /config/notification.txt
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './CLI/configuration.yml:/config/configuration.yml:ro'
- './CLI/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,4 +1,5 @@
###############################################################
---
##############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -19,8 +20,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -83,3 +84,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './Docker/configuration.yml:/config/configuration.yml:ro'
- './Docker/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -19,8 +20,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
# Configuration of the storage backend used to store data and secrets. i.e. totp data
@ -99,3 +100,4 @@ regulation:
notifier:
filesystem:
filename: /tmp/notifier.html
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './DuoPush/configuration.yml:/config/configuration.yml:ro'
- './DuoPush/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -17,8 +18,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -43,3 +44,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './HAProxy/configuration.yml:/config/configuration.yml:ro'
- './HAProxy/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia configuration #
###############################################################
@ -81,8 +82,8 @@ access_control:
session:
name: authelia_session
secret: unsecure_session_secret
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
domain: example.com
redis:
username: authelia
@ -119,3 +120,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,6 +1,8 @@
---
version: '3'
services:
authelia-backend:
volumes:
- './HighAvailability/configuration.yml:/config/configuration.yml:ro'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -22,7 +23,7 @@ authentication_backend:
base_dn: dc=example,dc=com
username_attribute: uid
additional_users_dn: ou=users
users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson))
users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson)) # yamllint disable-line rule:line-length
additional_groups_dn: ou=groups
groups_filter: (&(member={dn})(objectclass=groupOfNames))
group_name_attribute: cn
@ -34,8 +35,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -68,3 +69,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,6 +1,8 @@
---
version: '3'
services:
authelia-backend:
volumes:
- './LDAP/configuration.yml:/config/configuration.yml:ro'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -19,8 +20,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
# Configuration of the storage backend used to store data and secrets. i.e. totp data
@ -69,3 +70,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './Mariadb/configuration.yml:/config/configuration.yml:ro'
- './Mariadb/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -19,8 +20,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
# Configuration of the storage backend used to store data and secrets. i.e. totp data
@ -69,3 +70,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './MySQL/configuration.yml:/config/configuration.yml:ro'
- './MySQL/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -17,8 +18,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
# Configuration of the storage backend used to store data and secrets. i.e. totp data
@ -67,3 +68,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './NetworkACL/configuration.yml:/config/configuration.yml:ro'
- './NetworkACL/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -19,8 +20,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -42,3 +43,4 @@ access_control:
notifier:
filesystem:
filename: /tmp/notifier.html
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './OneFactorOnly/configuration.yml:/config/configuration.yml:ro'
- './OneFactorOnly/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -20,8 +21,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -46,3 +47,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './PathPrefix/configuration.yml:/config/configuration.yml:ro'
- './PathPrefix/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -19,8 +20,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
# Configuration of the storage backend used to store data and secrets. i.e. totp data
@ -69,3 +70,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './Postgres/configuration.yml:/config/configuration.yml:ro'
- './Postgres/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -74,3 +75,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './ShortTimeouts/configuration.yml:/config/configuration.yml:ro'
- './ShortTimeouts/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -14,8 +15,8 @@ authentication_backend:
session:
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -83,3 +84,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -10,3 +11,4 @@ services:
- './common/ssl:/config/ssl:ro'
- '/tmp:/tmp'
user: ${USER_ID}:${GROUP_ID}
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -17,8 +18,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
@ -43,3 +44,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './Traefik/configuration.yml:/config/configuration.yml:ro'
- './Traefik/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia minimal configuration #
###############################################################
@ -17,8 +18,8 @@ authentication_backend:
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
redis:
host: redis
@ -48,3 +49,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -5,3 +6,4 @@ services:
- './Traefik2/configuration.yml:/config/configuration.yml:ro'
- './Traefik2/users.yml:/config/users.yml'
- './common/ssl:/config/ssl:ro'
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Users Database #
###############################################################
@ -8,7 +9,7 @@
users:
john:
displayname: "John Doe"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: john.doe@authelia.com
groups:
- admins
@ -16,18 +17,19 @@ users:
harry:
displayname: "Harry Potter"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: harry.potter@authelia.com
groups: []
bob:
displayname: "Bob Dylan"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: bob.dylan@authelia.com
groups:
- dev
james:
displayname: "James Dean"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/"
password: "$6$rounds=500000$jgiCMRyGXzoqpxS3$w2pJeZnnH8bwW3zzvoMWtTRfQYsHbWbD/hquuQ5vUeIyl9gdwBIt6RWk2S6afBA0DPakbeWgD/4SZPiS0hYtU/" # yamllint disable-line rule:line-length
email: james.dean@authelia.com
...

View File

@ -1,3 +1,4 @@
---
version: '3'
networks:
authelianet:
@ -5,3 +6,4 @@ networks:
ipam:
config:
- subnet: 192.168.240.0/24
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -23,7 +24,7 @@ services:
- 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
- 'traefik.protocol=https'
# Traefik 2.x
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' # yamllint disable-line rule:line-length
- 'traefik.http.routers.authelia_backend.entrypoints=https'
- 'traefik.http.routers.authelia_backend.tls=true'
- 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
@ -32,3 +33,4 @@ services:
networks:
authelianet:
ipv4_address: 192.168.240.50
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-backend:
@ -7,7 +8,7 @@ services:
- 'traefik.frontend.rule=Host:login.example.com;PathPrefix:/api'
- 'traefik.protocol=https'
# Traefik 2.x
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)'
- 'traefik.http.routers.authelia_backend.rule=Host(`login.example.com`) && PathPrefix(`/api`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/api/`)' # yamllint disable-line rule:line-length
- 'traefik.http.routers.authelia_backend.entrypoints=https'
- 'traefik.http.routers.authelia_backend.tls=true'
- 'traefik.http.services.authelia_backend.loadbalancer.server.scheme=https'
@ -19,3 +20,4 @@ services:
networks:
authelianet:
ipv4_address: 192.168.240.50
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-frontend:
@ -17,10 +18,11 @@ services:
# Traefik 1.x
- 'traefik.frontend.rule=Host:login.example.com'
# Traefik 2.x
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' # yamllint disable-line rule:line-length
- 'traefik.http.routers.authelia_frontend.entrypoints=https'
- 'traefik.http.routers.authelia_frontend.tls=true'
environment:
- PUBLIC_URL=${PathPrefix}
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-frontend:
@ -8,7 +9,7 @@ services:
# Traefik 1.x
- 'traefik.frontend.rule=Host:login.example.com'
# Traefik 2.x
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)'
- 'traefik.http.routers.authelia_frontend.rule=Host(`login.example.com`) || Host(`login.example.com`) && PathPrefix(`${PathPrefix}/`)' # yamllint disable-line rule:line-length
- 'traefik.http.routers.authelia_frontend.entrypoints=https'
- 'traefik.http.routers.authelia_frontend.tls=true'
- 'traefik.http.services.authelia_frontend.loadbalancer.server.port=3000'
@ -16,3 +17,4 @@ services:
- authelianet
expose:
- 3000
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
duo-api:
@ -5,3 +6,4 @@ services:
context: ./example/compose/duo-api
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
haproxy:
@ -10,3 +11,4 @@ services:
authelianet:
# Set the IP to be able to query on port 8080
ipv4_address: 192.168.240.100
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
httpbin:
@ -17,3 +18,4 @@ services:
- 'traefik.http.routers.httpbin.priority=150'
- 'traefik.http.routers.httpbin.tls=true'
- 'traefik.http.routers.httpbin.middlewares=authelia@docker'
...

View File

@ -1,6 +1,9 @@
---
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
containerdConfigPatches:
# yamllint disable-line rule:indentation
- |-
[plugins."io.containerd.grpc.v1.cri".registry.mirrors."registrycache.internal:5000"]
endpoint = ["http://registrycache.internal:5000"]
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
authelia-kind-proxy:
@ -39,4 +40,5 @@ services:
ipv4_address: 192.168.240.110
volumes:
kind-volume:
kind-volume: # yamllint disable-line rule:empty-values
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
openldap-admin:
@ -9,3 +10,4 @@ services:
- PHPLDAPADMIN_HTTPS=false
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
openldap:
@ -20,3 +21,4 @@ services:
- 'debug'
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
mariadb:
@ -9,3 +10,4 @@ services:
- MYSQL_DATABASE=authelia
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
mysql:
@ -9,3 +10,4 @@ services:
- MYSQL_DATABASE=authelia
networks:
- authelianet
...

View File

@ -1,19 +1,23 @@
---
version: '3'
services:
nginx-backend:
image: nginx:alpine
labels:
- 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com' # Traefik 1.x
- 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080' # Traefik 1.x
- 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true' # Traefik 1.x
- 'traefik.frontend.auth.forward.trustForwardHeader=true' # Traefik 1.x
- 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 1.x
- 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`, `public.example.com`, `secure.example.com`, `admin.example.com`, `singlefactor.example.com`)' # Traefik 2.x
- 'traefik.http.routers.protectedapps.entrypoints=https' # Traefik 2.x
- 'traefik.http.routers.protectedapps.tls=true' # Traefik 2.x
- 'traefik.http.routers.protectedapps.middlewares=authelia@docker' # Traefik 2.x
# Traefik 1.x
- 'traefik.frontend.rule=Host:home.example.com,public.example.com,secure.example.com,admin.example.com,singlefactor.example.com' # yamllint disable-line rule:line-length
- 'traefik.frontend.auth.forward.address=https://authelia-backend:9091/api/verify?rd=https://login.example.com:8080' # yamllint disable-line rule:line-length
- 'traefik.frontend.auth.forward.tls.insecureSkipVerify=true'
- 'traefik.frontend.auth.forward.trustForwardHeader=true'
- 'traefik.frontend.auth.forward.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email'
# Traefik 2.x
- 'traefik.http.routers.protectedapps.rule=Host(`home.example.com`,`public.example.com`,`secure.example.com`,`admin.example.com`,`singlefactor.example.com`)' # yamllint disable-line rule:line-length
- 'traefik.http.routers.protectedapps.entrypoints=https'
- 'traefik.http.routers.protectedapps.tls=true'
- 'traefik.http.routers.protectedapps.middlewares=authelia@docker'
volumes:
- ./example/compose/nginx/backend/html:/usr/share/nginx/html
- ./example/compose/nginx/backend/nginx.conf:/etc/nginx/nginx.conf
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
nginx-portal:
@ -14,3 +15,4 @@ services:
- duo.example.com
# Set the IP to be able to query on port 443
ipv4_address: 192.168.240.100
...

View File

@ -1,3 +1,4 @@
---
version: "3"
services:
postgres:
@ -8,3 +9,4 @@ services:
- POSTGRES_DB=authelia
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
redis-node-0:
@ -94,3 +95,4 @@ services:
aliases:
- redis-sentinel-2.example.com
ipv4_address: 192.168.240.122
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
redis:
@ -11,3 +12,4 @@ services:
- ./example/compose/redis/entrypoint.sh:/entrypoint.sh
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
sambaldap:
@ -12,3 +13,4 @@ services:
- NOCOMPLEXITY=true
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
smtp:
@ -13,3 +14,4 @@ services:
- 'traefik.http.services.mail.loadbalancer.server.port=1080'
networks:
- authelianet
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
# Simulates client 1.
@ -17,3 +18,4 @@ services:
authelianet:
# Set the IP to be able to query on port 443
ipv4_address: 192.168.240.202
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
traefik:
@ -22,3 +23,4 @@ services:
authelianet:
# Set the IP to be able to query on port 8080
ipv4_address: 192.168.240.100
...

View File

@ -1,3 +1,4 @@
---
version: '3'
services:
traefik:
@ -9,10 +10,11 @@ services:
- 'traefik.http.routers.api.entrypoints=https'
- 'traefik.http.routers.api.service=api@internal'
- 'traefik.http.routers.api.tls=true'
- 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # Traefik 2.x
- 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true' # Traefik 2.x
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true' # Traefik 2.x
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # Traefik 2.x
# Traefik 2.x
- 'traefik.http.middlewares.authelia.forwardauth.address=https://authelia-backend:9091${PathPrefix}/api/verify?rd=https://login.example.com:8080${PathPrefix}' # yamllint disable-line rule:line-length
- 'traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true'
- 'traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true'
- 'traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User, Remote-Groups, Remote-Name, Remote-Email' # yamllint disable-line rule:line-length
command:
- '--api'
- '--providers.docker=true'
@ -26,3 +28,4 @@ services:
authelianet:
# Set the IP to be able to query on port 8080
ipv4_address: 192.168.240.100
...

View File

@ -17,34 +17,34 @@ spec:
app: test-app
spec:
containers:
- name: test-app
image: nginx:alpine
command: ["/entrypoint.sh"]
ports:
- containerPort: 80
volumeMounts:
- name: config-volume
mountPath: /entrypoint.sh
subPath: entrypoint.sh
- name: config-volume
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
- name: config-volume
mountPath: /tmp/html.tar.gz
subPath: html.tar.gz
- name: test-app
image: nginx:alpine
command: ["/entrypoint.sh"]
ports:
- containerPort: 80
volumeMounts:
- name: config-volume
mountPath: /entrypoint.sh
subPath: entrypoint.sh
- name: config-volume
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
- name: config-volume
mountPath: /tmp/html.tar.gz
subPath: html.tar.gz
volumes:
- name: config-volume
configMap:
name: nginx-config
items:
- key: entrypoint.sh
path: entrypoint.sh
mode: 0755
- key: nginx.conf
path: nginx.conf
- key: html.tar.gz
path: html.tar.gz
- name: config-volume
configMap:
name: nginx-config
items:
- key: entrypoint.sh
path: entrypoint.sh
mode: 0755 # yamllint disable-line rule:octal-values
- key: nginx.conf
path: nginx.conf
- key: html.tar.gz
path: html.tar.gz
...
---
apiVersion: v1
kind: Service
@ -61,7 +61,7 @@ spec:
name: http
- port: 443
name: https
...
---
apiVersion: extensions/v1beta1
kind: Ingress
@ -85,7 +85,7 @@ spec:
backend:
serviceName: test-app-service
servicePort: 80
...
---
apiVersion: extensions/v1beta1
kind: Ingress
@ -151,3 +151,4 @@ spec:
backend:
serviceName: test-app-service
servicePort: 80
...

View File

@ -1,3 +1,4 @@
---
###############################################################
# Authelia configuration #
###############################################################
@ -78,8 +79,8 @@ access_control:
policy: two_factor
session:
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
domain: example.com
redis:
@ -104,3 +105,4 @@ notifier:
port: 1025
sender: admin@example.com
disable_require_tls: true
...

View File

@ -69,3 +69,4 @@ spec:
path: sql_password
- key: ldap_password
path: ldap_password
...

View File

@ -9,14 +9,15 @@ metadata:
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
spec:
tls:
- secretName: authelia-tls
hosts:
- login.example.com
- secretName: authelia-tls
hosts:
- login.example.com
rules:
- host: login.example.com
http:
paths:
- path: /
backend:
serviceName: authelia-service
servicePort: 443
- host: login.example.com
http:
paths:
- path: /
backend:
serviceName: authelia-service
servicePort: 443
...

View File

@ -8,7 +8,8 @@ metadata:
labels:
app: authelia
data:
jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0 #an_unsecure_secret
ldap_password: cGFzc3dvcmQ= #password
session: dW5zZWN1cmVfcGFzc3dvcmQ= #unsecure_password
sql_password: cGFzc3dvcmQ= #password
jwt_secret: YW5fdW5zZWN1cmVfc2VjcmV0 # an_unsecure_secret
ldap_password: cGFzc3dvcmQ= # password
session: dW5zZWN1cmVfcGFzc3dvcmQ= # unsecure_password
sql_password: cGFzc3dvcmQ= # password
...

View File

@ -8,6 +8,7 @@ spec:
selector:
app: authelia
ports:
- protocol: TCP
port: 443
targetPort: 443
- protocol: TCP
port: 443
targetPort: 443
...

View File

@ -4,7 +4,7 @@ kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
...
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
@ -15,6 +15,7 @@ roleRef:
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
...

View File

@ -23,22 +23,23 @@ spec:
terminationGracePeriodSeconds: 60
serviceAccountName: nginx-ingress-controller-serviceaccount
containers:
- image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0
name: nginx-ingress-controller
imagePullPolicy: Always
ports:
- containerPort: 80
- containerPort: 443
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
args:
- /nginx-ingress-controller
- --ingress-class=nginx
- --election-id=ingress-controller-leader
- image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.23.0
name: nginx-ingress-controller
imagePullPolicy: Always
ports:
- containerPort: 80
- containerPort: 443
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
args:
- /nginx-ingress-controller
- --ingress-class=nginx
- --election-id=ingress-controller-leader
...

View File

@ -1,3 +1,4 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
@ -5,7 +6,7 @@ metadata:
namespace: authelia
labels:
app: nginx-ingress-controller
...
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
@ -60,7 +61,7 @@ rules:
- ingresses/status
verbs:
- update
...
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
@ -104,7 +105,7 @@ rules:
- endpoints
verbs:
- get
...
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
@ -121,7 +122,7 @@ subjects:
- kind: ServiceAccount
name: nginx-ingress-controller-serviceaccount
namespace: authelia
...
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
@ -137,5 +138,4 @@ subjects:
- kind: ServiceAccount
name: nginx-ingress-controller-serviceaccount
namespace: authelia
---
...

Some files were not shown because too many files have changed in this diff Show More