docs: github links (#5230)

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
pull/5150/head^2
James Elliott 2023-04-13 20:10:12 +10:00 committed by GitHub
parent 85e9792cf3
commit db130dad48
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 52 additions and 12 deletions

View File

@ -61,7 +61,7 @@ authelia --config configuration.yml,config-acl.yml,config-other.yml
``` ```
Authelia's configuration files use the YAML format. A template with all possible options can be found at the root of the Authelia's configuration files use the YAML format. A template with all possible options can be found at the root of the
repository [here](https://github.com/authelia/authelia/blob/master/config.template.yml). repository {{< github-link name="here" path="config.template.yml" >}}.
*__Important Note:__ You should not have configuration sections such as Access Control Rules or OpenID Connect clients *__Important Note:__ You should not have configuration sections such as Access Control Rules or OpenID Connect clients
configured in multiple files. If you wish to split these into their own files that is fine, but if you have two files that configured in multiple files. If you wish to split these into their own files that is fine, but if you have two files that

View File

@ -16,9 +16,8 @@ toc: true
We document the configuration in two ways: We document the configuration in two ways:
1. The [YAML] configuration template 1. The [YAML] configuration template {{< github-link path="config.template.yml" >}} has comments with very limited
[config.template.yml](https://github.com/authelia/authelia/blob/master/config.template.yml) has comments with very documentation on the effective use of a particular option. All documentation lines start with `##`. Lines
limited documentation on the effective use of a particular option. All documentation lines start with `##`. Lines
starting with a single `#` are [YAML] configuration options which are commented to disable them or as examples. starting with a single `#` are [YAML] configuration options which are commented to disable them or as examples.
2. This documentation site. Generally each section of the configuration is in its own section of the documentation 2. This documentation site. Generally each section of the configuration is in its own section of the documentation
site. Each configuration option is listed in its relevant section as a heading, under that heading generally are two site. Each configuration option is listed in its relevant section as a heading, under that heading generally are two

View File

@ -38,6 +38,23 @@ The additional tools are recommended:
* [yamllint] * [yamllint]
* [VSCodium] or [GoLand] * [VSCodium] or [GoLand]
## Certificate
Authelia utilizes a self-signed Root CA certificate for the development environment. This allows us to sign elements of
the CI process uniformly and only trust a single additional Root CA Certificate. The private key for this certificate is
maintained by the [Core Team] so if you need an additional certificate signed for this purpose please reach out to them.
While developing for Authelia you may also want to trust this Root CA. It is critical that you are aware of what this
means if you decide to do so.
1. It will allow us to generate trusted certificates for machines this is installed on.
2. If compromised there is no formal revocation process at this time as we are not a certified CA.
3. Trusting Root CA's is not necessary for the development process it only makes it smoother.
4. Trusting additional Root CA's for prolonged periods is not generally a good idea.
If you'd still like to trust the Root CA Certificate it's located (encoded as a PEM) in the main git repository at
[/internal/suites/common/pki/ca/ca.public.crt](https://github.com/authelia/authelia/blob/master/internal/suites/common/pki/ca/ca.public.crt).
## Scripts ## Scripts
There is a scripting context provided with __Authelia__ which can easily be configured. It allows running integration There is a scripting context provided with __Authelia__ which can easily be configured. It allows running integration

View File

@ -25,8 +25,8 @@ bootstrapping *Authelia*.
We publish two example [systemd] unit files: We publish two example [systemd] unit files:
* [authelia.service](https://github.com/authelia/authelia/blob/master/authelia.service) * {{< github-link path="authelia.service" >}}
* [authelia@.service](https://github.com/authelia/authelia/blob/master/authelia%40.service) * {{< github-link path="authelia@.service" >}}
## Arch Linux ## Arch Linux

View File

@ -23,24 +23,31 @@ common scenarios however those using more advanced architectures are likely goin
help with answering less specific questions about this and it may be possible if provided adequate information more help with answering less specific questions about this and it may be possible if provided adequate information more
specific questions may be answered. specific questions may be answered.
1. Authelia *__MUST__* be served via the `https` scheme. This is not optional even for testing. This is a deliberate
design decision to improve security directly (by using encrypted communication) and indirectly by reducing complexity.
### Forwarded Authentication ### Forwarded Authentication
Forwarded Authentication is a simple per-request authorization flow that checks the metadata of a request and a session Forwarded Authentication is a simple per-request authorization flow that checks the metadata of a request and a session
cookie to determine if a user must be forwarded to the authentication portal. cookie to determine if a user must be forwarded to the authentication portal.
Due to the fact a cookie is used, it's an intentional design decision that *__ALL__* applications/domains protected via In addition to the `https` scheme requirement for Authelia itself:
1. Due to the fact a cookie is used, it's an intentional design decision that *__ALL__* applications/domains protected via
this method *__MUST__* use secure schemes (`https` and `wss`) for all of their communication. this method *__MUST__* use secure schemes (`https` and `wss`) for all of their communication.
### OpenID Connect ### OpenID Connect
Only requires Authelia to be accessible via a secure scheme (`https`). No additional requirements other than the use of the `https` scheme for Authelia itself exist excluding those mandated
by the relevant specifications.
## Configuration ## Configuration
It's important to customize the configuration for *Authelia* in advance of deploying it. The configuration is static and It's important to customize the configuration for *Authelia* in advance of deploying it. The configuration is static and
not configured via web GUI. You can find a not configured via web GUI. You can find a configuration template named {{< github-link path="config.template.yml" >}}
[configuration template](https://github.com/authelia/authelia/blob/master/config.template.yml) on GitHub which can be on GitHub which can be used as a basis for configuration, alternatively *Authelia* will write this template relevant for
used as a basis for configuration. your version the first time it is started. Users should expect that they have to configure elements of this file as part
of initial setup.
The important sections to consider in initial configuration are as follows: The important sections to consider in initial configuration are as follows:

View File

@ -44,7 +44,7 @@ case you have multiple devices available, you will be asked to select your prefe
### Why don't I have access to the *Push Notification* option? ### Why don't I have access to the *Push Notification* option?
It's likely that you have not configured __Authelia__ correctly. Please read this documentation again and be sure you It's likely that you have not configured __Authelia__ correctly. Please read this documentation again and be sure you
had a look at [config.template.yml](https://github.com/authelia/authelia/blob/master/config.template.yml) and had a look at {{< github-link path="config.template.yml" >}} and
[configuration documentation](../../../configuration/second-factor/duo.md). [configuration documentation](../../../configuration/second-factor/duo.md).
[Duo]: https://duo.com/ [Duo]: https://duo.com/

View File

@ -0,0 +1,17 @@
{{- $repo := "authelia/authelia" }}{{ with .Get "repo" }}{{ $repo = . }}{{ end }}
{{- $branch := printf "v%s" .Site.Data.misc.latest }}{{ with .Get "branch" }}{{ $branch = . }}{{ end }}
{{- $path := "" }}{{ with .Get "path" }}{{ $path = . }}{{ end }}
{{- $link := printf "https://github.com/%s/blob/%s/%s" $repo $branch (urlquery $path) }}
{{- $name := "" }}
{{- with .Get "name" }}
{{- $name = . }}
{{- else }}
{{- if (eq $repo "authelia/authelia") }}
{{- $name = $path }}
{{- else }}
{{- $name = printf "https://github.com/%s/blob/%s/%s" $repo $branch $path }}
{{- end }}
{{- end }}
{{- "" -}}
<a href="{{ $link }}" target="_blank">{{ $name }}</a>
{{- "" -}}