With previous configuration format rules were not ordered between groups and
thus not predictable. Also in some cases `any` must have been a higher
precedence than `groups`. Flattening the rules let the user apply whatever
policy he can think of.
When several rules match the (subject, domain, resource), the first one is
applied.
NOTE: This commit changed the format for declaring ACLs. Be sure to update
your configuration file before upgrading.
The possible values for ACL policies are now: bypass, one_factor, two_factor,
deny.
This change also deprecate auth_methods because the method is now associated
directly to a resource in the ACLs instead of a domain.
I removed some (parts) of comments as requested. Also changed the directory of the users_database.yml. I would add the one/two volume issue into the docker swarm config then.
If using Docker as a medium for Authelia, having both the storage and users_database in one directory is preferable due to only one volume being needed. /etc/authelia cant be this directory, since there are other files in there, hence the subdirectory.
In order to simplify the deployment of Authelia for
testing, LDAP is now optional made optional thanks
to users database stored in a file. One can update
the file manually even while Authelia is running.
With this feature the minimal configuration requires
only two components: Authelia and nginx.
The users database is obviously made for development
environments only as it prevents Authelia to be scaled
to more than one instance.
Note: Configuration has been updated. Key `ldap` has
been nested in `authentication_backend`.
Clement Michaud
Clement Michaud
Philipp Rintz