102 lines
1.9 KiB
YAML
102 lines
1.9 KiB
YAML
|
default_redirection_url: https://portal.bhasher.com
|
||
|
theme: dark
|
||
|
|
||
|
server:
|
||
|
host: 0.0.0.0
|
||
|
port: 9091
|
||
|
|
||
|
log:
|
||
|
level: info
|
||
|
|
||
|
totp:
|
||
|
disable: false
|
||
|
issuer: idp.bhasher.com
|
||
|
algorithm: sha256
|
||
|
digits: 6
|
||
|
period: 30
|
||
|
skew: 1
|
||
|
secret_size: 32
|
||
|
|
||
|
authentication_backend:
|
||
|
password_reset:
|
||
|
disable: false
|
||
|
refresh_interval: 5m
|
||
|
ldap:
|
||
|
user: cn=readonly,dc=bhasher,dc=com
|
||
|
implementation: custom
|
||
|
url: ldap://openldap
|
||
|
timeout: 5s
|
||
|
start_tls: false
|
||
|
base_dn: DC=bhasher,DC=com
|
||
|
username_attribute: uid
|
||
|
additional_users_dn: ou=users
|
||
|
users_filter: (&({username_attribute}={input})(objectClass=inetOrgPerson))
|
||
|
additional_groups_dn: ou=groups
|
||
|
groups_filter: (&(uniqueMember={dn})(objectClass=groupOfUniqueNames))
|
||
|
group_name_attribute: cn
|
||
|
mail_attribute: mail
|
||
|
display_name_attribute: cn
|
||
|
permit_referrals: false
|
||
|
|
||
|
access_control:
|
||
|
default_policy: deny
|
||
|
rules:
|
||
|
- domain: '*.bhasher.com'
|
||
|
policy: two_factor
|
||
|
subject:
|
||
|
- "group:admin"
|
||
|
- domain: 'radarr.bhasher.com'
|
||
|
policy: two_factor
|
||
|
subject:
|
||
|
- "group:mediaserver"
|
||
|
- domain: 'sonarr.bhasher.com'
|
||
|
policy: two_factor
|
||
|
subject:
|
||
|
- "group:mediaserver"
|
||
|
- domain: 'jellyfin.bhasher.com'
|
||
|
policy: two_factor
|
||
|
subject:
|
||
|
- "group:mediaserver"
|
||
|
|
||
|
session:
|
||
|
name: auth_session
|
||
|
domain: bhasher.com
|
||
|
same_site: lax
|
||
|
expiration: 1d
|
||
|
inactivity: 3h
|
||
|
remember_me_duration: 1w
|
||
|
redis:
|
||
|
host: redis
|
||
|
port: 6379
|
||
|
|
||
|
regulation:
|
||
|
max_retries: 3
|
||
|
find_time: 1m
|
||
|
ban_time: 5m
|
||
|
|
||
|
storage:
|
||
|
# local:
|
||
|
# path: /data/db.sqlite3
|
||
|
postgres:
|
||
|
host: postgres
|
||
|
port: 5432
|
||
|
database: authelia
|
||
|
schema: public
|
||
|
username: postgres
|
||
|
|
||
|
notifier:
|
||
|
smtp:
|
||
|
host: bdubois.io
|
||
|
port: 587
|
||
|
sender: no-reply@bhasher.com
|
||
|
|
||
|
password_policy:
|
||
|
standard:
|
||
|
enabled: true
|
||
|
min_length: 8
|
||
|
max_length: 0
|
||
|
require_uppercase: false
|
||
|
require_lowercase: false
|
||
|
require_number: false
|
||
|
require_special: false
|