authelia config cleanup

auth/compose.yaml

@@ -6,7 +6,8 @@ services:
     networks:
       - caddy_default
     volumes:
-      - /docker/data/auth/config:/config
+      - /docker/data/auth/db:/db
+      - ./config:/config:ro
 networks:
   caddy_default:
     external: true

auth/config/configuration.yml

@@ -0,0 +1,72 @@
+theme: 'dark'
+
+default_2fa_method: 'totp'
+
+totp:
+  issuer: 'auth.aggtaa.com'
+
+identity_validation:
+  reset_password:
+    jwt_secret: 'ShnKq2VDRwA1fMxwhmPmkj3DJdt40CqO6WWyDKmdohFQH7WAypikiq109yKf9nUv'
+
+authentication_backend:
+  file:
+    path: '/config/users_database.yml'
+    watch: true
+    search:
+      email: false
+      case_insensitive: false
+    password:
+      algorithm: 'argon2'
+      argon2:
+        variant: 'argon2id'
+        iterations: 3
+        memory: 65536
+        parallelism: 4
+        key_length: 32
+        salt_length: 16
+
+access_control:
+  default_policy: 'deny'
+
+  rules:
+    - domain: "*.aggtaa.com"
+      policy: two_factor
+      networks:
+        - 192.168.0.0/16
+        - 10.0.0.0/8
+        - 172.16.0.0/12
+
+    - domain: "*.aggtaa.com"
+      policy: two_factor
+
+session:
+  name: 'aas'
+  secret: 'It1PZBvUNXvfbRnaOSBkupXxCMt8FRrc'
+  cookies:
+    - name: 'aas'
+      domain: 'aggtaa.com'
+      authelia_url: 'https://auth.aggtaa.com'
+
+regulation:
+  max_retries: 3
+  find_time: '2 minutes'
+  ban_time: '5 minutes'
+
+storage:
+  encryption_key: '8Ei4XmiFM1GF7EWxiHyyReEWSuUgc4zH'
+  local:
+    path: '/db/db.sqlite3'
+
+notifier:
+  smtp:
+    address: 'smtp://mail-eu.smtp2go.com:587'
+    username: 'robot@aggtaa.com'
+    password: 'ULCKdUexeCQVgDl3'
+    sender: 'auth.aggtaa.com <robot@aggtaa.com>'
+
+    subject: 'auth.aggtaa.com: {title}'
+
+    tls:
+      server_name: 'mail-eu.smtp2go.com'
+

auth/config/users_database.yml

@@ -0,0 +1,47 @@
+users:
+    anton:
+        password: $argon2id$v=19$m=65536,t=3,p=4$1V2lonkSH9bZoCrHm0eIkg$J4CiQ9fb0GXsadxLSOqkdPwQQZMcqFd0MIIgI8hY7VA
+        displayname: Anton Zykov
+        email: anton@ormo.cc
+        groups:
+            - admins
+            - dev
+            - users
+        given_name: ""
+        middle_name: ""
+        family_name: ""
+        nickname: ""
+        gender: ""
+        birthdate: ""
+        website: ""
+        profile: ""
+        picture: ""
+        zoneinfo: ""
+        locale: ""
+        phone_number: ""
+        phone_extension: ""
+        disabled: false
+        address: null
+        extra: {}
+    jintara:
+        password: $argon2id$v=19$m=65536,t=3,p=4$vTZR3nzagcHGD/cxds197Q$piGaPOfeXoCRUbgyBkWGI5lwD8yaIJz4Hd17t/omBXI
+        displayname: Ekaterina Zykova
+        email: ekaterina.r.zykova@gmail.com
+        groups:
+            - users
+        given_name: ""
+        middle_name: ""
+        family_name: ""
+        nickname: ""
+        gender: ""
+        birthdate: ""
+        website: ""
+        profile: ""
+        picture: ""
+        zoneinfo: ""
+        locale: ""
+        phone_number: ""
+        phone_extension: ""
+        disabled: false
+        address: null
+        extra: {}