theme: 'dark'

default_2fa_method: 'totp'

totp:
  issuer: 'auth.aggtaa.com'

identity_validation:
  reset_password:
    jwt_secret: 'ShnKq2VDRwA1fMxwhmPmkj3DJdt40CqO6WWyDKmdohFQH7WAypikiq109yKf9nUv'

authentication_backend:
  file:
    path: '/config/users_database.yml'
    watch: true
    search:
      email: false
      case_insensitive: false
    password:
      algorithm: 'argon2'
      argon2:
        variant: 'argon2id'
        iterations: 3
        memory: 65536
        parallelism: 4
        key_length: 32
        salt_length: 16

access_control:
  default_policy: 'deny'

  rules:
    - domain: "*.aggtaa.com"
      policy: two_factor
      networks:
        - 192.168.0.0/16
        - 10.0.0.0/8
        - 172.16.0.0/12

    - domain: "*.aggtaa.com"
      policy: two_factor

session:
  name: 'aas'
  secret: 'It1PZBvUNXvfbRnaOSBkupXxCMt8FRrc'
  cookies:
    - name: 'aas'
      domain: 'aggtaa.com'
      authelia_url: 'https://auth.aggtaa.com'

regulation:
  max_retries: 3
  find_time: '2 minutes'
  ban_time: '5 minutes'

storage:
  encryption_key: '8Ei4XmiFM1GF7EWxiHyyReEWSuUgc4zH'
  local:
    path: '/db/db.sqlite3'

notifier:
  smtp:
    address: 'smtp://mail-eu.smtp2go.com:587'
    username: 'robot@aggtaa.com'
    password: 'ULCKdUexeCQVgDl3'
    sender: 'auth.aggtaa.com <robot@aggtaa.com>'

    subject: 'auth.aggtaa.com: {title}'

    tls:
      server_name: 'mail-eu.smtp2go.com'