anton
/
docker-apps
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
docker-apps/auth/config/configuration.yml

136 lines
4.3 KiB
YAML
Raw Blame History

theme: 'dark'
default_2fa_method: 'totp'
totp:
issuer: 'auth.aggtaa.com'
identity_validation:
reset_password:
jwt_secret: 'ShnKq2VDRwA1fMxwhmPmkj3DJdt40CqO6WWyDKmdohFQH7WAypikiq109yKf9nUv'
authentication_backend:
file:
path: '/config/users_database.yml'
watch: true
search:
email: false
case_insensitive: false
password:
algorithm: 'argon2'
argon2:
variant: 'argon2id'
iterations: 3
memory: 65536
parallelism: 4
key_length: 32
salt_length: 16
access_control:
default_policy: 'deny'
rules:
- domain: "*.aggtaa.com"
policy: two_factor
networks:
- 192.168.0.0/16
- 10.0.0.0/8
- 172.16.0.0/12
- domain: "*.aggtaa.com"
policy: two_factor
session:
name: 'aas'
secret: 'It1PZBvUNXvfbRnaOSBkupXxCMt8FRrc'
cookies:
- name: 'aas'
domain: 'aggtaa.com'
authelia_url: 'https://auth.aggtaa.com'
regulation:
max_retries: 3
find_time: '2 minutes'
ban_time: '5 minutes'
storage:
encryption_key: '8Ei4XmiFM1GF7EWxiHyyReEWSuUgc4zH'
local:
path: '/db/db.sqlite3'
notifier:
smtp:
address: 'smtp://mail-eu.smtp2go.com:587'
username: 'robot@aggtaa.com'
password: 'ULCKdUexeCQVgDl3'
sender: 'auth.aggtaa.com <robot@aggtaa.com>'
subject: 'auth.aggtaa.com: {title}'
tls:
server_name: 'mail-eu.smtp2go.com'
identity_providers:
oidc:
hmac_secret: 'mbHg5s2JnQDuGdtBxrofu7uiu4MR7098'
jwks:
- key_id: "main"
algorithm: 'RS256'
use: "sig"
key: |
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCiXH1drELlUhBh
RL0YayG5k+6jLnGD1646iHbB36rGTFRdhbz8h9v1g+QkPlHY9chzTtc67QD89myv
46+pYW32QmIlx86xrP7AMFxyHhL8XSVV3AHSWiNL1RwN59Aa1IMo2xhw36ZH0WH/
bAmodMQ9lIrP4T3EU4tUoRvO7RvcHW/ngrfd5xonmBLY13m+sAXtolG8yRzVW2Qh
ew1Y55r6Armrihvyo+/0L5raBrPt+w476t35rz/uUUIvdrQMUwIitpd3vP9j0rW/
sTkKrx9Djgs9ECIvIyhJcMiiCZnpqWnUvJzYAbbehU6T4ASW8qOD5d2LBA7cO9R+
QNrrj2wbAgMBAAECggEAFWyu/lVk3m3dy3gOm9JHOP3UV6QhRoyHaSHoydyB5Hje
CRlEvu4OkG8/A6lVk5ObR9v3escbgkXiQbOB0pAQupY37VRYagmx9BptmIFvb+26
p4HIm8FZNwCAGzWjuGaiiBmhOAPLJV7z14iiHaCK5LVdO+E1DVsY36oCyWNwcbMa
4+d6RGgbFeUHXGnuayd5hTvUlsXAbPo4/gJT1KDvqPPjZl8U6ur1mRIt+BTzrntv
C2oN1hq+cJQRrQhySt0/QNAE+k4+r70ZKC/4rDjYkdhyBqNPq7mjAYJ7miWF/YFZ
4AYzo+z7Mws1sMJkNG/SFaNXWgh8KWdFHfgZNWSogQKBgQDSf2w8j9WC1h30FtKy
kGYWFKcNYM2AGoE5PnT1bxvBOtgrttwOVsXESIjyXgRygKvZgExIx3nh8bUkXHWL
31wY5y1I6ZrvFIKNsfaQm8sf9PttH4biXJ3h9eBYeBx7y/3+QAOqqiDF+vcGOWJF
xA7ZKBjz2NEgdr7c7jFsIIOiwwKBgQDFdUeOm+lY24nU0/qC06Zk7tjf3xxRGq9d
Fddix1ENUS2BGcltOVr1UedWeoBeN5P004FqzRHyX4Z/1Yvzvax809TqyT36lQ/z
zBjizZKggAmfU5wCCpuSubT+Wq1o3FPQ5fLbnllFMf1UE64lZouAT1NHFHuwDrYV
e8bBCwzLyQKBgQCZSMkc4PDuMdXmJaiQ964fbjKn/1Imcyae9OheweZIM/2u954P
owipAtkXBXffmeuKm27xoLEU49qw+9NtY93BFLdZXSPB7gGUBYAzlf+46cEdmdOz
ixY9sbsJMY4saEQxnZQN942eHj88fRUfEMJvSE/DYqQHK/GZGKtMvfCd2QKBgF9Y
EvZUaGdkkng25yaWxijEf+oRlF3BMd4Tts3WileQ1BUbe3yHDlmYc8j5G9Tip0m3
ey0z2i+bWpmNZqeJ9ajMrGm2RHwjz/EbowSY2O0xBfRt7c26i4Zcr32GEWepw7sB
3bOYEWjtC3K2kgczLbcGFqMiy9qmL9vNyZnbGRGpAoGBAKbIM3P1XrfJ2Uogbq1g
ssjngQ/HvAbFwZlAP0mH6H1A8skJiqZ/unjlo98wAj7v912nd3rrm9VKZGkXakSR
MqhDyoDv+RIbyhznbRiGd7S6ddqTx2zm03svlCqQZUH92GmFgQlUJ7AngqlxqxEv
LHwFtrfVT+ViB1m8zP+RieKb
-----END PRIVATE KEY-----
enable_client_debug_messages: true
cors:
## List of endpoints in addition to the metadata endpoints to permit cross-origin requests on.
endpoints:
- 'authorization'
- 'pushed-authorization-request'
- 'token'
- 'revocation'
- 'introspection'
- 'userinfo'
clients:
- client_id: files.aggtaa.com
client_name: files.aggtaa.com
public: true
consent_mode: pre-configured # store user consent for some time
pre_configured_consent_duration: 100y
scopes:
- openid
- email
- profile
- groups
redirect_uris:
- https://files.aggtaa.com/
- https://files.aggtaa.com/oidc-callback.html
- https://files.aggtaa.com/oidc-silent-redirect.html
Reference in New Issue View Git Blame Copy Permalink