#0000 - Add initial project setup with configs, user db, and Docker Compose
This commit adds the foundational setup for the project, including docker-compose.yml, .env.dist, users_database.yml.dist, and Authelia configurations. It also includes the MIT license and a README with installation instructions and usage. The .gitignore file has been updated to exclude sensitive files.
This commit is contained in:
parent
998b95ab4b
commit
f6414a6ae5
7 changed files with 419 additions and 1 deletions
125
authelia/configuration.yml.dist
Normal file
125
authelia/configuration.yml.dist
Normal file
|
|
@ -0,0 +1,125 @@
|
|||
###############################################################
|
||||
# Authelia configuration #
|
||||
###############################################################
|
||||
|
||||
# config setup following https://www.smarthomebeginner.com/docker-authelia-tutorial/
|
||||
|
||||
theme: auto
|
||||
|
||||
server:
|
||||
host: 0.0.0.0
|
||||
port: 9091
|
||||
|
||||
log:
|
||||
level: warn
|
||||
|
||||
# This secret can also be set using the env variables AUTHELIA_JWT_SECRET_FILE
|
||||
jwt_secret: CHANGEME
|
||||
|
||||
# https://docs.authelia.com/configuration/miscellaneous.html#default-redirection-url
|
||||
default_redirection_url: https://CHANGEME
|
||||
|
||||
totp:
|
||||
issuer: authelia.com
|
||||
period: 30
|
||||
skew: 1
|
||||
|
||||
authentication_backend:
|
||||
file:
|
||||
path: /config/users_database.yml
|
||||
password:
|
||||
algorithm: argon2id
|
||||
iterations: 1
|
||||
salt_length: 16
|
||||
parallelism: 8
|
||||
memory: 1024 # blocks this much of the RAM. Tune this.
|
||||
|
||||
access_control:
|
||||
default_policy: deny
|
||||
rules:
|
||||
- domain: CHANGEME
|
||||
policy: bypass
|
||||
- domain:
|
||||
- '*.CHANGEME'
|
||||
policy: two_factor
|
||||
|
||||
session:
|
||||
name: authelia_session
|
||||
# This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE
|
||||
secret: CHANGEME
|
||||
expiration: 3600 # 1 hour
|
||||
inactivity: 300 # 5 minutes
|
||||
domain: CHANGEME # Should match whatever your root protected domain is
|
||||
redis:
|
||||
host: redis
|
||||
port: 6379
|
||||
# This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE
|
||||
# password: authelia
|
||||
|
||||
regulation:
|
||||
max_retries: 3
|
||||
find_time: 120
|
||||
ban_time: 300
|
||||
|
||||
notifier:
|
||||
# For testing purposes, notifications can be sent in a file. Be sure to map the volume in docker-compose.
|
||||
# filesystem:
|
||||
# filename: /config/notification.txt
|
||||
smtp:
|
||||
## The SMTP host to connect to.
|
||||
host: CHANGEME
|
||||
|
||||
## The port to connect to the SMTP host on.
|
||||
port: 465
|
||||
|
||||
## The connection timeout.
|
||||
timeout: 5s
|
||||
|
||||
## The username used for SMTP authentication.
|
||||
username: CHANGEME
|
||||
|
||||
## The password used for SMTP authentication.
|
||||
## Can also be set using a secret: https://www.authelia.com/c/secrets
|
||||
password: CHANGEME
|
||||
|
||||
## The sender is used to is used for the MAIL FROM command and the FROM header.
|
||||
## If this is not defined and the username is an email, we use the username as this value. This can either be just
|
||||
## an email address or the RFC5322 'Name <email address>' format.
|
||||
sender: "Authelia <noreply@CHANGEME>"
|
||||
|
||||
## HELO/EHLO Identifier. Some SMTP Servers may reject the default of localhost.
|
||||
identifier: CHANGEME
|
||||
|
||||
## Subject configuration of the emails sent. {title} is replaced by the text from the notifier.
|
||||
subject: "[Authelia] {title}"
|
||||
|
||||
## This address is used during the startup check to verify the email configuration is correct.
|
||||
## It's not important what it is except if your email server only allows local delivery.
|
||||
startup_check_address: CHANGEME
|
||||
|
||||
## By default we require some form of TLS. This disables this check though is not advised.
|
||||
disable_require_tls: false
|
||||
|
||||
## Disables sending HTML formatted emails.
|
||||
disable_html_emails: false
|
||||
|
||||
tls:
|
||||
## The server subject name to check the servers certificate against during the validation process.
|
||||
## This option is not required if the certificate has a SAN which matches the host option.
|
||||
server_name: CHANGEME
|
||||
|
||||
## Minimum TLS version for the connection.
|
||||
minimum_version: TLS1.2
|
||||
|
||||
## Maximum TLS version for the connection.
|
||||
maximum_version: TLS1.3
|
||||
|
||||
storage:
|
||||
encryption_key: CHANGEME
|
||||
mysql:
|
||||
host: mariadb-service
|
||||
port: 3306
|
||||
database: authelia
|
||||
username: root
|
||||
# Password can also be set using the env variables AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE
|
||||
password: CHANGEME # use docker secret file instead AUTHELIA_STORAGE_MYSQL_PASSWORD_FILE
|
||||
9
authelia/users_database.yml.dist
Normal file
9
authelia/users_database.yml.dist
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
users:
|
||||
john:
|
||||
disabled: false
|
||||
displayname: "John Doe"
|
||||
password: '$argon2id$v=19$m=65536,t=3,p=2$BpLnfgDsc2WD8F2q$o/vzA4myCqZZ36bUGsDY//8mKUYNZZaR0t4MFFSs+iM'
|
||||
email: john@example.com
|
||||
groups:
|
||||
- admins
|
||||
- dev
|
||||
Loading…
Add table
Add a link
Reference in a new issue