2021-05-30 21:49:04 +00:00
---
title: authelia
type: docs
---
[![Source Code ](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white )](https://gitea.rknet.org/ansible/xoxys.authelia) [![Build Status ](https://img.shields.io/drone/build/ansible/xoxys.authelia?logo=drone&server=https%3A%2F%2Fdrone.rknet.org )](https://drone.rknet.org/ansible/xoxys.authelia) [![License: MIT ](https://img.shields.io/badge/License-MIT-blue.svg?label=license )](https://gitea.rknet.org/ansible/xoxys.authelia/src/branch/master/LICENSE)
Setup Authelia authentication and authorization server.
* [Default Variables ](#default-variables )
* [authelia_access_control_default_policy ](#authelia_access_control_default_policy )
* [authelia_access_control_networks ](#authelia_access_control_networks )
* [authelia_access_control_rules ](#authelia_access_control_rules )
* [authelia_auth_backend ](#authelia_auth_backend )
2021-05-31 14:34:08 +00:00
* [authelia_auth_backend_disable_reset_password ](#authelia_auth_backend_disable_reset_password )
2021-05-30 21:49:04 +00:00
* [authelia_auth_ldap_additional_groups_dn ](#authelia_auth_ldap_additional_groups_dn )
* [authelia_auth_ldap_additional_users_dn ](#authelia_auth_ldap_additional_users_dn )
* [authelia_auth_ldap_base_dn ](#authelia_auth_ldap_base_dn )
* [authelia_auth_ldap_bind_password ](#authelia_auth_ldap_bind_password )
* [authelia_auth_ldap_bind_user ](#authelia_auth_ldap_bind_user )
* [authelia_auth_ldap_display_name_attribute ](#authelia_auth_ldap_display_name_attribute )
* [authelia_auth_ldap_group_name_attribute ](#authelia_auth_ldap_group_name_attribute )
* [authelia_auth_ldap_groups_filter ](#authelia_auth_ldap_groups_filter )
* [authelia_auth_ldap_mail_attribute ](#authelia_auth_ldap_mail_attribute )
* [authelia_auth_ldap_start_tls ](#authelia_auth_ldap_start_tls )
* [authelia_auth_ldap_tls_minimum_version ](#authelia_auth_ldap_tls_minimum_version )
* [authelia_auth_ldap_tls_skip_verify ](#authelia_auth_ldap_tls_skip_verify )
* [authelia_auth_ldap_url ](#authelia_auth_ldap_url )
* [authelia_auth_ldap_username_attribute ](#authelia_auth_ldap_username_attribute )
* [authelia_auth_ldap_users_filter ](#authelia_auth_ldap_users_filter )
* [authelia_auth_local_users ](#authelia_auth_local_users )
* [authelia_base_dir ](#authelia_base_dir )
* [authelia_bind_ip ](#authelia_bind_ip )
* [authelia_bind_port ](#authelia_bind_port )
* [authelia_config_dir ](#authelia_config_dir )
* [authelia_data_dir ](#authelia_data_dir )
* [authelia_default_redirection_url ](#authelia_default_redirection_url )
* [authelia_extra_groups ](#authelia_extra_groups )
* [authelia_group ](#authelia_group )
* [authelia_jwt_secret ](#authelia_jwt_secret )
* [authelia_log_level ](#authelia_log_level )
* [authelia_notifier_backend ](#authelia_notifier_backend )
* [authelia_notifier_disable_startup_check ](#authelia_notifier_disable_startup_check )
* [authelia_notifier_smtp_disable_html_emails ](#authelia_notifier_smtp_disable_html_emails )
* [authelia_notifier_smtp_disable_require_tls ](#authelia_notifier_smtp_disable_require_tls )
* [authelia_notifier_smtp_host ](#authelia_notifier_smtp_host )
* [authelia_notifier_smtp_identifier ](#authelia_notifier_smtp_identifier )
* [authelia_notifier_smtp_password ](#authelia_notifier_smtp_password )
* [authelia_notifier_smtp_port ](#authelia_notifier_smtp_port )
* [authelia_notifier_smtp_sender ](#authelia_notifier_smtp_sender )
* [authelia_notifier_smtp_startup_check_address ](#authelia_notifier_smtp_startup_check_address )
* [authelia_notifier_smtp_subject ](#authelia_notifier_smtp_subject )
* [authelia_notifier_smtp_tls_minimum_version ](#authelia_notifier_smtp_tls_minimum_version )
* [authelia_notifier_smtp_tls_skip_verify ](#authelia_notifier_smtp_tls_skip_verify )
* [authelia_notifier_smtp_username ](#authelia_notifier_smtp_username )
* [authelia_packages ](#authelia_packages )
* [authelia_portal_url ](#authelia_portal_url )
* [authelia_read_only_dirs ](#authelia_read_only_dirs )
* [authelia_regulation_ban_time ](#authelia_regulation_ban_time )
* [authelia_regulation_find_time ](#authelia_regulation_find_time )
* [authelia_regulation_max_retries ](#authelia_regulation_max_retries )
* [authelia_session_backend ](#authelia_session_backend )
* [authelia_session_domain ](#authelia_session_domain )
* [authelia_session_expiration ](#authelia_session_expiration )
* [authelia_session_inactivity ](#authelia_session_inactivity )
* [authelia_session_name ](#authelia_session_name )
* [authelia_session_redis_database_index ](#authelia_session_redis_database_index )
* [authelia_session_redis_host ](#authelia_session_redis_host )
* [authelia_session_redis_maximum_active_connections ](#authelia_session_redis_maximum_active_connections )
* [authelia_session_redis_minimum_idle_connections ](#authelia_session_redis_minimum_idle_connections )
* [authelia_session_redis_port ](#authelia_session_redis_port )
* [authelia_session_remember_me_duration ](#authelia_session_remember_me_duration )
* [authelia_session_same_site ](#authelia_session_same_site )
* [authelia_session_secret ](#authelia_session_secret )
* [authelia_storage_backend ](#authelia_storage_backend )
* [authelia_storage_db_host ](#authelia_storage_db_host )
* [authelia_storage_db_name ](#authelia_storage_db_name )
* [authelia_storage_db_password ](#authelia_storage_db_password )
* [authelia_storage_db_port ](#authelia_storage_db_port )
* [authelia_storage_db_sslmode ](#authelia_storage_db_sslmode )
* [authelia_storage_db_username ](#authelia_storage_db_username )
* [authelia_theme ](#authelia_theme )
* [authelia_totp_issuer ](#authelia_totp_issuer )
* [authelia_totp_period ](#authelia_totp_period )
* [authelia_totp_skew ](#authelia_totp_skew )
* [authelia_user ](#authelia_user )
* [authelia_user_home ](#authelia_user_home )
* [authelia_version ](#authelia_version )
* [Dependencies ](#dependencies )
---
## Default Variables
### authelia_access_control_default_policy
#### Default value
```YAML
authelia_access_control_default_policy: one_factor
```
### authelia_access_control_networks
#### Default value
```YAML
authelia_access_control_networks: []
```
### authelia_access_control_rules
#### Default value
```YAML
authelia_access_control_rules: []
```
### authelia_auth_backend
Set authentication backend. Available options are `local|ldap` . All `authelia_auth_ldap_` variables will only work while the LDAP auth backend is enabled.
#### Default value
```YAML
authelia_auth_backend: local
```
2021-05-31 14:34:08 +00:00
### authelia_auth_backend_disable_reset_password
#### Default value
```YAML
authelia_auth_backend_disable_reset_password: false
```
2021-05-30 21:49:04 +00:00
### authelia_auth_ldap_additional_groups_dn
#### Default value
```YAML
authelia_auth_ldap_additional_groups_dn: ou=groups
```
### authelia_auth_ldap_additional_users_dn
#### Default value
```YAML
authelia_auth_ldap_additional_users_dn: ou=users
```
### authelia_auth_ldap_base_dn
#### Default value
```YAML
authelia_auth_ldap_base_dn: dc=example,dc=com
```
### authelia_auth_ldap_bind_password
#### Default value
```YAML
authelia_auth_ldap_bind_password: password
```
### authelia_auth_ldap_bind_user
#### Default value
```YAML
authelia_auth_ldap_bind_user: cn=admin,dc=example,dc=com
```
### authelia_auth_ldap_display_name_attribute
#### Default value
```YAML
authelia_auth_ldap_display_name_attribute: displayname
```
### authelia_auth_ldap_group_name_attribute
#### Default value
```YAML
authelia_auth_ldap_group_name_attribute: cn
```
### authelia_auth_ldap_groups_filter
#### Default value
```YAML
authelia_auth_ldap_groups_filter: (& (member={dn})(objectclass=groupOfNames))
```
### authelia_auth_ldap_mail_attribute
#### Default value
```YAML
authelia_auth_ldap_mail_attribute: mail
```
### authelia_auth_ldap_start_tls
#### Default value
```YAML
authelia_auth_ldap_start_tls: false
```
### authelia_auth_ldap_tls_minimum_version
#### Default value
```YAML
authelia_auth_ldap_tls_minimum_version: TLS1.2
```
### authelia_auth_ldap_tls_skip_verify
#### Default value
```YAML
authelia_auth_ldap_tls_skip_verify: false
```
### authelia_auth_ldap_url
#### Default value
```YAML
authelia_auth_ldap_url: ldap://127.0.0.1
```
### authelia_auth_ldap_username_attribute
#### Default value
```YAML
authelia_auth_ldap_username_attribute: uid
```
### authelia_auth_ldap_users_filter
#### Default value
```YAML
authelia_auth_ldap_users_filter: (& ({username_attribute}={input})(objectClass=person))
```
### authelia_auth_local_users
#### Default value
```YAML
authelia_auth_local_users: []
```
### authelia_base_dir
#### Default value
```YAML
authelia_base_dir: /opt/authelia
```
### authelia_bind_ip
#### Default value
```YAML
authelia_bind_ip: 127.0.0.1
```
### authelia_bind_port
#### Default value
```YAML
authelia_bind_port: 61000
```
### authelia_config_dir
#### Default value
```YAML
authelia_config_dir: '{{ authelia_base_dir }}/conf'
```
### authelia_data_dir
#### Default value
```YAML
authelia_data_dir: '{{ authelia_base_dir }}/data'
```
### authelia_default_redirection_url
Specifies the default redirection URL Authelia will use in case a referer is missing.
#### Default value
```YAML
authelia_default_redirection_url: _unset_
```
#### Example usage
```YAML
authelia_default_redirection_url: https://github.com
```
### authelia_extra_groups
#### Default value
```YAML
authelia_extra_groups: []
```
### authelia_group
#### Default value
```YAML
authelia_group: '{{ authelia_user }}'
```
### authelia_jwt_secret
#### Default value
```YAML
authelia_jwt_secret: a_very_important_secret
```
### authelia_log_level
#### Default value
```YAML
authelia_log_level: error
```
### authelia_notifier_backend
Set notifier backend. Available options are `local|smtp` . All `authelia_notifier_smtp_` variables will only work while the SMTP backend is enabled.
#### Default value
```YAML
authelia_notifier_backend: local
```
### authelia_notifier_disable_startup_check
#### Default value
```YAML
authelia_notifier_disable_startup_check: false
```
### authelia_notifier_smtp_disable_html_emails
#### Default value
```YAML
authelia_notifier_smtp_disable_html_emails: false
```
### authelia_notifier_smtp_disable_require_tls
#### Default value
```YAML
authelia_notifier_smtp_disable_require_tls: false
```
### authelia_notifier_smtp_host
#### Default value
```YAML
authelia_notifier_smtp_host: 127.0.0.1
```
### authelia_notifier_smtp_identifier
#### Default value
```YAML
authelia_notifier_smtp_identifier: localhost
```
### authelia_notifier_smtp_password
#### Default value
```YAML
authelia_notifier_smtp_password: password
```
### authelia_notifier_smtp_port
#### Default value
```YAML
authelia_notifier_smtp_port: 1025
```
### authelia_notifier_smtp_sender
#### Default value
```YAML
authelia_notifier_smtp_sender: admin@example.com
```
### authelia_notifier_smtp_startup_check_address
#### Default value
```YAML
authelia_notifier_smtp_startup_check_address: test@authelia.com
```
### authelia_notifier_smtp_subject
#### Default value
```YAML
authelia_notifier_smtp_subject: '[Authelia] {title}'
```
### authelia_notifier_smtp_tls_minimum_version
#### Default value
```YAML
authelia_notifier_smtp_tls_minimum_version: TLS1.2
```
### authelia_notifier_smtp_tls_skip_verify
#### Default value
```YAML
authelia_notifier_smtp_tls_skip_verify: false
```
### authelia_notifier_smtp_username
#### Default value
```YAML
authelia_notifier_smtp_username: test
```
### authelia_packages
#### Default value
```YAML
authelia_packages: []
```
### authelia_portal_url
#### Default value
```YAML
authelia_portal_url: http://localhost:61000/
```
### authelia_read_only_dirs
#### Default value
```YAML
authelia_read_only_dirs: []
```
### authelia_regulation_ban_time
#### Default value
```YAML
authelia_regulation_ban_time: 5m
```
### authelia_regulation_find_time
#### Default value
```YAML
authelia_regulation_find_time: 2m
```
### authelia_regulation_max_retries
#### Default value
```YAML
authelia_regulation_max_retries: 3
```
### authelia_session_backend
Set session backend. Available options are `local|redis` . All `authelia_session_redis_` variables will only work while the Redis backend is enabled.
#### Default value
```YAML
authelia_session_backend: local
```
### authelia_session_domain
#### Default value
```YAML
authelia_session_domain: example.com
```
### authelia_session_expiration
#### Default value
```YAML
authelia_session_expiration: 1h
```
### authelia_session_inactivity
#### Default value
```YAML
authelia_session_inactivity: 5m
```
### authelia_session_name
#### Default value
```YAML
authelia_session_name: authelia_session
```
### authelia_session_redis_database_index
#### Default value
```YAML
authelia_session_redis_database_index: 0
```
### authelia_session_redis_host
#### Default value
```YAML
authelia_session_redis_host: 127.0.0.1
```
### authelia_session_redis_maximum_active_connections
#### Default value
```YAML
authelia_session_redis_maximum_active_connections: 8
```
### authelia_session_redis_minimum_idle_connections
#### Default value
```YAML
authelia_session_redis_minimum_idle_connections: 0
```
### authelia_session_redis_port
#### Default value
```YAML
authelia_session_redis_port: 6379
```
### authelia_session_remember_me_duration
#### Default value
```YAML
authelia_session_remember_me_duration: 1M
```
### authelia_session_same_site
#### Default value
```YAML
authelia_session_same_site: lax
```
### authelia_session_secret
#### Default value
```YAML
authelia_session_secret: insecure_session_secret
```
### authelia_storage_backend
Set storage backend. Available options are `local|postgres` . All `authelia_storage_db_` variables will only work while the PostgreSQL backend is enabled.
#### Default value
```YAML
authelia_storage_backend: local
```
### authelia_storage_db_host
#### Default value
```YAML
authelia_storage_db_host: 127.0.0.1
```
### authelia_storage_db_name
#### Default value
```YAML
authelia_storage_db_name: authelia
```
### authelia_storage_db_password
#### Default value
```YAML
authelia_storage_db_password: mypassword
```
### authelia_storage_db_port
#### Default value
```YAML
authelia_storage_db_port: 5432
```
### authelia_storage_db_sslmode
#### Default value
```YAML
authelia_storage_db_sslmode: disable
```
### authelia_storage_db_username
#### Default value
```YAML
authelia_storage_db_username: authelia
```
### authelia_theme
#### Default value
```YAML
authelia_theme: light
```
### authelia_totp_issuer
#### Default value
```YAML
authelia_totp_issuer: "{{ authelia_portal_url | urlsplit('hostname') }}"
```
### authelia_totp_period
#### Default value
```YAML
authelia_totp_period: 30
```
### authelia_totp_skew
#### Default value
```YAML
authelia_totp_skew: 1
```
### authelia_user
#### Default value
```YAML
authelia_user: authelia_adm
```
### authelia_user_home
#### Default value
```YAML
authelia_user_home: /home/{{ authelia_user }}
```
### authelia_version
#### Default value
```YAML
2021-08-05 19:59:28 +00:00
authelia_version: 4.30.1
2021-05-30 21:49:04 +00:00
```
## Dependencies
None.