Robert Kaussow
9698af22db
Author: Robert Kaussow <mail@thegeeklab.de> Date: Thu Aug 5 21:54:59 2021 +0200 fix: adjust config to work with 4.30.x
15 KiB
15 KiB
title | type |
---|---|
authelia | docs |
Setup Authelia authentication and authorization server.
- Default Variables
- authelia_access_control_default_policy
- authelia_access_control_networks
- authelia_access_control_rules
- authelia_auth_backend
- authelia_auth_backend_disable_reset_password
- authelia_auth_ldap_additional_groups_dn
- authelia_auth_ldap_additional_users_dn
- authelia_auth_ldap_base_dn
- authelia_auth_ldap_bind_password
- authelia_auth_ldap_bind_user
- authelia_auth_ldap_display_name_attribute
- authelia_auth_ldap_group_name_attribute
- authelia_auth_ldap_groups_filter
- authelia_auth_ldap_mail_attribute
- authelia_auth_ldap_start_tls
- authelia_auth_ldap_tls_minimum_version
- authelia_auth_ldap_tls_skip_verify
- authelia_auth_ldap_url
- authelia_auth_ldap_username_attribute
- authelia_auth_ldap_users_filter
- authelia_auth_local_users
- authelia_base_dir
- authelia_bind_ip
- authelia_bind_port
- authelia_config_dir
- authelia_data_dir
- authelia_default_redirection_url
- authelia_extra_groups
- authelia_group
- authelia_jwt_secret
- authelia_log_level
- authelia_notifier_backend
- authelia_notifier_disable_startup_check
- authelia_notifier_smtp_disable_html_emails
- authelia_notifier_smtp_disable_require_tls
- authelia_notifier_smtp_host
- authelia_notifier_smtp_identifier
- authelia_notifier_smtp_password
- authelia_notifier_smtp_port
- authelia_notifier_smtp_sender
- authelia_notifier_smtp_startup_check_address
- authelia_notifier_smtp_subject
- authelia_notifier_smtp_tls_minimum_version
- authelia_notifier_smtp_tls_skip_verify
- authelia_notifier_smtp_username
- authelia_packages
- authelia_portal_url
- authelia_read_only_dirs
- authelia_regulation_ban_time
- authelia_regulation_find_time
- authelia_regulation_max_retries
- authelia_session_backend
- authelia_session_domain
- authelia_session_expiration
- authelia_session_inactivity
- authelia_session_name
- authelia_session_redis_database_index
- authelia_session_redis_host
- authelia_session_redis_maximum_active_connections
- authelia_session_redis_minimum_idle_connections
- authelia_session_redis_port
- authelia_session_remember_me_duration
- authelia_session_same_site
- authelia_session_secret
- authelia_storage_backend
- authelia_storage_db_host
- authelia_storage_db_name
- authelia_storage_db_password
- authelia_storage_db_port
- authelia_storage_db_sslmode
- authelia_storage_db_username
- authelia_theme
- authelia_totp_issuer
- authelia_totp_period
- authelia_totp_skew
- authelia_user
- authelia_user_home
- authelia_version
- Dependencies
Default Variables
authelia_access_control_default_policy
Default value
authelia_access_control_default_policy: one_factor
authelia_access_control_networks
Default value
authelia_access_control_networks: []
authelia_access_control_rules
Default value
authelia_access_control_rules: []
authelia_auth_backend
Set authentication backend. Available options are local|ldap
. All authelia_auth_ldap_
variables will only work while the LDAP auth backend is enabled.
Default value
authelia_auth_backend: local
authelia_auth_backend_disable_reset_password
Default value
authelia_auth_backend_disable_reset_password: false
authelia_auth_ldap_additional_groups_dn
Default value
authelia_auth_ldap_additional_groups_dn: ou=groups
authelia_auth_ldap_additional_users_dn
Default value
authelia_auth_ldap_additional_users_dn: ou=users
authelia_auth_ldap_base_dn
Default value
authelia_auth_ldap_base_dn: dc=example,dc=com
authelia_auth_ldap_bind_password
Default value
authelia_auth_ldap_bind_password: password
authelia_auth_ldap_bind_user
Default value
authelia_auth_ldap_bind_user: cn=admin,dc=example,dc=com
authelia_auth_ldap_display_name_attribute
Default value
authelia_auth_ldap_display_name_attribute: displayname
authelia_auth_ldap_group_name_attribute
Default value
authelia_auth_ldap_group_name_attribute: cn
authelia_auth_ldap_groups_filter
Default value
authelia_auth_ldap_groups_filter: (&(member={dn})(objectclass=groupOfNames))
authelia_auth_ldap_mail_attribute
Default value
authelia_auth_ldap_mail_attribute: mail
authelia_auth_ldap_start_tls
Default value
authelia_auth_ldap_start_tls: false
authelia_auth_ldap_tls_minimum_version
Default value
authelia_auth_ldap_tls_minimum_version: TLS1.2
authelia_auth_ldap_tls_skip_verify
Default value
authelia_auth_ldap_tls_skip_verify: false
authelia_auth_ldap_url
Default value
authelia_auth_ldap_url: ldap://127.0.0.1
authelia_auth_ldap_username_attribute
Default value
authelia_auth_ldap_username_attribute: uid
authelia_auth_ldap_users_filter
Default value
authelia_auth_ldap_users_filter: (&({username_attribute}={input})(objectClass=person))
authelia_auth_local_users
Default value
authelia_auth_local_users: []
authelia_base_dir
Default value
authelia_base_dir: /opt/authelia
authelia_bind_ip
Default value
authelia_bind_ip: 127.0.0.1
authelia_bind_port
Default value
authelia_bind_port: 61000
authelia_config_dir
Default value
authelia_config_dir: '{{ authelia_base_dir }}/conf'
authelia_data_dir
Default value
authelia_data_dir: '{{ authelia_base_dir }}/data'
authelia_default_redirection_url
Specifies the default redirection URL Authelia will use in case a referer is missing.
Default value
authelia_default_redirection_url: _unset_
Example usage
authelia_default_redirection_url: https://github.com
authelia_extra_groups
Default value
authelia_extra_groups: []
authelia_group
Default value
authelia_group: '{{ authelia_user }}'
authelia_jwt_secret
Default value
authelia_jwt_secret: a_very_important_secret
authelia_log_level
Default value
authelia_log_level: error
authelia_notifier_backend
Set notifier backend. Available options are local|smtp
. All authelia_notifier_smtp_
variables will only work while the SMTP backend is enabled.
Default value
authelia_notifier_backend: local
authelia_notifier_disable_startup_check
Default value
authelia_notifier_disable_startup_check: false
authelia_notifier_smtp_disable_html_emails
Default value
authelia_notifier_smtp_disable_html_emails: false
authelia_notifier_smtp_disable_require_tls
Default value
authelia_notifier_smtp_disable_require_tls: false
authelia_notifier_smtp_host
Default value
authelia_notifier_smtp_host: 127.0.0.1
authelia_notifier_smtp_identifier
Default value
authelia_notifier_smtp_identifier: localhost
authelia_notifier_smtp_password
Default value
authelia_notifier_smtp_password: password
authelia_notifier_smtp_port
Default value
authelia_notifier_smtp_port: 1025
authelia_notifier_smtp_sender
Default value
authelia_notifier_smtp_sender: admin@example.com
authelia_notifier_smtp_startup_check_address
Default value
authelia_notifier_smtp_startup_check_address: test@authelia.com
authelia_notifier_smtp_subject
Default value
authelia_notifier_smtp_subject: '[Authelia] {title}'
authelia_notifier_smtp_tls_minimum_version
Default value
authelia_notifier_smtp_tls_minimum_version: TLS1.2
authelia_notifier_smtp_tls_skip_verify
Default value
authelia_notifier_smtp_tls_skip_verify: false
authelia_notifier_smtp_username
Default value
authelia_notifier_smtp_username: test
authelia_packages
Default value
authelia_packages: []
authelia_portal_url
Default value
authelia_portal_url: http://localhost:61000/
authelia_read_only_dirs
Default value
authelia_read_only_dirs: []
authelia_regulation_ban_time
Default value
authelia_regulation_ban_time: 5m
authelia_regulation_find_time
Default value
authelia_regulation_find_time: 2m
authelia_regulation_max_retries
Default value
authelia_regulation_max_retries: 3
authelia_session_backend
Set session backend. Available options are local|redis
. All authelia_session_redis_
variables will only work while the Redis backend is enabled.
Default value
authelia_session_backend: local
authelia_session_domain
Default value
authelia_session_domain: example.com
authelia_session_expiration
Default value
authelia_session_expiration: 1h
authelia_session_inactivity
Default value
authelia_session_inactivity: 5m
authelia_session_name
Default value
authelia_session_name: authelia_session
authelia_session_redis_database_index
Default value
authelia_session_redis_database_index: 0
authelia_session_redis_host
Default value
authelia_session_redis_host: 127.0.0.1
authelia_session_redis_maximum_active_connections
Default value
authelia_session_redis_maximum_active_connections: 8
authelia_session_redis_minimum_idle_connections
Default value
authelia_session_redis_minimum_idle_connections: 0
authelia_session_redis_port
Default value
authelia_session_redis_port: 6379
authelia_session_remember_me_duration
Default value
authelia_session_remember_me_duration: 1M
authelia_session_same_site
Default value
authelia_session_same_site: lax
authelia_session_secret
Default value
authelia_session_secret: insecure_session_secret
authelia_storage_backend
Set storage backend. Available options are local|postgres
. All authelia_storage_db_
variables will only work while the PostgreSQL backend is enabled.
Default value
authelia_storage_backend: local
authelia_storage_db_host
Default value
authelia_storage_db_host: 127.0.0.1
authelia_storage_db_name
Default value
authelia_storage_db_name: authelia
authelia_storage_db_password
Default value
authelia_storage_db_password: mypassword
authelia_storage_db_port
Default value
authelia_storage_db_port: 5432
authelia_storage_db_sslmode
Default value
authelia_storage_db_sslmode: disable
authelia_storage_db_username
Default value
authelia_storage_db_username: authelia
authelia_theme
Default value
authelia_theme: light
authelia_totp_issuer
Default value
authelia_totp_issuer: "{{ authelia_portal_url | urlsplit('hostname') }}"
authelia_totp_period
Default value
authelia_totp_period: 30
authelia_totp_skew
Default value
authelia_totp_skew: 1
authelia_user
Default value
authelia_user: authelia_adm
authelia_user_home
Default value
authelia_user_home: /home/{{ authelia_user }}
authelia_version
Default value
authelia_version: 4.30.1
Dependencies
None.