15 KiB
title | type |
---|---|
authelia | docs |
Setup Authelia authentication and authorization server.
- Default Variables
- authelia_access_control_default_policy
- authelia_access_control_networks
- authelia_access_control_rules
- authelia_auth_backend
- authelia_auth_backend_disable_reset_password
- authelia_auth_ldap_additional_groups_dn
- authelia_auth_ldap_additional_users_dn
- authelia_auth_ldap_base_dn
- authelia_auth_ldap_bind_password
- authelia_auth_ldap_bind_user
- authelia_auth_ldap_display_name_attribute
- authelia_auth_ldap_group_name_attribute
- authelia_auth_ldap_groups_filter
- authelia_auth_ldap_mail_attribute
- authelia_auth_ldap_start_tls
- authelia_auth_ldap_tls_minimum_version
- authelia_auth_ldap_tls_skip_verify
- authelia_auth_ldap_url
- authelia_auth_ldap_username_attribute
- authelia_auth_ldap_users_filter
- authelia_auth_local_users
- authelia_base_dir
- authelia_bind_ip
- authelia_bind_port
- authelia_config_dir
- authelia_data_dir
- authelia_default_redirection_url
- authelia_extra_groups
- authelia_group
- authelia_jwt_secret
- authelia_log_level
- authelia_notifier_backend
- authelia_notifier_disable_startup_check
- authelia_notifier_smtp_disable_html_emails
- authelia_notifier_smtp_disable_require_tls
- authelia_notifier_smtp_host
- authelia_notifier_smtp_identifier
- authelia_notifier_smtp_password
- authelia_notifier_smtp_port
- authelia_notifier_smtp_sender
- authelia_notifier_smtp_startup_check_address
- authelia_notifier_smtp_subject
- authelia_notifier_smtp_tls_minimum_version
- authelia_notifier_smtp_tls_skip_verify
- authelia_notifier_smtp_username
- authelia_packages
- authelia_portal_url
- authelia_read_only_dirs
- authelia_regulation_ban_time
- authelia_regulation_find_time
- authelia_regulation_max_retries
- authelia_session_backend
- authelia_session_domain
- authelia_session_expiration
- authelia_session_inactivity
- authelia_session_name
- authelia_session_redis_database_index
- authelia_session_redis_host
- authelia_session_redis_maximum_active_connections
- authelia_session_redis_minimum_idle_connections
- authelia_session_redis_port
- authelia_session_remember_me_duration
- authelia_session_same_site
- authelia_session_secret
- authelia_storage_backend
- authelia_storage_db_host
- authelia_storage_db_name
- authelia_storage_db_password
- authelia_storage_db_port
- authelia_storage_db_sslmode
- authelia_storage_db_username
- authelia_storage_encryption_key
- authelia_theme
- authelia_totp_issuer
- authelia_totp_period
- authelia_totp_skew
- authelia_user
- authelia_user_home
- authelia_version
- Dependencies
Default Variables
authelia_access_control_default_policy
Default value
authelia_access_control_default_policy: one_factor
authelia_access_control_networks
Default value
authelia_access_control_networks: []
authelia_access_control_rules
Default value
authelia_access_control_rules: []
authelia_auth_backend
Set authentication backend. Available options are local|ldap
. All authelia_auth_ldap_
variables will only work while the LDAP auth backend is enabled.
Default value
authelia_auth_backend: local
authelia_auth_backend_disable_reset_password
Default value
authelia_auth_backend_disable_reset_password: false
authelia_auth_ldap_additional_groups_dn
Default value
authelia_auth_ldap_additional_groups_dn: ou=groups
authelia_auth_ldap_additional_users_dn
Default value
authelia_auth_ldap_additional_users_dn: ou=users
authelia_auth_ldap_base_dn
Default value
authelia_auth_ldap_base_dn: dc=example,dc=com
authelia_auth_ldap_bind_password
Default value
authelia_auth_ldap_bind_password: password
authelia_auth_ldap_bind_user
Default value
authelia_auth_ldap_bind_user: cn=admin,dc=example,dc=com
authelia_auth_ldap_display_name_attribute
Default value
authelia_auth_ldap_display_name_attribute: displayname
authelia_auth_ldap_group_name_attribute
Default value
authelia_auth_ldap_group_name_attribute: cn
authelia_auth_ldap_groups_filter
Default value
authelia_auth_ldap_groups_filter: (&(member={dn})(objectclass=groupOfNames))
authelia_auth_ldap_mail_attribute
Default value
authelia_auth_ldap_mail_attribute: mail
authelia_auth_ldap_start_tls
Default value
authelia_auth_ldap_start_tls: false
authelia_auth_ldap_tls_minimum_version
Default value
authelia_auth_ldap_tls_minimum_version: TLS1.2
authelia_auth_ldap_tls_skip_verify
Default value
authelia_auth_ldap_tls_skip_verify: false
authelia_auth_ldap_url
Default value
authelia_auth_ldap_url: ldap://127.0.0.1
authelia_auth_ldap_username_attribute
Default value
authelia_auth_ldap_username_attribute: uid
authelia_auth_ldap_users_filter
Default value
authelia_auth_ldap_users_filter: (&({username_attribute}={input})(objectClass=person))
authelia_auth_local_users
Default value
authelia_auth_local_users: []
authelia_base_dir
Default value
authelia_base_dir: /opt/authelia
authelia_bind_ip
Default value
authelia_bind_ip: 127.0.0.1
authelia_bind_port
Default value
authelia_bind_port: 61000
authelia_config_dir
Default value
authelia_config_dir: '{{ authelia_base_dir }}/conf'
authelia_data_dir
Default value
authelia_data_dir: '{{ authelia_base_dir }}/data'
authelia_default_redirection_url
Specifies the default redirection URL Authelia will use in case a referer is missing.
Default value
authelia_default_redirection_url: _unset_
Example usage
authelia_default_redirection_url: https://github.com
authelia_extra_groups
Default value
authelia_extra_groups: []
authelia_group
Default value
authelia_group: '{{ authelia_user }}'
authelia_jwt_secret
Default value
authelia_jwt_secret: a_very_important_secret
authelia_log_level
Default value
authelia_log_level: error
authelia_notifier_backend
Set notifier backend. Available options are local|smtp
. All authelia_notifier_smtp_
variables will only work while the SMTP backend is enabled.
Default value
authelia_notifier_backend: local
authelia_notifier_disable_startup_check
Default value
authelia_notifier_disable_startup_check: false
authelia_notifier_smtp_disable_html_emails
Default value
authelia_notifier_smtp_disable_html_emails: false
authelia_notifier_smtp_disable_require_tls
Default value
authelia_notifier_smtp_disable_require_tls: false
authelia_notifier_smtp_host
Default value
authelia_notifier_smtp_host: 127.0.0.1
authelia_notifier_smtp_identifier
Default value
authelia_notifier_smtp_identifier: localhost
authelia_notifier_smtp_password
Default value
authelia_notifier_smtp_password: password
authelia_notifier_smtp_port
Default value
authelia_notifier_smtp_port: 1025
authelia_notifier_smtp_sender
Default value
authelia_notifier_smtp_sender: admin@example.com
authelia_notifier_smtp_startup_check_address
Default value
authelia_notifier_smtp_startup_check_address: test@authelia.com
authelia_notifier_smtp_subject
Default value
authelia_notifier_smtp_subject: '[Authelia] {title}'
authelia_notifier_smtp_tls_minimum_version
Default value
authelia_notifier_smtp_tls_minimum_version: TLS1.2
authelia_notifier_smtp_tls_skip_verify
Default value
authelia_notifier_smtp_tls_skip_verify: false
authelia_notifier_smtp_username
Default value
authelia_notifier_smtp_username: test
authelia_packages
Default value
authelia_packages: []
authelia_portal_url
Default value
authelia_portal_url: http://localhost:61000/
authelia_read_only_dirs
Default value
authelia_read_only_dirs: []
authelia_regulation_ban_time
Default value
authelia_regulation_ban_time: 5m
authelia_regulation_find_time
Default value
authelia_regulation_find_time: 2m
authelia_regulation_max_retries
Default value
authelia_regulation_max_retries: 3
authelia_session_backend
Set session backend. Available options are local|redis
. All authelia_session_redis_
variables will only work while the Redis backend is enabled.
Default value
authelia_session_backend: local
authelia_session_domain
Default value
authelia_session_domain: example.com
authelia_session_expiration
Default value
authelia_session_expiration: 1h
authelia_session_inactivity
Default value
authelia_session_inactivity: 5m
authelia_session_name
Default value
authelia_session_name: authelia_session
authelia_session_redis_database_index
Default value
authelia_session_redis_database_index: 0
authelia_session_redis_host
Default value
authelia_session_redis_host: 127.0.0.1
authelia_session_redis_maximum_active_connections
Default value
authelia_session_redis_maximum_active_connections: 8
authelia_session_redis_minimum_idle_connections
Default value
authelia_session_redis_minimum_idle_connections: 0
authelia_session_redis_port
Default value
authelia_session_redis_port: 6379
authelia_session_remember_me_duration
Default value
authelia_session_remember_me_duration: 1M
authelia_session_same_site
Default value
authelia_session_same_site: lax
authelia_session_secret
Default value
authelia_session_secret: insecure_session_secret
authelia_storage_backend
Set storage backend. Available options are local|postgres
. All authelia_storage_db_
variables will only work while the PostgreSQL backend is enabled.
Default value
authelia_storage_backend: local
authelia_storage_db_host
Default value
authelia_storage_db_host: 127.0.0.1
authelia_storage_db_name
Default value
authelia_storage_db_name: authelia
authelia_storage_db_password
Default value
authelia_storage_db_password: mypassword
authelia_storage_db_port
Default value
authelia_storage_db_port: 5432
authelia_storage_db_sslmode
Default value
authelia_storage_db_sslmode: disable
authelia_storage_db_username
Default value
authelia_storage_db_username: authelia
authelia_storage_encryption_key
The encryption key used to encrypt data in the database. The minimum length of this key is 20 characters, however we generally recommend above 64 characters. For security reasons, it's highly recommended to create a unique key.
Default value
authelia_storage_encryption_key: bp33fh3cTswzdMndXrrVMrLd
authelia_theme
Default value
authelia_theme: light
authelia_totp_issuer
Default value
authelia_totp_issuer: "{{ authelia_portal_url | urlsplit('hostname') }}"
authelia_totp_period
Default value
authelia_totp_period: 30
authelia_totp_skew
Default value
authelia_totp_skew: 1
authelia_user
Default value
authelia_user: authelia_adm
authelia_user_home
Default value
authelia_user_home: /home/{{ authelia_user }}
authelia_version
Default value
authelia_version: 4.33.1
Dependencies
None.