mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
[MISC] Update Golang and QEMU to v1.14.0 and v4.2.0-6 respectively (#685)
* [MISC] Update Golang and QEMU to v1.14.0 and v4.2.0-6 respectively * Argon2id memory in MB for Config Template * Doc Fix Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
This commit is contained in:
parent
26369fff3d
commit
cc25b565c7
|
@ -1,7 +1,7 @@
|
|||
# =======================================
|
||||
# ===== Build image for the backend =====
|
||||
# =======================================
|
||||
FROM golang:1.13.6-alpine AS builder-backend
|
||||
FROM golang:1.14.0-alpine AS builder-backend
|
||||
|
||||
ARG BUILD_TAG
|
||||
ARG BUILD_COMMIT
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# =======================================
|
||||
# ===== Build image for the backend =====
|
||||
# =======================================
|
||||
FROM golang:1.13-alpine AS builder-backend
|
||||
FROM golang:1.14.0-alpine AS builder-backend
|
||||
|
||||
ARG BUILD_TAG
|
||||
ARG BUILD_COMMIT
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
# =======================================
|
||||
# ===== Build image for the backend =====
|
||||
# =======================================
|
||||
FROM golang:1.13-alpine AS builder-backend
|
||||
FROM golang:1.14.0-alpine AS builder-backend
|
||||
|
||||
ARG BUILD_TAG
|
||||
ARG BUILD_COMMIT
|
||||
|
|
|
@ -44,7 +44,7 @@ func dockerBuildOfficialImage(arch string) error {
|
|||
// Set default Architecture Dockerfile to amd64
|
||||
dockerfile := "Dockerfile"
|
||||
// Set version of QEMU
|
||||
qemuversion := "v4.2.0-4"
|
||||
qemuversion := "v4.2.0-6"
|
||||
|
||||
// If not the default value
|
||||
if arch != defaultArch {
|
||||
|
|
|
@ -110,7 +110,7 @@ authentication_backend:
|
|||
## iterations: 1
|
||||
## key_length: 32
|
||||
## salt_length: 16
|
||||
## memory: 1048576
|
||||
## memory: 1024
|
||||
## parallelism: 8
|
||||
# Access Control
|
||||
#
|
||||
|
|
|
@ -28,45 +28,44 @@ file in the configuration file.
|
|||
|
||||
### Password hashing configuration settings
|
||||
|
||||
#### algorithm
|
||||
#### algorithm
|
||||
- Value Type: String
|
||||
- Possible Value: `argon2id` and `sha512`
|
||||
- Recommended: `argon2id`
|
||||
- What it Does: Changes the hashing algorithm
|
||||
|
||||
#### iterations
|
||||
#### iterations
|
||||
- Value Type: Int
|
||||
- Possible Value: `1` or higher for argon2id and `1000` or higher for sha512
|
||||
(will automatically be set to `1000` on lower settings)
|
||||
- Recommended: `1` for the `argon2id` algorithm and `50000` for `sha512`
|
||||
- What it Does: Adjusts the number of times we run the password through the hashing algorithm
|
||||
|
||||
#### key_length
|
||||
#### key_length
|
||||
- Value Type: Int
|
||||
- Possible Value: `16` or higher.
|
||||
- Recommended: `32` or higher.
|
||||
- What it Does: Adjusts the length of the actual hash
|
||||
|
||||
#### salt_length
|
||||
#### salt_length
|
||||
- Value Type: Int
|
||||
- Possible Value: between `2` and `16`
|
||||
- Recommended: `16`
|
||||
- What it Does: Adjusts the length of the random salt we add to the password, there
|
||||
is no reason not to set this to 16
|
||||
|
||||
#### parallelism
|
||||
#### parallelism
|
||||
- Value Type: Int
|
||||
- Possible Value: `1` or higher
|
||||
- Recommended: `8` or twice your CPU cores
|
||||
- What it Does: Sets the number of threads used for hashing
|
||||
|
||||
#### memory
|
||||
#### memory
|
||||
- Value Type: Int
|
||||
- Possible Value: at least `8` times the value of `parallelism`
|
||||
- Recommended: `1024` (1GB) or as much RAM as you can afford to give to hashing
|
||||
- What it Does: Sets the amount of RAM used in MB for hashing
|
||||
|
||||
|
||||
#### Examples for specific systems
|
||||
|
||||
These examples have been tested against a single system to make sure they roughly take
|
||||
|
@ -113,6 +112,7 @@ The format of the users file is as follows.
|
|||
This file should be set with read/write permissions as it could be updated by users
|
||||
resetting their passwords.
|
||||
|
||||
|
||||
## Passwords
|
||||
|
||||
The file contains hashed passwords instead of plain text passwords for security reasons.
|
||||
|
@ -163,23 +163,23 @@ brute-forced.
|
|||
Hashes are identifiable as argon2id or SHA512 by their prefix of either `$argon2id$` and `$6$`
|
||||
respectively, as described in this [wiki page](https://en.wikipedia.org/wiki/Crypt_(C)).
|
||||
|
||||
### Password hash algorithm tuning
|
||||
### Password hash algorithm tuning
|
||||
|
||||
All algorithm tuning is supported for Argon2id. The only configuration variables that affect
|
||||
SHA512 are iterations and salt length. The configuration variables are unique to the file
|
||||
authentication provider, thus they all exist in a key under the file authentication configuration
|
||||
key called `password_hashing`. We have set what are considered as sane and recommended defaults
|
||||
to cater for a reasonable system, if you're unsure about which settings to tune, please see the
|
||||
parameters above, or for a more in depth understanding see the referenced documentation.
|
||||
All algorithm tuning is supported for Argon2id. The only configuration variables that affect
|
||||
SHA512 are iterations and salt length. The configuration variables are unique to the file
|
||||
authentication provider, thus they all exist in a key under the file authentication configuration
|
||||
key called `password_hashing`. We have set what are considered as sane and recommended defaults
|
||||
to cater for a reasonable system, if you're unsure about which settings to tune, please see the
|
||||
parameters above, or for a more in depth understanding see the referenced documentation.
|
||||
|
||||
#### Argon2 Links
|
||||
[How to choose the right parameters for Argon2]
|
||||
#### Argon2 Links
|
||||
[How to choose the right parameters for Argon2]
|
||||
|
||||
[How to choose the right parameters for Argon2](https://www.twelve21.io/how-to-choose-the-right-parameters-for-argon2/)
|
||||
[How to choose the right parameters for Argon2](https://www.twelve21.io/how-to-choose-the-right-parameters-for-argon2/)
|
||||
|
||||
[Go Documentation](https://godoc.org/golang.org/x/crypto/argon2)
|
||||
[Go Documentation](https://godoc.org/golang.org/x/crypto/argon2)
|
||||
|
||||
[IETF Draft](https://tools.ietf.org/id/draft-irtf-cfrg-argon2-09.html)
|
||||
[IETF Draft](https://tools.ietf.org/id/draft-irtf-cfrg-argon2-09.html)
|
||||
|
||||
|
||||
[How to choose the right parameters for Argon2]: https://www.twelve21.io/how-to-choose-the-right-parameters-for-argon2/
|
|
@ -1,4 +1,4 @@
|
|||
FROM golang:1.13-alpine
|
||||
FROM golang:1.14.0-alpine
|
||||
|
||||
ARG USER_ID
|
||||
ARG GROUP_ID
|
||||
|
|
Loading…
Reference in New Issue
Block a user