techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity
381ca9476c
authelia/internal/suites/LDAP/configuration.yml
James Elliott a3b14871ba
perf(authentication): improve ldap dynamic replacement performance (#2239) 
This change means we only check the filters for the existence of placeholders that cannot be replaced at startup. We then utilized cached results of that lookup for subsequent replacements.
2021-08-05 14:17:07 +10:00

74 lines
1.7 KiB
YAML
Raw Blame History

---
###############################################################
# Authelia minimal configuration #
###############################################################
theme: dark
jwt_secret: very_important_secret
default_redirection_url: https://home.example.com:8080/
server:
port: 9091
tls:
certificate: /config/ssl/cert.pem
key: /config/ssl/key.pem
log:
level: debug
authentication_backend:
ldap:
url: ldaps://openldap
tls:
skip_verify: true
base_dn: dc=example,dc=com
username_attribute: uid
additional_users_dn: ou=users
users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=inetOrgPerson)) # yamllint disable-line rule:line-length
additional_groups_dn: ou=groups
groups_filter: (&(member={dn})(objectClass=groupOfNames))
group_name_attribute: cn
mail_attribute: mail
display_name_attribute: displayName
user: cn=pwmanager,dc=example,dc=com
password: password
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
local:
path: /config/db.sqlite3
totp:
issuer: example.com
access_control:
default_policy: deny
rules:
- domain: "public.example.com"
policy: bypass
- domain: "admin.example.com"
policy: two_factor
- domain: "secure.example.com"
policy: two_factor
- domain: "singlefactor.example.com"
policy: one_factor
regulation:
max_retries: 3
find_time: 300
ban_time: 900
notifier:
smtp:
host: smtp
port: 1025
sender: admin@example.com
disable_require_tls: true
...
Reference in New Issue View Git Blame Copy Permalink