ff7f9a50ab
* [FEATURE] Docker simplification and configuration generation The Authelia binary now will attempt to generate configuration based on the latest template assuming that the config location specified on startup does not exist. If a file based backend is selected and the backend cannot be found similarly it will generate a `user_database.yml` based a template. This will allow more seamless bootstrapping of an environment no matter the deployment method. We have also squashed the Docker volume requirement down to just `/config` thus removing the requirement for `/var/lib/authelia` this is primarily in attempts to simplify the Docker deployment. Users with the old volume mappings have two options: 1. Change their mappings to conform to `/config` 2. Change the container entrypoint from `authelia --config /config/configuration.yml` to their old mapping * Adjust paths relative to `/etc/authelia` and simplify to single volume for compose * Add generation for file backend based user database * Refactor Docker volumes and paths to /config * Refactor Docker WORKDIR to /app * Fix integration tests * Update BREAKING.md for v4.20.0 * Run go mod tidy * Fix log_file_path in miscellaneous.md docs * Generate config and userdb with 0600 permissions * Fix log_file_path in config.template.yml
1.9 KiB
| layout | title | parent | nav_order |
|---|---|---|---|
| default | Miscellaneous | Configuration | 3 |
Miscellaneous
Here are the main customizable options in Authelia.
Host & Port
optional: true
Defines the address and port to listen on.
host: 0.0.0.0
port: 9091
TLS
optional: true
Authelia can use TLS. Provide the certificate and the key with the following configuration options:
tls_key: /config/ssl/key.pem
tls_cert: /config/ssl/cert.pem
Log
Log level
optional: true
Defines the level of logs used by Authelia. This level can be set to
trace, debug or info. When setting log_level to trace, you will
generate a large amount of log entries and expose the /debug/vars and
/debug/pprof/ endpoints which should not be enabled in production.
log_level: debug
Log file path
optional: true
Logs can be stored in a file when file path is provided. Otherwise logs are written to standard output.
log_file_path: /config/authelia.log
JWT Secret
optional: false
Defines the secret used to craft JWT tokens leveraged by the identity verification process. This can also be defined using a secret.
jwt_secret: v3ry_important_s3cr3t
Default redirection URL
optional: true
The default redirection URL is the URL where users are redirected when Authelia cannot detect the target URL where the user was heading.
In a normal authentication workflow, a user tries to access a website and she gets redirected to the sign-in portal in order to authenticate. Since the user initially targeted a website, the portal knows where the user was heading and can redirect her after the authentication process. However, when a user visits the sign in portal directly, the portal considers the targeted website is the portal. In that case and if the default redirection URL is configured, the user is redirected to that URL. If not defined, the user is not redirected after authentication.