authelia/docs/configuration/storage/mysql.md
James Elliott 347bd1be77
feat(storage): encrypted secret values (#2588)
This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330.

Closes #682
2021-11-25 12:56:58 +11:00

2.0 KiB

layout title parent grand_parent nav_order
default MySQL Storage Backends Configuration 2

MySQL

The MySQL storage provider.

Configuration

storage:
  encryption_key: a_very_important_secret
  mysql:
    host: 127.0.0.1
    port: 3306
    database: authelia
    username: authelia
    password: mypassword
    timeout: 5s

Options

encryption_key

See the encryption_key docs.

host

type: string {: .label .label-config .label-purple } default: localhost {: .label .label-config .label-blue } required: no {: .label .label-config .label-green }

The database server host.

If utilising an IPv6 literal address it must be enclosed by square brackets and quoted:

host: "[fd00:1111:2222:3333::1]"

port

type: integer {: .label .label-config .label-purple } default: 3306 {: .label .label-config .label-blue } required: no {: .label .label-config .label-green }

The port the database server is listening on.

database

type: string {: .label .label-config .label-purple } required: yes {: .label .label-config .label-red }

The database name on the database server that the assigned user has access to for the purpose of Authelia.

username

type: string {: .label .label-config .label-purple } required: yes {: .label .label-config .label-red }

The username paired with the password used to connect to the database.

password

type: string {: .label .label-config .label-purple } required: yes {: .label .label-config .label-red }

The password paired with the username used to connect to the database. Can also be defined using a secret which is also the recommended way when running as a container.

timeout

type: duration {: .label .label-config .label-purple } default: 5s {: .label .label-config .label-blue } required: no {: .label .label-config .label-green }

The SQL connection timeout.