1
0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
authelia/internal/suites/ActiveDirectory/configuration.yml
James Elliott d33d6c2f00
ci: add yamllint ()
This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit.
2021-04-11 06:51:00 +10:00

75 lines
1.7 KiB
YAML

---
###############################################################
# Authelia minimal configuration #
###############################################################
port: 9091
tls_cert: /config/ssl/cert.pem
tls_key: /config/ssl/key.pem
theme: grey
log_level: debug
default_redirection_url: https://home.example.com:8080/
jwt_secret: very_important_secret
authentication_backend:
ldap:
implementation: activedirectory
url: ldap://sambaldap
tls:
skip_verify: true
start_tls: true
base_dn: DC=example,DC=com
username_attribute: sAMAccountName
additional_users_dn: OU=Users
users_filter: (&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=person)(objectClass=user))
additional_groups_dn: OU=Groups
groups_filter: (&(member={dn})(objectClass=group))
group_name_attribute: cn
mail_attribute: mail
display_name_attribute: displayName
user: CN=Administrator,CN=Users,DC=example,DC=com
password: password
session:
secret: unsecure_session_secret
domain: example.com
expiration: 3600 # 1 hour
inactivity: 300 # 5 minutes
remember_me_duration: 1y
storage:
local:
path: /config/db.sqlite3
totp:
issuer: example.com
access_control:
default_policy: deny
rules:
- domain: "public.example.com"
policy: bypass
- domain: "admin.example.com"
policy: two_factor
- domain: "secure.example.com"
policy: two_factor
- domain: "singlefactor.example.com"
policy: one_factor
regulation:
max_retries: 3
find_time: 300
ban_time: 900
notifier:
smtp:
host: smtp
port: 1025
sender: admin@example.com
disable_require_tls: true
...