authelia/docs/configuration/miscellaneous.md
James Elliott b9fb33d806
[FEATURE] File Secrets (#896)
* [FEATURE] File Secret Loading

* add a validator for secrets
* run the secrets validator before the main config validator
* only allow a secret to be defined in one of: config, env, file env
* remove LF if found in file
* update configuration before main config validation
* fix unit tests
* implement secret testing
* refactor the secrets validator
* make check os agnostic
* update docs
* add warning when user attempts to use ENV instead of ENV file
* discourage ENV in docs
* update config template
* oxford comma
* apply suggestions from code review
* rename Validate to ValidateConfiguration
* add k8s example
* add deprecation notice in docs and warning
* style changes
2020-04-23 11:11:32 +10:00

2.0 KiB

layout title parent nav_order
default Miscellaneous Configuration 5

Miscellaneous

Here are the main customizable options in Authelia.

Host & Port

optional: true

Defines the address and port to listen on.

host: 0.0.0.0
port: 9091

TLS

optional: true

Authelia can use TLS. Provide the certificate and the key with the following configuration options:

tls_key: /var/lib/authelia/ssl/key.pem
tls_cert: /var/lib/authelia/ssl/cert.pem

Log

Log level

optional: true

Defines the level of logs used by Authelia. This level can be set to trace, debug or info. When setting log_level to trace, you will generate a large amount of log entries and expose the /debug/vars and /debug/pprof/ endpoints which should not be enabled in production.

log_level: debug

Log file path

optional: true

Logs can be stored in a file when file path is provided. Otherwise logs are written to standard output.

log_file_path: /var/log/authelia.log

JWT Secret

optional: false

Defines the secret used to craft JWT tokens leveraged by the identity verification process. This can also be defined using a secret.

jwt_secret: v3ry_important_s3cr3t

Default redirection URL

optional: true

The default redirection URL is the URL where users are redirected when Authelia cannot detect the target URL where the user was heading.

In a normal authentication workflow, a user tries to access a website and she gets redirected to the sign-in portal in order to authenticate. Since the user initially targeted a website, the portal knows where the user was heading and can redirect her after the authentication process. However, when a user visits the sign in portal directly, the portal considers the targeted website is the portal. In that case and if the default redirection URL is configured, the user is redirected to that URL. If not defined, the user is not redirected after authentication.