k3s-ansible/roles/swag/install-app/templates/authelia-configuration.yml

server:
  host: 0.0.0.0
  port: 9091
  read_buffer_size: 4096
  write_buffer_size: 4096
  path: "authelia"
log:
  level: debug
totp:
  issuer: authelia.com
jwt_secret: TPeotFcS9PUTaT7uEU5uf84ZNa7Pqf94twnsJ6d5S5qjarGkLW
default_redirection_url: https://lino.cooking
duo_api:
  hostname: api-229a51d0.duosecurity.com
  integration_key: DI4O44JGTM27HCNR50BA
  secret_key: wvOMDSrKcxpaj5Z9NjBgltltl0FoA4SH70HfsYkj
authentication_backend:
  disable_reset_password: false
  file:
    path: /config/users_database.yml
    password:
      algorithm: argon2id
      iterations: 1
      key_length: 32
      salt_length: 16
      memory: 512
      parallelism: 8
access_control:
  default_policy: deny
  rules:
    - domain:
      - lino.cooking
      - "*.lino.cooking"
      policy: two_factor
session:
  name: authelia_session
  secret: 827zfF6B9@foFGYh^qt7kz374uvGBE5#L&45**%fUPyR3Big@J
  expiration: 1h
  inactivity: 5m
  remember_me_duration: 1M
  domain: lino.cooking
regulation:
  max_retries: 3
  find_time: 2m
  ban_time: 5m
storage:
  local:
    path: /config/db.sqlite3
  encryption_key: FY3hn3RYRB#U%9YPWxmcqHkRW&Nvr&eJ2fJ39t!4a4zSjMd$Nj
notifier:
  disable_startup_check: false
  smtp:
    username: okulto@gmail.com
    password: tcqmoqyeoknwqcqj
    host: smtp.gmail.com
    port: 587
    sender: okulto@gmail.com
    subject: "[Authelia] {title}"
identity_providers:
  oidc:
    hmac_secret: UBg46dwV2PifY5CJZSeNicyo4oRKnz9A7wZ6fW7zTuxV5Vrve3
    issuer_private_key: |
      -----BEGIN RSA PRIVATE KEY----- 
      MIIEogIBAAKCAQEAs1Hi3NZXo4VXV+zkQou6zSXa2FV5eHCn12Ndo3winp3UZUZ6fQV9+yeL6Q4FcLhVlQnoL5R97vxttKBbtdzj9cfJ9puGfPD/JwFVGntVmVZiikz3kRoAJyeX2pnbII9BQ7fa5Rr5FaSW8fxXeB4LIfnobPVYkNneodZV8J33OSdEQ4LUwlV8N/ErD3XwOrbMHM+RHm+ddY3B6Cg8NLFyIS2UpvRa2fUqzVbyQDEoHwWMuVvhGVZKnu3okXowHZGP+XQ00gv+X3o1vaMX9ZTCFFryT/xf2uw/TXkxJxzgL/YwT3FdfDKc6L8efb7dBeto6rBZBTl8ZaJyI9qiC86fcwIDAQABAoIBAFJY+GWRyQ0+3q1yDCDDKjWrfKR8HBxDH9C5wPaiuwM8V51qkDV5oDEGKCoOVlE9VY/rzMSM3IgzQ+3+9h6+IbFs3kJxiYE26vVulzZiDR0tnnMEhWwNFKTmecXZgdeh8ca3V75+dISL4QWfbEutAE/KBAKFaPacFrEbTLwCztVffhJKYrxya9suynS7P0W74d3u4kkkWlahlewefzKFyzJ94YaUR/GqDGyEwW7/EYg2qPZkhQNYtHTd4aamT3CpNG3IXJARbIG5S+XMTSfCRXT6mYVltAtsI4Wet36LkHhPbJqjSjM86N0Kw9ixmO/HkyCr8moZ9YdvMeRj4SpZugECgYEA23BrH8is5MwJYC2Mqyhnybzl2jeRm0oStXTFLEgjfcFZEqdAe+GOd+K5LDQ18uHRwhjADDTpe8wKO92YzRtz9ybrbZe/ZXZbmnk+0BNyJOqgqE+IVhODzfP8T5gB8H1pJLKnTvTgg7SJar9hMRD/zCTZmRy6FH9lKgrANk23ZlECgYEA0TJKBTb+q7hwHVPppOBEDoo7pLuIGeS+lRzKiVCLQITFgLxrwG8Pv6dfuv2vziatLkarYsaAv3cjuKQGfVoY7STDwbZNK7u/5xTS5zgnZqmF53eLo49ViL5RN95JwykX0sYp9u2bFH3xpUmvC1l+B2dCPZxzKQKkxdJrWhCcBIMCgYANnGZ4nTjkJCe8uHaOMz5ky/ux0lqMuEZ6zNhiC8NvzGta9dbRGEd+9igoLsDd5NXe5SwcVbfZvukvl2of5sEFpntZ29y6TWIXLcgQnfQpiAgZCH3bYPB++NBAm5wbL5wy84XfJt86LBuN7Hr50SUco3h/v8Fm/hPnTK1pcN6cUQKBgC5ygvrLbhoEdmgclHi2DoZH7NwzgxF0t1f2L4XzayelExD1RNtSDWYZLGkhIGKeNb9bk3v35Ogd9MFvMb2tPnGQwyIEbvfx1Lbi6bzKu/zQUNnGsitbjLsyvmewJCJ/wjlbJEAeG1ueZwOy63mSoifUpmF1liAZ5SnDAXDa1TkvAoGALMDbvRZVtaYwgUig0GQJttFCKzIJg253/7msMGs/hppLtNy+UYU/eOElMht4dV6mW/8vW6dwvz/Hnn1J49+6eXJqTRe6hOYK7f8VtfWxtDqbzDgAu9dWWuK3Fwep/CKH+E/MMK+pYQr4Zx85/fWz+g28nuhpZ1gm1qkSzP+3FFU=
      -----END RSA PRIVATE KEY-----
    access_token_lifespan: 24h
    authorize_code_lifespan: 1m
    id_token_lifespan: 1h
    refresh_token_lifespan: 90m
    enable_client_debug_messages: false
    clients:
      - id: outline-766Wu4kcFgB4CWhXWH2CF6pim5dYHB6MCVqPDGVPoPDvsvW8dL
        description: Outline
        secret: 766Wu4kcFgB4CWhXWH2CF6pim5dYHB6MCVqPDGVPoPDvsvW8dL
        public: false
        authorization_policy: two_factor
        audience: []
        scopes:
          - openid
          - groups
          - email
          - profile
        redirect_uris:
          - https://outline.lino.cooking/auth/oidc.callback
        grant_types:
          - refresh_token
          - authorization_code
        response_types:
          - code
        response_modes:
          - form_post
          - query
          - fragment
        userinfo_signing_algorithm: none
      - id: portainer-rivfjn52DnrP3uoR4X6f2UKaMxnueB66MiooZWjDSswe7mZA4K
        description: Portainer
        secret: Xc4W3JFyfQ3FyJ3b9nouoSE8z8Se8pkr4QgdM8xRagH33p33xv
        public: false
        authorization_policy: two_factor
        scopes:
          - openid
          - groups
          - email
          - profile
        redirect_uris:
          - https://portainer.lino.cooking
        userinfo_signing_algorithm: none
      - id: gitea-BnXBBQdFvtyi2AYZfvt5ettMkmysWveLixB8fBeS7UrMoXcQfQ
        description: Gitea
        secret: BbAL8REu3nfqk2XSiDoJUZrVvdCSeVU5CHi8kE7DCcE5NxF87b
        public: false
        authorization_policy: two_factor
        scopes:
          - openid
          - email
          - profile
        redirect_uris:
          - https://gitea.lino.cooking/user/oauth2/authelia/callback
        userinfo_signing_algorithm: none
      - id: immich-Q7jwnUyPz2gAG4iJRHPw7PX2xfz7utrLWn2dUpjhs4sKMP6Tzv
        description: Immich
        secret: 7Rd6Vra3BpgLXR2xqtj7EUeiRvngNbBeY3yisaCHg5zzUBXRkh
        public: false
        authorization_policy: two_factor
        scopes:
          - openid
          - email
          - profile
        redirect_uris:
          - app.immich:/
          - https://immich.lino.cooking/auth/login
          - https://immich.lino.cooking/user-settings
        userinfo_signing_algorithm: none