You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

104 lines
2.6 KiB

9 months ago
# https://www.authelia.com/integration/openid-connect/frequently-asked-questions/#how-do-i-generate-client-secrets
1 year ago
theme: auto
jwt_secret: {{ authelia.jwt_secret }}
default_redirection_url: https://auth.{{ domain }}/
log:
level: debug
format: json
telemetry:
metrics:
enabled: true
authentication_backend:
file:
path: /config/users_database.yml
access_control:
default_policy: deny
rules:
- domain: "*.{{ domain }}"
9 months ago
# policy: one_factor
1 year ago
policy: two_factor
session:
secret: {{ authelia.session_secret }}
domain: {{ domain }}
storage:
encryption_key: {{ authelia.storage_encryption_key }}
local:
path: /config/db.sqlite3
notifier:
smtp:
username: apikey
password: {{ authelia.smtp_password }}
host: smtp.sendgrid.net
port: 25
sender: authelia@kejadlen.dev
identity_providers:
oidc:
issuer_private_key: |
{{ authelia.oidc_private_key | indent(6) }}
clients:
9 months ago
- id: grafana
description: Grafana
secret: $argon2id$v=19$m=65536,t=3,p=4$bHcAAorVdHuZzuz53WfAQA$x+pIDTo6SsGyY9JD4OZ7dT6pkEcPf8Yh6Yb7DXco8aQ
public: false
redirect_uris:
- https://grafana.{{ domain }}/login/generic_oauth
scopes:
- openid
- profile
- groups
- email
- id: tailscale
description: Tailscale
secret: $argon2id$v=19$m=65536,t=3,p=4$RivlSdV1WE/NLfd3Pzrubw$ljSvHj9sb0byolv7fk5G3nL415nS7Ze2RMASwPgfBX0
redirect_uris:
- https://login.tailscale.com/a/oauth_response
scopes:
- openid
- email
- profile
- id: gitea
description: Gitea
secret: $argon2id$v=19$m=65536,t=3,p=4$bMcI49gLNfk6ovxXbg9jFQ$qE/G5lDzkFebKopyGv1FOqkiA64HhRJ9kq+TJCR0HM0
public: false
redirect_uris:
- https://git.{{ domain }}/user/oauth2/authelia/callback
scopes:
- openid
- email
- profile
- id: miniflux
description: Miniflux
secret: $argon2id$v=19$m=65536,t=3,p=4$tK5aBDAHOmNsEZzSYS88eg$z6tkZVIzB0x6RQjCM0v34lguS454lcQd/Sm0+xRfg7w
public: false
redirect_uris:
- https://rss.{{ domain }}/oauth2/oidc/callback
scopes:
- openid
- email
- profile
- id: parseable
description: Parseable
secret: $argon2id$v=19$m=65536,t=3,p=4$glcGbEsVvimlXW08i18Mbg$5VsdS3E8897Dsb1n+BMO5SAy1a1Sq9jeCLcTADTMGtA
public: false
redirect_uris:
- https://logs.{{ domain }}/api/v1/o/code
scopes:
- openid
- email
- profile
- groups