You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

131 lines
3.5 KiB

11 months ago
# https://www.authelia.com/integration/openid-connect/frequently-asked-questions/#how-do-i-generate-client-secrets
1 year ago
theme: auto
log:
level: debug
format: json
telemetry:
metrics:
enabled: true
authentication_backend:
file:
path: /config/users_database.yml
access_control:
default_policy: deny
rules:
- domain: "*.chislan.family"
1 year ago
policy: two_factor
subject:
- group:family
- domain: "*.kejadlen.dev"
policy: two_factor
subject:
- user:alpha
1 year ago
9 months ago
identity_validation:
reset_password:
jwt_secret: {{ authelia.jwt_secret }}
1 year ago
session:
secret: {{ authelia.session_secret }}
9 months ago
cookies:
- domain: {{ domain }}
authelia_url: https://auth.{{ domain }}
# default_redirection_url: https://www.{{ domain }}
- domain: chislan.family
authelia_url: https://auth.chislan.family
1 year ago
storage:
encryption_key: {{ authelia.storage_encryption_key }}
local:
path: /config/db.sqlite3
notifier:
smtp:
username: apikey
password: {{ authelia.smtp_password }}
9 months ago
address: smtp://smtp.sendgrid.net:25
1 year ago
sender: authelia@kejadlen.dev
identity_providers:
oidc:
9 months ago
jwks:
- key: |
{{ authelia.oidc_private_key | indent(10) }}
11 months ago
clients:
3 months ago
# https://www.authelia.com/reference/guides/generating-secure-values/#generating-a-random-password-hash
9 months ago
- client_id: grafana
client_name: Grafana
client_secret: $argon2id$v=19$m=65536,t=3,p=4$bHcAAorVdHuZzuz53WfAQA$x+pIDTo6SsGyY9JD4OZ7dT6pkEcPf8Yh6Yb7DXco8aQ
11 months ago
public: false
redirect_uris:
- https://grafana.{{ domain }}/login/generic_oauth
scopes:
- openid
- profile
- groups
- email
9 months ago
- client_id: tailscale
client_name: Tailscale
client_secret: $argon2id$v=19$m=65536,t=3,p=4$RivlSdV1WE/NLfd3Pzrubw$ljSvHj9sb0byolv7fk5G3nL415nS7Ze2RMASwPgfBX0
11 months ago
redirect_uris:
- https://login.tailscale.com/a/oauth_response
scopes:
- openid
- email
- profile
9 months ago
- client_id: gitea
client_name: Gitea
client_secret: $argon2id$v=19$m=65536,t=3,p=4$bMcI49gLNfk6ovxXbg9jFQ$qE/G5lDzkFebKopyGv1FOqkiA64HhRJ9kq+TJCR0HM0
11 months ago
public: false
redirect_uris:
- https://git.{{ domain }}/user/oauth2/authelia/callback
scopes:
- openid
- email
- profile
9 months ago
- client_id: miniflux
client_name: Miniflux
client_secret: $argon2id$v=19$m=65536,t=3,p=4$tK5aBDAHOmNsEZzSYS88eg$z6tkZVIzB0x6RQjCM0v34lguS454lcQd/Sm0+xRfg7w
11 months ago
public: false
redirect_uris:
- https://rss.{{ domain }}/oauth2/oidc/callback
scopes:
- openid
- email
- profile
3 months ago
- client_id: gotosocial
client_name: GoToSocial
client_secret: $argon2id$v=19$m=65536,t=3,p=4$4fkP2O3FYs26yKH/3WLuvQ$JHkaAA+b752/v7rtyhEzGwGutpSZR+7PSmz8psFb8BM
public: false
redirect_uris:
- https://hey.kejadlen.dev/auth/callback
scopes:
- openid
- email
- profile
- groups
2 months ago
# https://linkding.link/options/#ld_enable_oidc
- client_id: linkding
client_name: linkding
client_secret: $argon2id$v=19$m=65536,t=3,p=4$dEQme8tnUUYArRvqSMEoUQ$nNygQmREKhzqf0OBLz0AY1th7mV0PZ1DS6M2GBdU+cE
public: false
token_endpoint_auth_method: client_secret_post
redirect_uris:
- https://links.kejadlen.dev/oidc/callback/
scopes:
- openid
- email
- profile