stacks/homelab/authelia.yaml

log:
  level: info # error, warn, [info], debug, trace
authentication_backend:
  password_reset:
    disable: true
  file:
    path: /run/secrets/users.yaml
totp:
  issuer: woozle.org
session:
  domain: woozle.org
  same_site: strict
  redis:
    host: redis
    port: 6379
    database_index: 1
storage:
  local:
    path: /srv/sys/authelia/db.sqlite3
notifier:
  filesystem:
    filename: /run/emails.txt
access_control:
  default_policy: deny
  rules:
    - domain: deergrove.woozle.org
      policy: one_factor

    - domain: drive.woozle.org
      policy: bypass
      methods:
        - HEAD
        - GET
        - PROPFIND
      resources:
        - '^/storage/public/'

    - domain: drive.woozle.org
      policy: one_factor
      subject:
        - "group:storage"
      resources: 
        - '^/incoming/'
        - '^/media/'
        - '^/storage/(README.md)?$'
        - '^/storage/(?P<User>\w+)/'
        - '^/storage/(?P<Group>\w+)/'
        - '^/storage/shared/'
        - '^/storage/public/'

    - domain: drive.woozle.org
      policy: one_factor
      methods:
        - HEAD
        - GET
        - PROPFIND
      resources: 
        - '^/(README.md)?$'
        - '^/incoming/'
        - '^/media/'
        - '^/storage/shared/'
Authelia 2023-02-06 12:14:14 -07:00			`log:`
Finesse authelia 2023-02-06 13:56:11 -07:00			`level: info # error, warn, [info], debug, trace`
Authelia 2023-02-06 12:14:14 -07:00			`authentication_backend:`
			`password_reset:`
			`disable: true`
			`file:`
			`path: /run/secrets/users.yaml`
			`totp:`
			`issuer: woozle.org`
			`session:`
			`domain: woozle.org`
			`same_site: strict`
Finesse authelia 2023-02-06 13:56:11 -07:00			`redis:`
			`host: redis`
			`port: 6379`
			`database_index: 1`
Authelia 2023-02-06 12:14:14 -07:00			`storage:`
			`local:`
			`path: /srv/sys/authelia/db.sqlite3`
			`notifier:`
			`filesystem:`
			`filename: /run/emails.txt`
Finesse authelia 2023-02-06 13:56:11 -07:00			`access_control:`
			`default_policy: deny`
			`rules:`
			`- domain: deergrove.woozle.org`
			`policy: one_factor`

			`- domain: drive.woozle.org`
			`policy: bypass`
			`methods:`
			`- HEAD`
			`- GET`
			`- PROPFIND`
			`resources:`
			`- '^/storage/public/'`

			`- domain: drive.woozle.org`
			`policy: one_factor`
			`subject:`
			`- "group:storage"`
			`resources:`
			`- '^/incoming/'`
			`- '^/media/'`
			`- '^/storage/(README.md)?$'`
			`- '^/storage/(?P<User>\w+)/'`
			`- '^/storage/(?P<Group>\w+)/'`
			`- '^/storage/shared/'`
			`- '^/storage/public/'`

			`- domain: drive.woozle.org`
			`policy: one_factor`
			`methods:`
			`- HEAD`
			`- GET`
			`- PROPFIND`
			`resources:`
			`- '^/(README.md)?$'`
			`- '^/incoming/'`
			`- '^/media/'`
			`- '^/storage/shared/'`