stacks/homelab/authelia.yaml

63 lines
1.2 KiB
YAML
Raw Normal View History

2023-02-06 12:14:14 -07:00
log:
2023-02-06 13:56:11 -07:00
level: info # error, warn, [info], debug, trace
2023-02-06 12:14:14 -07:00
authentication_backend:
password_reset:
disable: true
file:
path: /run/secrets/users.yaml
totp:
issuer: woozle.org
session:
domain: woozle.org
same_site: strict
2023-02-06 13:56:11 -07:00
redis:
host: redis
port: 6379
database_index: 1
2023-02-06 12:14:14 -07:00
storage:
local:
path: /srv/sys/authelia/db.sqlite3
notifier:
filesystem:
filename: /run/emails.txt
2023-02-06 13:56:11 -07:00
access_control:
default_policy: deny
rules:
- domain: deergrove.woozle.org
policy: one_factor
- domain: drive.woozle.org
policy: bypass
methods:
- HEAD
- GET
- PROPFIND
resources:
- '^/storage/public/'
- domain: drive.woozle.org
policy: one_factor
subject:
- "group:storage"
resources:
- '^/incoming/'
- '^/media/'
- '^/storage/(README.md)?$'
- '^/storage/(?P<User>\w+)/'
- '^/storage/(?P<Group>\w+)/'
- '^/storage/shared/'
- '^/storage/public/'
- domain: drive.woozle.org
policy: one_factor
methods:
- HEAD
- GET
- PROPFIND
resources:
- '^/(README.md)?$'
- '^/incoming/'
- '^/media/'
- '^/storage/shared/'