98 lines
2.1 KiB
YAML
98 lines
2.1 KiB
YAML
log:
|
|
level: info # error, warn, [info], debug, trace
|
|
authentication_backend:
|
|
password_reset:
|
|
disable: true
|
|
file:
|
|
path: /run/secrets/users.yaml
|
|
totp:
|
|
issuer: woozle.org
|
|
session:
|
|
domain: woozle.org
|
|
same_site: strict
|
|
redis:
|
|
host: redis
|
|
port: 6379
|
|
database_index: 1
|
|
storage:
|
|
local:
|
|
path: /srv/sys/authelia/db.sqlite3
|
|
notifier:
|
|
filesystem:
|
|
filename: /run/emails.txt
|
|
access_control:
|
|
default_policy: deny
|
|
rules:
|
|
- domain: deergrove.woozle.org
|
|
subject:
|
|
- "group:octoprint"
|
|
resources:
|
|
- '^/octoprint/'
|
|
- '^/webcam/'
|
|
policy: one_factor
|
|
|
|
- domain: deergrove.woozle.org
|
|
subject:
|
|
- "group:media"
|
|
resources:
|
|
- '^/[a-z]+arr/'
|
|
- '^/nzbget/'
|
|
- '^/transmission/'
|
|
- '^/sucker/'
|
|
- '^/unmanic/'
|
|
policy: one_factor
|
|
|
|
- domain: deergrove.woozle.org
|
|
resources:
|
|
- '^/[a-z.]*$'
|
|
- '^/netdata/'
|
|
policy: one_factor
|
|
|
|
- domain: drive.woozle.org
|
|
methods:
|
|
- HEAD
|
|
- GET
|
|
- PROPFIND
|
|
resources:
|
|
- '^/storage/public/'
|
|
policy: bypass
|
|
|
|
- domain: drive.woozle.org
|
|
subject:
|
|
- "group:storage"
|
|
resources:
|
|
- '^/incoming/'
|
|
- '^/media/'
|
|
- '^/storage/(README.md)?$'
|
|
- '^/storage/(?P<User>\w+)/'
|
|
- '^/storage/(?P<Group>\w+)/'
|
|
- '^/storage/shared/'
|
|
- '^/storage/public/'
|
|
policy: one_factor
|
|
|
|
- domain: drive.woozle.org
|
|
methods:
|
|
- HEAD
|
|
- GET
|
|
- PROPFIND
|
|
- OPTIONS
|
|
resources:
|
|
- '^/(README.md)?$'
|
|
- '^/incoming/'
|
|
- '^/media/'
|
|
- '^/storage/shared/'
|
|
policy: one_factor
|
|
|
|
- domain: photos.woozle.org
|
|
resources:
|
|
- '^(/pgapi)?/gallery/(?P<User>\w+)'
|
|
- '^(/pgapi)?/gallery/(?P<Group>\w+)'
|
|
- '^(/pgapi)?/gallery/content/'
|
|
policy: one_factor
|
|
- domain: photos.woozle.org
|
|
resources:
|
|
- '^(/pgapi)?/gallery/.'
|
|
policy: deny
|
|
- domain: photos.woozle.org
|
|
policy: one_factor
|