133 lines
4.6 KiB
YAML
133 lines
4.6 KiB
YAML
|
---
|
||
|
###############################################################
|
||
|
# Authelia configuration #
|
||
|
###############################################################
|
||
|
|
||
|
# This secret can also be set using the env variables AUTHELIA_JWT_SECRET_FILE
|
||
|
jwt_secret: Unicom#2023
|
||
|
default_redirection_url: https://sso.flyfish.group
|
||
|
|
||
|
server:
|
||
|
host: 0.0.0.0
|
||
|
port: 3001
|
||
|
|
||
|
log:
|
||
|
level: debug
|
||
|
|
||
|
totp:
|
||
|
issuer: flyfish.group
|
||
|
|
||
|
# duo_api:
|
||
|
# hostname: api-123456789.example.com
|
||
|
# integration_key: ABCDEF
|
||
|
# # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE
|
||
|
# secret_key: 1234567890abcdefghifjkl
|
||
|
|
||
|
authentication_backend:
|
||
|
file:
|
||
|
path: /config/users_database.yml
|
||
|
|
||
|
access_control:
|
||
|
default_policy: deny
|
||
|
rules:
|
||
|
# Rules applied to everyone
|
||
|
- domain: flyfish.group
|
||
|
policy: bypass
|
||
|
- domain: outline.mynatapp.cc
|
||
|
policy: one_factor
|
||
|
- domain: pri.flyfish.group
|
||
|
policy: two_factor
|
||
|
|
||
|
session:
|
||
|
# This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE
|
||
|
secret: Unicom#2023@VeryNB#Wangyu
|
||
|
name: authelia_session
|
||
|
domain: sso.flyfish.group # Should match whatever your root protected domain is
|
||
|
expiration: 3600 # 1 hour
|
||
|
inactivity: 300 # 5 minutes
|
||
|
redis:
|
||
|
host: redis
|
||
|
port: 6379
|
||
|
# This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE
|
||
|
# password: authelia
|
||
|
|
||
|
regulation:
|
||
|
max_retries: 3
|
||
|
find_time: 120
|
||
|
ban_time: 300
|
||
|
|
||
|
storage:
|
||
|
encryption_key: 4bfc40eef1a3df253473b4cf793e91712d15659474eafa6973219b555061a645
|
||
|
local:
|
||
|
path: /config/db.sqlite3
|
||
|
|
||
|
notifier:
|
||
|
smtp:
|
||
|
username: wybaby168@163.com
|
||
|
# This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE
|
||
|
password: TWNQBHMSQIGRBCYU
|
||
|
host: smtp.163.com
|
||
|
port: 25
|
||
|
sender: wybaby168@163.com
|
||
|
|
||
|
identity_providers:
|
||
|
oidc:
|
||
|
hmac_secret: Unicom#2023@VeryNB#Wangyu
|
||
|
issuer_private_key: |
|
||
|
-----BEGIN RSA PRIVATE KEY-----
|
||
|
MIIEpAIBAAKCAQEAz49nUOVaCPaa4O/fmGrSMMJyFfh2YYJKU9Gv6XIL9gaVC8Do
|
||
|
G/N6v1O9+VOYehgoUwmo04nx19oLB5orEvM2QMrlbKz7GBhaBAOd8tMcGpK1Ohkf
|
||
|
2O7/9z/XeYU07YTZzaFFikun0GL9TZvjP6QYMJATw3BlQ+ynb9HBiHUi+IdJY+f0
|
||
|
/VNH/IG7MWTeYHCeQE2Pd6x+CmAP3+cPHm9dlmVPLFvhJGGIglpio52Ti8GW6t39
|
||
|
1dtZuj0KYrui0TLt8lXcKiKlxZcjhECCXx9s+xCKsi3simAcEpMycoevNCkjZOWN
|
||
|
DctHxcVVPrkHXCxYVbl/HXyfbP1pP/dG0tCntQIDAQABAoIBAAVcogGf+yRyImwf
|
||
|
JjqMv+NMkp/orD42nG7v4sh4DsELSHxmPljCgHBC3Ix9UVoOF7SVckwMqze1RUWs
|
||
|
AOLbb5Ja63RUP6ROtLyXz1O/imFRWucmUQFMo0Yi2xEjlMtx/CJowSAidjJW7E49
|
||
|
8a/qMEnI3wnUdHk9utGTrJk21XFwGVQbgRWq2jTiVwSyLBHMdcheqDXQBajpS8Cm
|
||
|
w9GV0x1crhjz47gADG3kt+Y/4XhQZIcsahBNS38WG+vCM9alzCePtKjqEaPW3yRi
|
||
|
3X0OXSLiEpyOE0xlVUOT5KTbsApzzwWwSeoHdS36xgwUHgmJoh9mueILQLCnlXCP
|
||
|
4ejUen0CgYEA8XGAZA/+aKDTZPH0l7hwpT8eeOV/V3g/V6Zt6j5VoVbOJ+0JJL6s
|
||
|
mpuf/10+Y2MPHiHzpl4g0niRaEVPv/sAH++RmcevV98T6Zg0ssAep56XjEKK0C8A
|
||
|
jljz9cVX1OdF5avSuFUA+4hwuvhVYxqHQvKKxlq7dBruSTfTJOZ9xHsCgYEA3BLw
|
||
|
r3IarOS/ItSnp5Y6Z0NZCX7v/XOXBHFXznslRdJyfaTwWOrOuK8PZk3QfMseTx3A
|
||
|
38BoJh8aUYofleSeWHc4Wxbi0GjHbNdUQo2i1wP7kLaaNiSKGGYhPq4LRmUaqeor
|
||
|
idMLcClgsgmT3EGx1i0SZv2OGaSULSpEHi+0hY8CgYEAzOHw/nhn/edDm6yKT1kv
|
||
|
FbrLI/IzrkkXD0zmhtkglwlvZYgKs0iudYBMNEmu0G3V/U74UBweJBw139K5SwM2
|
||
|
5uLHnkRJ8foWDqqfRXQsTzcQCPDKlMDd6u1nEA7Hap5avPuik9NmQwxUBQUIiFGR
|
||
|
qGjjBFEoMu1LeYxKu0xwOxMCgYBIAX50uS3XMgUD3XZ5k+LKFLQWMk1NrTtVPcyQ
|
||
|
B6TbYo8JYyUswq8eqFCulXlIy6DAHCkWTLsG9hhDY6EQBzx0D5YF38gYjp/pkc7E
|
||
|
89i651exMr3kRzJT516rRoDz6HK/85mJP983NKKpvg59+5S3Ugn6Xq3W4A2HdZPS
|
||
|
GKPFKwKBgQCo57qnAdYdTkG2dCTQvOWVHMQ5uWhyBzOu/BW4wpk5+kXmySltqTQC
|
||
|
M6An9K8skqBGr9D+4FvXrc+hjRd2NJmIVsIoUxA/N6ico8kSt0gnIGSzkaR6NSGU
|
||
|
kHFdU/jUVi5DFQ3yLK3Scfl5RP3nX8M7DJI2Sqj3zPJQm+SLX6TU1w==
|
||
|
-----END RSA PRIVATE KEY-----
|
||
|
access_token_lifespan: 1h
|
||
|
authorize_code_lifespan: 1m
|
||
|
id_token_lifespan: 1h
|
||
|
refresh_token_lifespan: 90m
|
||
|
enable_client_debug_messages: false
|
||
|
enforce_pkce: public_clients_only
|
||
|
cors:
|
||
|
endpoints:
|
||
|
- authorization
|
||
|
- token
|
||
|
- revocation
|
||
|
- introspection
|
||
|
allowed_origins:
|
||
|
- https://outline.mynatapp.cc
|
||
|
allowed_origins_from_client_redirect_uris: false
|
||
|
clients:
|
||
|
- id: outline
|
||
|
description: 产互研发知识库
|
||
|
secret: '542e9284a37c87ebc165e7e1106650d9a669503ce384e8df0496485a85663984'
|
||
|
public: false
|
||
|
authorization_policy: one_factor
|
||
|
scopes:
|
||
|
- openid
|
||
|
- offline_access
|
||
|
- profile
|
||
|
- email
|
||
|
redirect_uris:
|
||
|
- https://outline.mynatapp.cc/auth/oidc.callback
|
||
|
userinfo_signing_algorithm: none
|