infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity
kubernetes/authelia/configuration.yml

91 lines
2.1 KiB
YAML
Raw Blame History

access_control:
default_policy: one_factor
networks:
- name: internal
networks:
- 172.30.0.0/26
- 172.31.1.0/24
rules:
- domain: paperless.pyrocufflink.blue
policy: two_factor
- domain: firefly.pyrocufflink.blue
resources:
- '^/api/'
policy: bypass
- domain: firefly.pyrocufflink.blue
policy: two_factor
- domain: scan.pyrocufflink.blue
networks:
- internal
policy: bypass
authentication_backend:
ldap:
base_dn: DC=pyrocufflink,DC=blue
implementation: activedirectory
tls:
minimum_version: TLS1.2
url: ldaps://pyrocufflink.blue
user: CN=svc.authelia,CN=Users,DC=pyrocufflink,DC=blue
identity_providers:
oidc:
clients:
- id: e20a50c2-55eb-4cb1-96ce-fe71c61c1d89
description: Jenkins
secret: >-
$argon2id$v=19$m=65536,t=3,p=4$qoo6+3ToLbsZOI/BxcppGw$srNBfpIHqpxLh+VfVNNe27A1Ci9dCKLfB8rWXLNkv44
redirect_uris:
- https://jenkins.pyrocufflink.blue/securityRealm/finishLogin
scopes:
- openid
- groups
- profile
- email
- offline_access
authorization_policy: one_factor
pre_configured_consent_duration: 7d
- id: kubernetes
description: Kubernetes
public: true
redirect_uris:
- http://localhost:8000
- http://localhost:18000
authorization_policy: one_factor
pre_configured_consent_duration: 7d
- id: 1b6adbfc-d9e0-4cab-b780-e410639dc420
description: MinIO
secret: >-
$pbkdf2-sha512$310000$TkQ1BwLrr.d8AVGWk2rLhA$z4euAPhkkZdjcxKFD3tZRtNQ/R78beW7epJ.BGFWSwQdAme5TugNj9Ba.aL5TEqrBDmXRW0xiI9EbxSszckG5A
redirect_uris:
- https://burp.pyrocufflink.blue:9090/oauth_callback
- id: step-ca
description: step-ca
public: true
redirect_uris:
- http://127.0.0.1
pre_configured_consent_duration: 7d
log:
level: trace
notifier:
smtp:
disable_require_tls: true
host: mail.pyrocufflink.blue
port: 25
sender: auth@pyrocufflink.net
session:
domain: pyrocufflink.blue
expiration: 1d
inactivity: 4h
server:
buffers:
read: 16384
storage:
local:
path: /var/lib/authelia/db.sqlite3
View Git Blame Copy Permalink