✨feature: Add basic Traefik/Authelia support files

2025-12-06 13:41:33 -06:00
parent 43bd37c552
commit b0d760c3ab
5 changed files with 294 additions and 0 deletions
--- a/assets/files/authelia/configuration.yml
+++ b/assets/files/authelia/configuration.yml
@@ -0,0 +1,88 @@
+---
+theme: dark
+
+server:
+  address: tcp://0.0.0.0:9091
+  buffers:
+    read: 65536
+    write: 65536
+
+access_control:
+  default_policy: deny
+  networks:
+    - name: internal
+      networks:
+        - 192.168.2.0/24
+  rules:
+    - domain: "*.yourdomain.com"
+      policy: bypass
+      networks:
+        - internal
+    - domain: "*.yourdomain.com"
+      policy: one_factor
+
+log:
+  level: info
+  file_path: /logs/authelia.log
+  format: json
+  keep_stdout: true
+
+#default_redirection_url: https://auth.yourdomain.com
+
+totp:
+  issuer: authelia.com
+
+identity_validation:
+  reset_password:
+    jwt_secret: "{{ env `AUTHELIA_JWT_SECRET` }}"
+
+# docker run authelia/authelia:latest authelia crypto hash generate argon2 -i 1 -p 8 -v argon2id --password 'yourpassword'
+authentication_backend:
+  refresh_interval: 5m
+  file:
+    path: /config/users_database.yml
+    password:
+      algorithm: argon2id
+      iterations: 1
+      salt_length: 16
+      parallelism: 8
+      memory: 64
+
+session:
+  name: authelia_session
+  secret: "{{ env `AUTHELIA_SESSION_SECRET` }}"
+  inactivity: 5d   # 5 days
+  expiration: 30d  # 30 days
+  remember_me: 60d # 60 days
+  cookies:
+    - domain: 'yourdomain.com'
+      authelia_url: 'https://auth.yourdomain.com'
+      default_redirection_url: 'https://yourdomain.com'
+      name: 'authelia_session'
+      inactivity: 5d   # 5 days
+      expiration: 30d  # 30 days
+      remember_me: 60d # 60 days
+
+regulation:
+  max_retries: 5
+  find_time: 120m
+  ban_time: 300m
+
+storage:
+  encryption_key: "{{ env `AUTHELIA_STORAGE_ENCRYPTION_KEY` }}}"
+  local:
+    path: /config/db.sqlite3
+
+notifier:
+  smtp:
+    address: submission://smtp.gmail.com:587
+    username: "{{ env `AUTHELIA_NOTIFIER_USERNAME` }}"
+    password: "{{ env `AUTHELIA_NOTIFIER_PASSWORD` }}"
+    sender: ksolomon+authelia@gmail.com
+
+ntp:
+  address: time.cloudflare.com:123
+  version: 3
+  max_desync: 3s
+  disable_startup_check: false
+  disable_failure: false
--- a/assets/files/authelia/users_database.yml
+++ b/assets/files/authelia/users_database.yml
@@ -0,0 +1,9 @@
+users:
+  user:
+    disabled: false
+    displayname: 'Your Name'
+    # to generate, run docker run authelia/authelia:latest authelia crypto hash generate argon2 -i 1 -p 8 -v argon2id --password your-password
+    password: 'your-hashed-password-here'
+    email: 'your-email@yourdomain.com'
+    groups:
+      - 'admins'