--- ############################################################### # Authelia configuration # ############################################################### server: host: 0.0.0.0 port: 9091 log: level: debug theme: dark # This secret can also be set using the env variables AUTHELIA_JWT_SECRET_FILE jwt_secret: a_very_important_secret default_redirection_url: https://auth.example.com # replace with your domain name totp: issuer: authelia.com # duo_api: # hostname: api-123456789.example.com # integration_key: ABCDEF # # This secret can also be set using the env variables AUTHELIA_DUO_API_SECRET_KEY_FILE # secret_key: 1234567890abcdefghifjkl authentication_backend: file: path: /config/users_database.yml password: algorithm: argon2id iterations: 1 salt_length: 16 parallelism: 8 memory: 64 access_control: default_policy: deny rules: # Rules applied to everyone # chose from bypass, one_factor and two_factor - domain: public.example.com policy: bypass - domain: subdomain1.example.com policy: one_factor - domain: subdomain2.example.com policy: two_factor session: name: authelia_session # This secret can also be set using the env variables AUTHELIA_SESSION_SECRET_FILE secret: unsecure_session_secret expiration: 3600 # 1 hour inactivity: 300 # 5 minutes domain: example.com # Should match whatever your root protected domain is redis: host: authelia-redis port: 6379 # This secret can also be set using the env variables AUTHELIA_SESSION_REDIS_PASSWORD_FILE password: SuperSecureRedisAuthPassword # must be the same as in the docker-compose.yml defined for the redis service regulation: max_retries: 3 find_time: 120 ban_time: 300 # yubikey support webauthn: disable: false display_name: Authelia attestation_conveyance_preference: indirect user_verification: preferred timeout: 60s storage: encryption_key: a_very_important_secret # Now required local: path: /config/db.sqlite3 notifier: # smtp: # username: test # # This secret can also be set using the env variables AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE # password: password # host: mail.example.com # port: 25 # sender: admin@example.com filesystem: filename: /config/notifications.txt ...