--- theme: dark jwt_secret: tHJQyNgBaULdQDQEAMFeduKa default_redirection_url: https://ceskatelevize.cz/ default_2fa_method: "totp" server: host: 0.0.0.0 # port: 9091 port: 443 tls: key: "/home/ct/CT.key" certificate: "/home/ct/CT.pem" client_certificates: [] log: level: info file_path: /var/log/authelia.log telemetry: metrics: enabled: true address: tcp://172.30.29.119:9902 totp: disable: false issuer: authelia.com algorithm: sha1 digits: 6 period: 30 skew: 1 secret_size: 32 webauthn: disable: false timeout: 60s display_name: Authelia attestation_conveyance_preference: indirect user_verification: preferred ntp: address: "time.czech-tv.cz:123" version: 4 max_desync: 3s disable_startup_check: false disable_failure: false authentication_backend: password_reset: disable: true refresh_interval: 5m ldap: implementation: custom url: ldap://ct.czech-tv.cz timeout: 5s start_tls: false base_dn: DC=ct,DC=czech-tv,DC=cz username_attribute: sAMAccountName users_filter: (&({username_attribute}={input})(objectClass=person)) groups_filter: (&(member={dn})(objectClass=groupOfNames)) group_name_attribute: cn mail_attribute: mail display_name_attribute: displayName user: "CN=Ldap ADReader,OU=ServisniUzivatele,OU=Admins,DC=ct,DC=czech-tv,DC=cz" password: Buchtickyses0do password_policy: standard: enabled: false min_length: 8 max_length: 0 require_uppercase: true require_lowercase: true require_number: true require_special: true zxcvbn: enabled: false min_score: 3 access_control: default_policy: deny rules: - domain: 'authelia.czech-tv.cz' policy: bypass - domain: - 'ctcloud1.czech-tv.cz' policy: two_factor - domain: - 'secure.czech-tv.cz' policy: two_factor - domain: - 'ctcloud2.czech-tv.cz' policy: two_factor - domain: - 'zabbix.czech-tv.cz' policy: two_factor - domain: - 'public.czech-tv.cz' policy: one_factor - domain: - 'ctclouduit.czech-tv.cz' policy: two_factor - domain: - 'pha-mail1.ct.czech-tv.cz' policy: two_factor session: name: authelia_session domain: czech-tv.cz same_site: lax secret: dCdvLKWytdP66qqHpycVk6TuGK5m expiration: 1h inactivity: 1m remember_me_duration: 1M regulation: max_retries: 3 find_time: 2m ban_time: 10m storage: encryption_key: dCdvLKWytdP66qqHpycVk6TuGK5m mysql: host: 172.30.29.119 port: 3306 database: authelia username: authelia password: sojka123 timeout: 5s notifier: disable_startup_check: false smtp: host: mail.czech-tv.cz port: 25 sender: "Authelia " subject: "[Authelia] {title}" disable_require_tls: true ...