nps.stacks.authelia.enable
Whether to enable authelia.
Type: boolean
Default:
false
Example:
true
Declared by:
nps.stacks.authelia.enableTraefikMiddleware
Wheter to register an authelia middleware for Traefik.
The middleware will utilize the ForwardAuth Authz implementation.
See https://www.authelia.com/integration/proxies/traefik/#implementation
Type: boolean
Default:
config.nps.stacks.traefik.enable
Declared by:
nps.stacks.authelia.containers.authelia
Alias of services.podman.containers.authelia.
Type: submodule
Declared by:
nps.stacks.authelia.containers.authelia-redis
Alias of services.podman.containers.authelia-redis.
Type: submodule
Declared by:
nps.stacks.authelia.crowdsec.enableLogCollection
Whether the container logs should be collected by CrowdSec. Enabling this will configure the acquis settings for CrowdSec.
Type: boolean
Default:
config.nps.stacks.crowdsec.enable
Declared by:
nps.stacks.authelia.defaultAllowPolicy
Default policy to apply for allowed access. Will be used as a default for Access Control Rules as well as OIDC Authorization Policies if no rules apply.
See
- https://www.authelia.com/configuration/identity-providers/openid-connect/clients/#authorization_policy
- https://www.authelia.com/configuration/security/access-control/#rules
Type: one of “one_factor”, “two_factor”
Default:
"one_factor"
Declared by:
nps.stacks.authelia.jwtSecretFile
Path to the file containing the JWT secret. See https://www.authelia.com/configuration/identity-validation/reset-password/#jwt_secret
Type: absolute path
Declared by:
nps.stacks.authelia.ldap.passwordFile
The password for the LDAP user that is used when connecting to the LDAP backend.
Type: absolute path
Default:
config.nps.stacks.lldap.adminPasswordFile
Declared by:
nps.stacks.authelia.ldap.username
The username that will be used when binding to the LDAP backend.
Type: string
Default:
config.nps.stacks.lldap.adminUsername
Declared by:
nps.stacks.authelia.oidc.enable
Whether to enable OIDC Support.
Type: boolean
Default:
false
Example:
true
Declared by:
nps.stacks.authelia.oidc.clients
OIDC client configuration. See https://www.authelia.com/configuration/identity-providers/openid-connect/clients/
Type: attribute set of (YAML 1.1 value)
Default:
{ }
Declared by:
nps.stacks.authelia.oidc.clients.<name>.client_id
This option has no description.
Type: string
Default:
"‹name›"
Declared by:
nps.stacks.authelia.oidc.defaultConsentDuration
Default period of how long a users choice to remember the pre-configured consent lasts.
Only has an effect for OIDC clients using the consent_mode pre-configured or auto.
See
Type: string
Default:
"1 month"
Declared by:
nps.stacks.authelia.oidc.hmacSecretFile
Path to the file containing the HMAC secret. See https://www.authelia.com/configuration/identity-providers/openid-connect/provider/#hmac_secret
Type: absolute path
Declared by:
nps.stacks.authelia.oidc.jwksRsaKeyFile
Path to the file containing the JWKS RSA (RS256) private key.
For example, a keypair can be generated and printed out like this:
podman run --rm authelia/authelia sh -c "authelia crypto certificate rsa generate --common-name authelia.example.com && cat public.crt && cat private.pem"
See https://www.authelia.com/configuration/identity-providers/openid-connect/provider/#key
Type: absolute path
Declared by:
nps.stacks.authelia.sessionProvider
‘’ Session provider to use.
See <https://www.authelia.com/configuration/session/introduction/>
''
Type: one of “memory”, “redis”
Default:
"memory"
Declared by:
nps.stacks.authelia.sessionSecretFile
Path to the file containing the session secret. See https://www.authelia.com/configuration/session/introduction/#secret
Type: absolute path
Declared by:
nps.stacks.authelia.settings
Additional Authelia settings. Will be provided in the configuration.yml.
Type: YAML 1.1 value
Declared by:
nps.stacks.authelia.storageEncryptionKeyFile
Path to the file containing the storage encryption key. See https://www.authelia.com/configuration/storage/introduction/#encryption_key
Type: absolute path
Declared by: