--- theme: light jwt_secret: uuidgenコマンドで出た文字列を2回分くらいつないだやつを入れる default_2fa_method: "" server: host: 0.0.0.0 port: 9091 path: "" enable_pprof: false enable_expvars: false disable_healthcheck: false tls: key: "" certificate: "" client_certificates: [] headers: csp_template: "" log: level: debug format: text file_path: /config/authelia.log telemetry: metrics: enabled: false address: tcp://0.0.0.0:9959 totp: disable: false issuer: example.net algorithm: sha1 digits: 6 period: 30 skew: 1 secret_size: 32 webauthn: disable: false timeout: 60s display_name: Example.net Atuh Server attestation_conveyance_preference: indirect user_verification: preferred ntp: address: time.cloudflare.com:123 version: 4 max_desync: 3s disable_startup_check: false disable_failure: false authentication_backend: password_reset: disable: true custom_url: "" refresh_interval: 5m ldap: implementation: activedirectory url: ldaps://192.168.100.200 tls: skip_verify: true base_dn: dc=example,dc=net user: CN=binduser,CN=Users,dc=example,dc=net password: くそしてねろ password_policy: standard: enabled: false min_length: 8 max_length: 0 require_uppercase: true require_lowercase: true require_number: true require_special: true zxcvbn: enabled: false min_score: 3 access_control: default_policy: two_factor session: name: authelia_session domain: example.net same_site: lax secret: insecure_session_secret expiration: 1h inactivity: 5m remember_me_duration: 1M regulation: max_retries: 3 find_time: 2m ban_time: 5m storage: encryption_key: uuidgenコマンドで出た文字列を3回分くらいつないだやつを入れる local: path: /config/db.sqlite3 notifier: disable_startup_check: false filesystem: filename: /config/notification.txt identity_providers: oidc: issuer_private_key: | -----BEGIN PRIVATE KEY----- 丶丶丶丶丶丶温幽籬櫑櫑櫑櫑櫑幽厶雌櫑幽岱垉厶丶丶丶丶丶丶 丶丶丶当櫑欟欟櫑欟欟欟欟欟欟欟櫑欟櫑櫑翻麗謝叱丶丶丶丶丶 丶丶丶覇竃櫑櫑欟欟欟欟欟欟欟櫑欟櫑欟欟欟層櫑艶旨丶丶丶丶 丶丶丶層櫑欟欟欟欟欟欟欟欟欟嬲竃嬲竃竃欟櫑竃覇覇丶丶丶丶 丶丶丶灑嬲欟欟嬲嬲嬲嬲嬲鬻辧卻眉贈幗層欟欟櫑竃櫑廴丶丶丶 丶勹僧層櫑欟鬱綴綴局悦局局拇狐綴綴鋼幗幗竃欟竃櫑廬丶丶丶 丶湘嬲嬲櫑欟辧綴仰災欠災沼卻局綴綴掴綱幗櫑嬲幗櫑廳丶丶丶 丶勺覇欟櫑鬱即卻仰災災沿己卻凹句郊塀獅幗櫑櫑欟櫑勳丶丶丶 丶丶濁幗欟圓扼卻仰災災沱災可沼笳鏑櫑雌彌幗櫑欟櫑欟眦丶丶 丶丶層櫑櫑鬱狐猖旛幽迫己旧卻獅嬲嬲幗幗幗幗櫑欟櫑覇眇丶丶 丶丶櫑欟欟鬱掴嚴憫笥局仰可局綮当踏審綱燒幗層欟櫑欟廴丶丶 丶丶層覇櫑欟即尚旛籬籬枢叫猖鬱幣憫牒憫椹禰幗欟欟欟杉丶丶 丶丶層欟櫑欟抓儕凹沼珱卻旧塀簡紹笳綴僻綴掴幗欟欟鬱丶丶丶 丶丶丶層櫑欟仰卻旧突句己沒笵綴囹卻仰加仰塀禰層欟欟企丶丶 丶丶丶瀰欟欟仰旧句災沼卻卻卻獅雌扼卻卻狐綴綱層欟欟歡丶丶 丶丶丶湧欟欟紀凹句巡卻仰似局綴獅雌卻卻綴掴綱幗嬲覇黙丶丶 丶丶丶丶層眼眼句旧卻卻鍵輔禰層嬲幗囹卻綴掴囃幗櫑歉丶丶丶 丶丶丶丶勺龝圄句沒卻卻卻卻沺禰幗幗雌歳狐掴囃彌欟默丶丶丶 丶丶丶丶丶丶丶句沒卻笳僻把洞雄櫺櫑顧綴鋼囃讃幗嚶丶丶丶丶 丶丶丶丶丶丶丶勺句卻譲嬲霸嫻嬲幗難掴獅幗幗幗嬲艶二丶丶丶 丶丶丶丶丶丶丶丶句旧卻卻綴掴燒辧辧讃幗幗幗幗杉欟欟幽丶丶 丶丶丶丶丶丶丶丶丶刈皿狐卻仰瀉囃雌幗幗幗覇歉勺欟欟欟櫑幽 丶丶丶丶丶丶丶丶丶丶勺牋綴燒雌幗幗幗幗幗鬱三儲欟欟欟櫑櫑 丶丶丶丶丶丶丶丶二旛櫑封贈簡幗難幗幗櫑鬱災三灑欟欟欟櫑欟 丶丶丶丶丶丶澁櫑櫑櫑櫑歡兆卻塀綱幗幗黙冖三消欟欟欟欟欟覇 丶丶丶澁籬櫑櫑櫑櫑櫑櫑置丶筍綴綴諜冖丶丶三瀰欟欟欟欟欟覇 丶誕櫑櫑櫑櫑櫑櫑櫑欟櫑置丶勺朔薪丶丶丶丶勺欟欟欟欟欟櫑櫑 灑櫑櫑櫑櫑櫑櫑櫑櫑欟欟置丶俎幗雛止丶丶丶儲欟欟欟欟欟櫑櫑 欟櫑櫑櫑櫑櫑櫑櫑櫑櫑欟置丶欟攜層櫑幽丶丶灑欟欟欟欟欟櫑櫑 -----END PRIVATE KEY----- access_token_lifespan: 30m authorize_code_lifespan: 1m id_token_lifespan: 30m refresh_token_lifespan: 90m enable_client_debug_messages: false enforce_pkce: public_clients_only cors: endpoints: - authorization - token - revocation - introspection - userinfo allowed_origins: - https://auth.example.net allowed_origins_from_client_redirect_uris: true clients: - id: komga description: Komga secret: ちゃんと公式ドキュメントを読んで生成しろよ(https://www.authelia.com/integration/openid-connect/frequently-asked-questions/#how-do-i-generate-client-secrets) public: false authorization_policy: two_factor redirect_uris: - https://books.example.net/login/oauth2/code/authelia scopes: - openid - profile - email grant_types: - authorization_code userinfo_signing_algorithm: none - id: headscale description: Headscale secret: (・∀・)イジョウジサクジエンデシタ public: false authorization_policy: two_factor redirect_uris: - https://ts.example.net:443/oidc/callback ←Headscaleの設定に合わせて:443を付けないとこけます scopes: - openid - profile - email grant_types: - authorization_code userinfo_signing_algorithm: none