sam
cf4e5b07c6
Pins the Compose project name and splits services into core / test / auth profiles so the BMP collector core can deploy standalone. Adds setup.sh (idempotent bootstrap), .env.example, and repo-resident Authelia config templates so a fresh host deploys without manual steps. Parameterizes hardcoded host IP and domain; points the Grafana InfluxDB datasource at the container name. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
52 lines
1.0 KiB
Plaintext
52 lines
1.0 KiB
Plaintext
---
|
|
# Authelia configuration template.
|
|
# setup.sh renders this to ${OBMP_DATA_ROOT}/authelia/configuration.yml,
|
|
# substituting the ${...} values from .env. Only rendered if the target
|
|
# file does not already exist — an existing deployment is never overwritten.
|
|
theme: dark
|
|
|
|
server:
|
|
address: 'tcp://0.0.0.0:9091/authelia'
|
|
endpoints:
|
|
authz:
|
|
forward-auth:
|
|
implementation: ForwardAuth
|
|
|
|
log:
|
|
level: info
|
|
|
|
totp:
|
|
issuer: openbmp
|
|
|
|
authentication_backend:
|
|
file:
|
|
path: /config/users_database.yml
|
|
password:
|
|
algorithm: bcrypt
|
|
iterations: 12
|
|
|
|
session:
|
|
name: authelia_session
|
|
secret: ${AUTHELIA_SESSION_SECRET}
|
|
expiration: 12h
|
|
inactivity: 6h
|
|
cookies:
|
|
- domain: ${OBMP_COOKIE_DOMAIN}
|
|
authelia_url: https://${OBMP_DOMAIN}/authelia
|
|
|
|
identity_validation:
|
|
reset_password:
|
|
jwt_secret: ${AUTHELIA_JWT_SECRET}
|
|
|
|
storage:
|
|
local:
|
|
path: /config/db.sqlite3
|
|
encryption_key: ${AUTHELIA_STORAGE_ENCRYPTION_KEY}
|
|
|
|
access_control:
|
|
default_policy: one_factor
|
|
|
|
notifier:
|
|
filesystem:
|
|
filename: /config/notification.txt
|