ansible-base/roles/authelia/templates/conf-main.json.j2

{
	"theme": "auto",
	"identity_validation": {
		"reset_password": {
			"jwt_secret": "{{cfg_authelia.jwt_secret}}"
		}
	},
	"default_2fa_method": "totp",
	"server": {
		"address": "{{cfg_authelia.listen_address}}:9091",
		"endpoints": {
			"enable_pprof": false,
			"enable_expvars": false
		},
		"disable_healthcheck": false
	},
	"log": {
		"level": "info",
		"format": "json",
		"file_path": "{{cfg_authelia.log_file_path}}",
		"keep_stdout": false
	},
	"telemetry": {
		"metrics": {
			"enabled": false,
			"address": "tcp://0.0.0.0:9959"
		}
	},
	"totp": {
		"disable": false,
		"issuer": "authelia.com",
		"algorithm": "sha1",
		"digits": 6,
		"period": 30,
		"skew": 1,
		"secret_size": 32
	},
	"webauthn": {
		"disable": true,
		"timeout": "60s",
		"display_name": "Authelia",
		"attestation_conveyance_preference": "indirect",
		"user_verification": "preferred"
	},
	"ntp": {
		"address": "{{cfg_authelia.ntp_server}}",
		"version": 4,
		"max_desync": "3s",
		"disable_startup_check": false,
		"disable_failure": false
	},
	"authentication_backend": {
		"password_reset": {
{% if cfg_authelia.password_reset.enabled %}
			"disable": false,
{% else %}
			"disable": true,
{% endif %}
			"custom_url": "{{cfg_authelia.password_reset.custom_url}}"
		},
		"refresh_interval": "5m",
		"file": {
			"path": "{{cfg_authelia.users_file_path}}",
			"watch": true,
			"search": {
				"email": false,
				"case_insensitive": false
			},
			"password": {
				"algorithm": "argon2",
				"argon2": {
					"variant": "argon2id",
					"iterations": 3,
					"memory": 65536,
					"parallelism": 4,
					"key_length": 32,
					"salt_length": 16
				},
				"scrypt": {
					"iterations": 16,
					"block_size": 8,
					"parallelism": 1,
					"key_length": 32,
					"salt_length": 16
				},
				"pbkdf2": {
					"variant": "sha512",
					"iterations": 310000,
					"salt_length": 16
				},
				"sha2crypt": {
					"variant": "sha512",
					"iterations": 50000,
					"salt_length": 16
				},
				"bcrypt": {
					"variant": "standard",
					"cost": 12
				}
			}
		}
	},
	"password_policy": {
		"standard": {
			"enabled": false,
			"min_length": 8,
			"max_length": 0,
			"require_uppercase": true,
			"require_lowercase": true,
			"require_number": true,
			"require_special": true
		},
		"zxcvbn": {
			"enabled": false,
			"min_score": 3
		}
	},
	"access_control": {
		"default_policy": "one_factor"
	},
	"session": {
		"name": "authelia_session",
		"same_site": "lax",
		"secret": "{{cfg_authelia.session_secret}}",
		"expiration": "1h",
		"inactivity": "5m",
		"remember_me": "1M",
		"cookies": [
			{
				"domain": "{{cfg_authelia.session_domain}}",
				"authelia_url": "https://{{cfg_authelia.domain}}/",
				"default_redirection_url": "{{cfg_authelia.redirect_url}}"
			}
		]
	},
	"regulation": {
		"max_retries": 3,
		"find_time": "2m",
		"ban_time": "5m"
	},
	"storage": {
		"encryption_key": "{{cfg_authelia.storage_encryption_key}}",
{% if cfg_authelia.storage.kind == "sqlite" %}
		"local": {
			"path": "{{cfg_authelia.storage.data.path}}"
		}
{% endif %}
{% if cfg_authelia.storage.kind == "postgresql" %}
		"postgres": {
			"address": "{{cfg_authelia.storage.data.host}}:{{cfg_authelia.storage.data.port | string}}",
			"schema": "public",
			"username": "{{cfg_authelia.storage.data.username}}",
			"password": "{{cfg_authelia.storage.data.password}}",
			"database": "{{cfg_authelia.storage.data.schema}}"
		}
{% endif %}
{% if cfg_authelia.storage.kind == "mariadb" %}
		"mysql": {
			"host": "{{cfg_authelia.storage.data.host}}",
			"port": {{cfg_authelia.storage.data.port | string}},
			"username": "{{cfg_authelia.storage.data.username}}",
			"password": "{{cfg_authelia.storage.data.password}}",
			"database": "{{cfg_authelia.storage.data.schema}}"
		}
{% endif %}
	},
	"notifier": {
		"disable_startup_check": true,
{% if cfg_authelia.notification.kind == "file" %}
		"filesystem": {
			"filename": "{{cfg_authelia.notification.data.path}}"
		}
{% endif %}
{% if cfg_authelia.notification_mode == "smtp" %}
		"smtp": {
			"address": "{{cfg_authelia.notification.data.host}}:{{cfg_authelia.notification.data.port | string}}",
			"username": "{{cfg_authelia.notification.data.username}}",
			"password": "{{cfg_authelia.notification.data.password}}",
			"sender": "{{cfg_authelia.notification.data.sender}}",
			"disable_require_tls": false,
			"disable_html_emails": false,
			"tls": {
				"skip_verify": false
			}
		}
{% endif %}
	},
	"identity_providers": {
		"oidc": {
			"hmac_secret": "{{cfg_authelia.oidc.hmac_secret}}",
			"jwks": [
				{
					"algorithm": "RS256",
					"key": "{{temp_tls_result.privatekey | replace('\n', '\\n')}}"
				}
			],
			"lifespans": {
				"access_token": "{{cfg_authelia.oidc.lifespan.default.access_token}}",
				"refresh_token": "{{cfg_authelia.oidc.lifespan.default.refresh_token}}",
				"custom": "{{cfg_authelia.oidc.lifespan.custom | to_json}}",
			},
			"cors": {
				"allowed_origins_from_client_redirect_uris": true
{% if cfg_authelia.oidc.cors_endpoints == None %}
{% else %}
				,"endpoints": {{cfg_authelia.oidc.cors_endpoints | to_json}}
{% endif %}
			},
			"clients": [
			]
		}
	}
}
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`{`
			`"theme": "auto",`
[fix] role:authelia 2024-03-20 00:09:41 +01:00			`"identity_validation": {`
			`"reset_password": {`
[int] 2025-10-07 15:58:18 +02:00			`"jwt_secret": "{{cfg_authelia.jwt_secret}}"`
[fix] role:authelia 2024-03-20 00:09:41 +01:00			`}`
			`},`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"default_2fa_method": "totp",`
			`"server": {`
[int] 2025-10-07 15:58:18 +02:00			`"address": "{{cfg_authelia.listen_address}}:9091",`
[fix] role:authelia 2024-03-20 00:09:41 +01:00			`"endpoints": {`
			`"enable_pprof": false,`
			`"enable_expvars": false`
			`},`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"disable_healthcheck": false`
			`},`
			`"log": {`
			`"level": "info",`
			`"format": "json",`
[int] 2025-10-07 15:58:18 +02:00			`"file_path": "{{cfg_authelia.log_file_path}}",`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"keep_stdout": false`
			`},`
			`"telemetry": {`
			`"metrics": {`
			`"enabled": false,`
			`"address": "tcp://0.0.0.0:9959"`
			`}`
			`},`
			`"totp": {`
			`"disable": false,`
			`"issuer": "authelia.com",`
			`"algorithm": "sha1",`
			`"digits": 6,`
			`"period": 30,`
			`"skew": 1,`
			`"secret_size": 32`
			`},`
			`"webauthn": {`
			`"disable": true,`
			`"timeout": "60s",`
			`"display_name": "Authelia",`
			`"attestation_conveyance_preference": "indirect",`
			`"user_verification": "preferred"`
			`},`
			`"ntp": {`
[int] 2025-10-07 15:58:18 +02:00			`"address": "{{cfg_authelia.ntp_server}}",`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"version": 4,`
			`"max_desync": "3s",`
			`"disable_startup_check": false,`
			`"disable_failure": false`
			`},`
			`"authentication_backend": {`
			`"password_reset": {`
[int] 2025-10-07 15:58:18 +02:00			`{% if cfg_authelia.password_reset.enabled %}`
[fix] role:authelia 2024-01-01 16:46:36 +01:00			`"disable": false,`
			`{% else %}`
			`"disable": true,`
			`{% endif %}`
[int] 2025-10-07 15:58:18 +02:00			`"custom_url": "{{cfg_authelia.password_reset.custom_url}}"`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`},`
			`"refresh_interval": "5m",`
			`"file": {`
[int] 2025-10-07 15:58:18 +02:00			`"path": "{{cfg_authelia.users_file_path}}",`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"watch": true,`
			`"search": {`
			`"email": false,`
			`"case_insensitive": false`
			`},`
			`"password": {`
			`"algorithm": "argon2",`
			`"argon2": {`
			`"variant": "argon2id",`
			`"iterations": 3,`
			`"memory": 65536,`
			`"parallelism": 4,`
			`"key_length": 32,`
			`"salt_length": 16`
			`},`
			`"scrypt": {`
			`"iterations": 16,`
			`"block_size": 8,`
			`"parallelism": 1,`
			`"key_length": 32,`
			`"salt_length": 16`
			`},`
			`"pbkdf2": {`
			`"variant": "sha512",`
			`"iterations": 310000,`
			`"salt_length": 16`
			`},`
			`"sha2crypt": {`
			`"variant": "sha512",`
			`"iterations": 50000,`
			`"salt_length": 16`
			`},`
			`"bcrypt": {`
			`"variant": "standard",`
			`"cost": 12`
			`}`
			`}`
			`}`
			`},`
			`"password_policy": {`
			`"standard": {`
			`"enabled": false,`
			`"min_length": 8,`
			`"max_length": 0,`
			`"require_uppercase": true,`
			`"require_lowercase": true,`
			`"require_number": true,`
			`"require_special": true`
			`},`
			`"zxcvbn": {`
			`"enabled": false,`
			`"min_score": 3`
			`}`
			`},`
			`"access_control": {`
			`"default_policy": "one_factor"`
			`},`
			`"session": {`
			`"name": "authelia_session",`
			`"same_site": "lax",`
[int] 2025-10-07 15:58:18 +02:00			`"secret": "{{cfg_authelia.session_secret}}",`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"expiration": "1h",`
			`"inactivity": "5m",`
[mod] role:authelia 2024-06-01 19:26:06 +02:00			`"remember_me": "1M",`
			`"cookies": [`
			`{`
[int] 2025-10-07 15:58:18 +02:00			`"domain": "{{cfg_authelia.session_domain}}",`
			`"authelia_url": "https://{{cfg_authelia.domain}}/",`
			`"default_redirection_url": "{{cfg_authelia.redirect_url}}"`
[mod] role:authelia 2024-06-01 19:26:06 +02:00			`}`
			`]`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`},`
			`"regulation": {`
			`"max_retries": 3,`
			`"find_time": "2m",`
			`"ban_time": "5m"`
			`},`
			`"storage": {`
[int] 2025-10-07 15:58:18 +02:00			`"encryption_key": "{{cfg_authelia.storage_encryption_key}}",`
			`{% if cfg_authelia.storage.kind == "sqlite" %}`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"local": {`
[int] 2025-10-07 15:58:18 +02:00			`"path": "{{cfg_authelia.storage.data.path}}"`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`}`
[mod] role:authelia:Unterstützung für PostgreSQL und MariaDB 2023-12-23 12:19:29 +01:00			`{% endif %}`
[int] 2025-10-07 15:58:18 +02:00			`{% if cfg_authelia.storage.kind == "postgresql" %}`
[mod] role:authelia:Unterstützung für PostgreSQL und MariaDB 2023-12-23 12:19:29 +01:00			`"postgres": {`
[int] 2025-10-07 15:58:18 +02:00			`"address": "{{cfg_authelia.storage.data.host}}:{{cfg_authelia.storage.data.port \| string}}",`
[mod] role:authelia:Unterstützung für PostgreSQL und MariaDB 2023-12-23 12:19:29 +01:00			`"schema": "public",`
[int] 2025-10-07 15:58:18 +02:00			`"username": "{{cfg_authelia.storage.data.username}}",`
			`"password": "{{cfg_authelia.storage.data.password}}",`
			`"database": "{{cfg_authelia.storage.data.schema}}"`
[mod] role:authelia:Unterstützung für PostgreSQL und MariaDB 2023-12-23 12:19:29 +01:00			`}`
			`{% endif %}`
[int] 2025-10-07 16:26:01 +02:00			`{% if cfg_authelia.storage.kind == "mariadb" %}`
[mod] role:authelia:Unterstützung für PostgreSQL und MariaDB 2023-12-23 12:19:29 +01:00			`"mysql": {`
[int] 2025-10-07 15:58:18 +02:00			`"host": "{{cfg_authelia.storage.data.host}}",`
			`"port": {{cfg_authelia.storage.data.port \| string}},`
			`"username": "{{cfg_authelia.storage.data.username}}",`
			`"password": "{{cfg_authelia.storage.data.password}}",`
			`"database": "{{cfg_authelia.storage.data.schema}}"`
[mod] role:authelia:Unterstützung für PostgreSQL und MariaDB 2023-12-23 12:19:29 +01:00			`}`
			`{% endif %}`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`},`
			`"notifier": {`
			`"disable_startup_check": true,`
[int] 2025-10-07 15:58:18 +02:00			`{% if cfg_authelia.notification.kind == "file" %}`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"filesystem": {`
[int] 2025-10-07 15:58:18 +02:00			`"filename": "{{cfg_authelia.notification.data.path}}"`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`}`
			`{% endif %}`
[int] 2025-10-07 15:58:18 +02:00			`{% if cfg_authelia.notification_mode == "smtp" %}`
[fix] role:authelia 2024-03-20 00:09:41 +01:00			`"smtp": {`
[int] 2025-10-07 15:58:18 +02:00			`"address": "{{cfg_authelia.notification.data.host}}:{{cfg_authelia.notification.data.port \| string}}",`
			`"username": "{{cfg_authelia.notification.data.username}}",`
			`"password": "{{cfg_authelia.notification.data.password}}",`
			`"sender": "{{cfg_authelia.notification.data.sender}}",`
[fix] role:authelia 2024-03-20 00:09:41 +01:00			`"disable_require_tls": false,`
			`"disable_html_emails": false,`
			`"tls": {`
			`"skip_verify": false`
			`}`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`}`
			`{% endif %}`
			`},`
			`"identity_providers": {`
			`"oidc": {`
[int] 2025-10-07 15:58:18 +02:00			`"hmac_secret": "{{cfg_authelia.oidc.hmac_secret}}",`
[task-184] [mod] authelia:conf template 2024-10-26 11:13:05 +02:00			`"jwks": [`
			`{`
			`"algorithm": "RS256",`
			`"key": "{{temp_tls_result.privatekey \| replace('\n', '\\n')}}"`
			`}`
			`],`
[mod] role:authelia:variable lifespans and cors endpoints 2024-08-22 15:27:43 +02:00			`"lifespans": {`
[int] 2025-10-07 15:58:18 +02:00			`"access_token": "{{cfg_authelia.oidc.lifespan.default.access_token}}",`
			`"refresh_token": "{{cfg_authelia.oidc.lifespan.default.refresh_token}}",`
			`"custom": "{{cfg_authelia.oidc.lifespan.custom \| to_json}}",`
[mod] role:authelia:variable lifespans and cors endpoints 2024-08-22 15:27:43 +02:00			`},`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`"cors": {`
			`"allowed_origins_from_client_redirect_uris": true`
[int] 2025-10-07 15:58:18 +02:00			`{% if cfg_authelia.oidc.cors_endpoints == None %}`
[mod] role:authelia:variable lifespans and cors endpoints 2024-08-22 15:27:43 +02:00			`{% else %}`
[int] 2025-10-07 15:58:18 +02:00			`,"endpoints": {{cfg_authelia.oidc.cors_endpoints \| to_json}}`
[mod] role:authelia:variable lifespans and cors endpoints 2024-08-22 15:27:43 +02:00			`{% endif %}`
[mod] role:authelia 2023-12-16 11:33:38 +01:00			`},`
			`"clients": [`
			`]`
			`}`
			`}`
			`}`