theme: 'auto'

access_control:
  default_policy: deny
  rules:
    - domain: '*.gasdev.fr'
      policy: one_factor

server:
  address: 'tcp://:9091/'
  endpoints:
    authz:
      forward-auth:
        implementation: 'ForwardAuth'

session:
  cookies:
    - domain: 'gasdev.fr'
      authelia_url: 'https://auth.gasdev.fr'
      default_redirection_url: 'https://auth.gasdev.fr/authenticated'

authentication_backend:
  password_reset:
    disable: false

  file:
    path: '/data/users_database.yml'
    password:
      algorithm: 'argon2'

password_policy:
  standard:
    enabled: true
    min_length: 10
    max_length: 128
    require_uppercase: true
    require_lowercase: true
    require_number: true
    require_special: true

storage:
  local:
    path: /data/db.sqlite3

notifier:
  smtp:
    address: 'smtp.mail.ovh.net'
    username: 'postmaster@gasdev.fr'
    sender: 'Authelia <authelia@gasdev.fr>'

log:
  level: 'info'
  format: 'json'

totp:
  issuer: 'gasdev.fr'
  ## https://www.authelia.com/c/totp#algorithm
  algorithm: 'SHA1'

  ## https://www.authelia.com/c/totp#digits
  digits: 6
  period: 30
  ## See: https://www.authelia.com/c/totp#input-validation to read
  skew: 1

webauthn:
  disable: true

duo_api:
  disable: true
  
ntp:
  address: 'udp://time.cloudflare.com:123'