authentik/passbook/lib/default.yml

104 lines
3.1 KiB
YAML
Raw Normal View History

2018-11-14 18:14:14 +00:00
# This is the default configuration file
databases:
default:
2019-02-21 15:50:36 +00:00
engine: 'django.db.backends.postgresql'
name: passbook
user: passbook
password: 'EK-5jnKfjrGRm<77'
host: localhost
2018-11-14 18:14:14 +00:00
log:
level:
console: DEBUG
file: DEBUG
file: /dev/null
2018-11-14 18:14:14 +00:00
syslog:
host: 127.0.0.1
port: 514
email:
host: localhost
port: 25
user: ''
password: ''
use_tls: false
use_ssl: false
from: passbook <passbook@domain.tld>
web:
listen: 0.0.0.0
port: 8000
threads: 30
debug: false
2018-11-14 18:14:14 +00:00
secure_proxy_header:
HTTP_X_FORWARDED_PROTO: https
2019-03-11 19:46:19 +00:00
rabbitmq: guest:guest@localhost/passbook
2019-03-21 10:28:57 +00:00
redis: localhost/0
2018-11-14 18:14:14 +00:00
# Error reporting, sends stacktrace to sentry.services.beryju.org
error_report_enabled: true
secret_key: 9$@r!d^1^jrn#fk#1#@ks#9&i$^s#1)_13%$rwjrhd=e8jfi_s
2018-11-14 18:14:14 +00:00
2019-04-10 17:48:55 +01:00
domains:
- passbook.local
primary_domain: 'localhost'
2018-11-14 18:14:14 +00:00
passbook:
sign_up:
# Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true
enabled: true
password_reset:
# Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true
enabled: true
# Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions`
verification:
- email
# Text used in title, on login page and multiple other places
branding: passbook
login:
# Override URL used for logo
logo_url: null
# Override URL used for Background on Login page
bg_url: null
# Optionally add a subtext, placed below logo on the login page
2018-11-16 09:08:15 +00:00
subtext: null
2018-11-14 18:14:14 +00:00
footer:
links:
# Optionally add links to the footer on the login page
# - name: test
# href: https://test
# Specify which fields can be used to authenticate. Can be any combination of `username` and `email`
uid_fields:
- username
- email
2018-11-14 18:14:14 +00:00
session:
remember_age: 2592000 # 60 * 60 * 24 * 30, one month
# Provider-specific settings
ldap:
# Which field from `uid_fields` maps to which LDAP Attribute
login_field_map:
username: sAMAccountName
email: mail # or userPrincipalName
user_attribute_map:
active_directory:
username: "%(sAMAccountName)s"
email: "%(mail)s"
name: "%(displayName)"
2018-11-14 18:14:14 +00:00
oauth_client:
# List of python packages with sources types to load.
2018-11-16 09:08:15 +00:00
types:
2018-11-14 18:14:14 +00:00
- passbook.oauth_client.source_types.discord
- passbook.oauth_client.source_types.facebook
- passbook.oauth_client.source_types.github
- passbook.oauth_client.source_types.google
- passbook.oauth_client.source_types.reddit
- passbook.oauth_client.source_types.supervisr
- passbook.oauth_client.source_types.twitter
2019-03-14 20:18:55 +00:00
- passbook.oauth_client.source_types.azure_ad
2018-11-16 09:08:15 +00:00
saml_idp:
# List of python packages with provider types to load.
types:
- passbook.saml_idp.processors.generic
- passbook.saml_idp.processors.aws
2018-11-16 09:08:15 +00:00
- passbook.saml_idp.processors.gitlab
- passbook.saml_idp.processors.nextcloud
- passbook.saml_idp.processors.salesforce
- passbook.saml_idp.processors.shibboleth
- passbook.saml_idp.processors.wordpress_orange