Переменные Authelia
Переменные окружения должны иметь префикс
AUTHELIA_. Все переменные окружения, начинающиеся с этого префикса, должны быть предназначены для конфигурации. Любые переменные окружения, имеющие этот префикс и не предназначенные для конфигурации, скорее всего, приведут к ошибке или, что еще хуже, к неправильной конфигурации.Categories:
Синтаксис переменных
Переменные окружения должны иметь префикс AUTHELIA_. Все переменные окружения, начинающиеся с этого префикса, должны быть предназначены для конфигурации. Любые переменные окружения, имеющие этот префикс и не предназначенные для конфигурации, скорее всего, приведут к ошибке или, что еще хуже, к неправильной конфигурации.
Mapping
Параметры конфигурации сопоставляются по их имени. Уровни отступа / подклавиши заменяются символами подчеркивания.
log:
level: 'info'
server:
buffers:
read: 4096
или
$$AUTHELIA_LOG_LEVEL=info
AUTHELIA_SERVER_BUFFERS_READ=4096$$
Список переменных
| Configuration Key | Environment Variable |
|---|---|
| access_control.default_policy | AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY |
| authentication_backend.file.password.algorithm | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_ALGORITHM |
| authentication_backend.file.password.argon2.iterations | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_ARGON2_ITERATIONS |
| authentication_backend.file.password.argon2.key_length | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_ARGON2_KEY_LENGTH |
| authentication_backend.file.password.argon2.memory | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_ARGON2_MEMORY |
| authentication_backend.file.password.argon2.parallelism | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_ARGON2_PARALLELISM |
| authentication_backend.file.password.argon2.salt_length | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_ARGON2_SALT_LENGTH |
| authentication_backend.file.password.argon2.variant | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_ARGON2_VARIANT |
| authentication_backend.file.password.bcrypt.cost | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_BCRYPT_COST |
| authentication_backend.file.password.bcrypt.variant | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_BCRYPT_VARIANT |
| authentication_backend.file.password.pbkdf2.iterations | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_PBKDF2_ITERATIONS |
| authentication_backend.file.password.pbkdf2.salt_length | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_PBKDF2_SALT_LENGTH |
| authentication_backend.file.password.pbkdf2.variant | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_PBKDF2_VARIANT |
| authentication_backend.file.password.scrypt.block_size | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SCRYPT_BLOCK_SIZE |
| authentication_backend.file.password.scrypt.iterations | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SCRYPT_ITERATIONS |
| authentication_backend.file.password.scrypt.key_length | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SCRYPT_KEY_LENGTH |
| authentication_backend.file.password.scrypt.parallelism | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SCRYPT_PARALLELISM |
| authentication_backend.file.password.scrypt.salt_length | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SCRYPT_SALT_LENGTH |
| authentication_backend.file.password.scrypt.variant | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SCRYPT_VARIANT |
| authentication_backend.file.password.sha2crypt.iterations | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SHA2CRYPT_ITERATIONS |
| authentication_backend.file.password.sha2crypt.salt_length | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SHA2CRYPT_SALT_LENGTH |
| authentication_backend.file.password.sha2crypt.variant | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PASSWORD_SHA2CRYPT_VARIANT |
| authentication_backend.file.path | AUTHELIA_AUTHENTICATION_BACKEND_FILE_PATH |
| authentication_backend.file.search.case_insensitive | AUTHELIA_AUTHENTICATION_BACKEND_FILE_SEARCH_CASE_INSENSITIVE |
| authentication_backend.file.search.email | AUTHELIA_AUTHENTICATION_BACKEND_FILE_SEARCH_EMAIL |
| authentication_backend.file.watch | AUTHELIA_AUTHENTICATION_BACKEND_FILE_WATCH |
| authentication_backend.ldap.additional_groups_dn | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_GROUPS_DN |
| authentication_backend.ldap.additional_users_dn | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDITIONAL_USERS_DN |
| authentication_backend.ldap.address | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ADDRESS |
| authentication_backend.ldap.attributes.birthdate | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_BIRTHDATE |
| authentication_backend.ldap.attributes.country | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_COUNTRY |
| authentication_backend.ldap.attributes.display_name | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_DISPLAY_NAME |
| authentication_backend.ldap.attributes.distinguished_name | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_DISTINGUISHED_NAME |
| authentication_backend.ldap.attributes.family_name | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_FAMILY_NAME |
| authentication_backend.ldap.attributes.gender | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_GENDER |
| authentication_backend.ldap.attributes.given_name | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_GIVEN_NAME |
| authentication_backend.ldap.attributes.group_name | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_GROUP_NAME |
| authentication_backend.ldap.attributes.locale | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_LOCALE |
| authentication_backend.ldap.attributes.locality | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_LOCALITY |
| authentication_backend.ldap.attributes.mail | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_MAIL |
| authentication_backend.ldap.attributes.member_of | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_MEMBER_OF |
| authentication_backend.ldap.attributes.middle_name | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_MIDDLE_NAME |
| authentication_backend.ldap.attributes.nickname | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_NICKNAME |
| authentication_backend.ldap.attributes.phone_extension | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_PHONE_EXTENSION |
| authentication_backend.ldap.attributes.phone_number | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_PHONE_NUMBER |
| authentication_backend.ldap.attributes.picture | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_PICTURE |
| authentication_backend.ldap.attributes.postal_code | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_POSTAL_CODE |
| authentication_backend.ldap.attributes.profile | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_PROFILE |
| authentication_backend.ldap.attributes.region | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_REGION |
| authentication_backend.ldap.attributes.street_address | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_STREET_ADDRESS |
| authentication_backend.ldap.attributes.username | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_USERNAME |
| authentication_backend.ldap.attributes.website | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_WEBSITE |
| authentication_backend.ldap.attributes.zoneinfo | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_ATTRIBUTES_ZONEINFO |
| authentication_backend.ldap.base_dn | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_BASE_DN |
| authentication_backend.ldap.group_search_mode | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUP_SEARCH_MODE |
| authentication_backend.ldap.groups_filter | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_GROUPS_FILTER |
| authentication_backend.ldap.implementation | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_IMPLEMENTATION |
| authentication_backend.ldap.permit_feature_detection_failure | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PERMIT_FEATURE_DETECTION_FAILURE |
| authentication_backend.ldap.permit_referrals | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PERMIT_REFERRALS |
| authentication_backend.ldap.permit_unauthenticated_bind | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PERMIT_UNAUTHENTICATED_BIND |
| authentication_backend.ldap.pooling.count | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_POOLING_COUNT |
| authentication_backend.ldap.pooling.enable | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_POOLING_ENABLE |
| authentication_backend.ldap.pooling.retries | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_POOLING_RETRIES |
| authentication_backend.ldap.pooling.timeout | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_POOLING_TIMEOUT |
| authentication_backend.ldap.start_tls | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_START_TLS |
| authentication_backend.ldap.timeout | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TIMEOUT |
| authentication_backend.ldap.tls.maximum_version | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TLS_MAXIMUM_VERSION |
| authentication_backend.ldap.tls.minimum_version | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TLS_MINIMUM_VERSION |
| authentication_backend.ldap.tls.server_name | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TLS_SERVER_NAME |
| authentication_backend.ldap.tls.skip_verify | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_TLS_SKIP_VERIFY |
| authentication_backend.ldap.user | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USER |
| authentication_backend.ldap.users_filter | AUTHELIA_AUTHENTICATION_BACKEND_LDAP_USERS_FILTER |
| authentication_backend.password_change.disable | AUTHELIA_AUTHENTICATION_BACKEND_PASSWORD_CHANGE_DISABLE |
| authentication_backend.password_reset.custom_url | AUTHELIA_AUTHENTICATION_BACKEND_PASSWORD_RESET_CUSTOM_URL |
| authentication_backend.password_reset.disable | AUTHELIA_AUTHENTICATION_BACKEND_PASSWORD_RESET_DISABLE |
| authentication_backend.refresh_interval | AUTHELIA_AUTHENTICATION_BACKEND_REFRESH_INTERVAL |
Identuty
| Configuration Key | Environment Variable |
|---|---|
| certificates_directory | AUTHELIA_CERTIFICATES_DIRECTORY |
| default_2fa_method | AUTHELIA_DEFAULT_2FA_METHOD |
| duo_api.disable | AUTHELIA_DUO_API_DISABLE |
| duo_api.enable_self_enrollment | AUTHELIA_DUO_API_ENABLE_SELF_ENROLLMENT |
| duo_api.hostname | AUTHELIA_DUO_API_HOSTNAME |
| identity_providers.oidc | AUTHELIA_IDENTITY_PROVIDERS_OIDC |
| identity_providers.oidc.cors.allowed_origins_from_client_redirect_uris | AUTHELIA_IDENTITY_PROVIDERS_OIDC_CORS_ALLOWED_ORIGINS_FROM_CLIENT_REDIRECT_URIS |
| identity_providers.oidc.cors.endpoints | AUTHELIA_IDENTITY_PROVIDERS_OIDC_CORS_ENDPOINTS |
| identity_providers.oidc.discovery_signed_response_alg | AUTHELIA_IDENTITY_PROVIDERS_OIDC_DISCOVERY_SIGNED_RESPONSE_ALG |
| identity_providers.oidc.discovery_signed_response_key_id | AUTHELIA_IDENTITY_PROVIDERS_OIDC_DISCOVERY_SIGNED_RESPONSE_KEY_ID |
| identity_providers.oidc.enable_client_debug_messages | AUTHELIA_IDENTITY_PROVIDERS_OIDC_ENABLE_CLIENT_DEBUG_MESSAGES |
| identity_providers.oidc.enable_jwt_access_token_stateless_introspection | AUTHELIA_IDENTITY_PROVIDERS_OIDC_ENABLE_JWT_ACCESS_TOKEN_STATELESS_INTROSPECTION |
| identity_providers.oidc.enable_pkce_plain_challenge | AUTHELIA_IDENTITY_PROVIDERS_OIDC_ENABLE_PKCE_PLAIN_CHALLENGE |
| identity_providers.oidc.enforce_pkce | AUTHELIA_IDENTITY_PROVIDERS_OIDC_ENFORCE_PKCE |
| identity_providers.oidc.lifespans.access_token | AUTHELIA_IDENTITY_PROVIDERS_OIDC_LIFESPANS_ACCESS_TOKEN |
| identity_providers.oidc.lifespans.authorize_code | AUTHELIA_IDENTITY_PROVIDERS_OIDC_LIFESPANS_AUTHORIZE_CODE |
| identity_providers.oidc.lifespans.device_code | AUTHELIA_IDENTITY_PROVIDERS_OIDC_LIFESPANS_DEVICE_CODE |
| identity_providers.oidc.lifespans.id_token | AUTHELIA_IDENTITY_PROVIDERS_OIDC_LIFESPANS_ID_TOKEN |
| identity_providers.oidc.lifespans.jwt_secured_authorization | AUTHELIA_IDENTITY_PROVIDERS_OIDC_LIFESPANS_JWT_SECURED_AUTHORIZATION |
| identity_providers.oidc.lifespans.refresh_token | AUTHELIA_IDENTITY_PROVIDERS_OIDC_LIFESPANS_REFRESH_TOKEN |
| identity_providers.oidc.minimum_parameter_entropy | AUTHELIA_IDENTITY_PROVIDERS_OIDC_MINIMUM_PARAMETER_ENTROPY |
| identity_providers.oidc.require_pushed_authorization_requests | AUTHELIA_IDENTITY_PROVIDERS_OIDC_REQUIRE_PUSHED_AUTHORIZATION_REQUESTS |
| identity_validation.elevated_session.characters | AUTHELIA_IDENTITY_VALIDATION_ELEVATED_SESSION_CHARACTERS |
| identity_validation.elevated_session.code_lifespan | AUTHELIA_IDENTITY_VALIDATION_ELEVATED_SESSION_CODE_LIFESPAN |
| identity_validation.elevated_session.elevation_lifespan | AUTHELIA_IDENTITY_VALIDATION_ELEVATED_SESSION_ELEVATION_LIFESPAN |
| identity_validation.elevated_session.require_second_factor | AUTHELIA_IDENTITY_VALIDATION_ELEVATED_SESSION_REQUIRE_SECOND_FACTOR |
| identity_validation.elevated_session.skip_second_factor | AUTHELIA_IDENTITY_VALIDATION_ELEVATED_SESSION_SKIP_SECOND_FACTOR |
| identity_validation.reset_password.jwt_algorithm | AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_ALGORITHM |
| identity_validation.reset_password.jwt_lifespan | AUTHELIA_IDENTITY_VALIDATION_RESET_PASSWORD_JWT_LIFESPAN |
log
| Configuration Key | Environment Variable |
|---|---|
| log.file_path | AUTHELIA_LOG_FILE_PATH |
| log.format | AUTHELIA_LOG_FORMAT |
| log.keep_stdout | AUTHELIA_LOG_KEEP_STDOUT |
| log.level | AUTHELIA_LOG_LEVEL |
| notifier.disable_startup_check | AUTHELIA_NOTIFIER_DISABLE_STARTUP_CHECK |
| notifier.filesystem.filename | AUTHELIA_NOTIFIER_FILESYSTEM_FILENAME |
| notifier.smtp.address | AUTHELIA_NOTIFIER_SMTP_ADDRESS |
| notifier.smtp.disable_html_emails | AUTHELIA_NOTIFIER_SMTP_DISABLE_HTML_EMAILS |
| notifier.smtp.disable_require_tls | AUTHELIA_NOTIFIER_SMTP_DISABLE_REQUIRE_TLS |
| notifier.smtp.disable_starttls | AUTHELIA_NOTIFIER_SMTP_DISABLE_STARTTLS |
| notifier.smtp.identifier | AUTHELIA_NOTIFIER_SMTP_IDENTIFIER |
| notifier.smtp.sender | AUTHELIA_NOTIFIER_SMTP_SENDER |
| notifier.smtp.startup_check_address | AUTHELIA_NOTIFIER_SMTP_STARTUP_CHECK_ADDRESS |
| notifier.smtp.subject | AUTHELIA_NOTIFIER_SMTP_SUBJECT |
| notifier.smtp.timeout | AUTHELIA_NOTIFIER_SMTP_TIMEOUT |
| notifier.smtp.tls.maximum_version | AUTHELIA_NOTIFIER_SMTP_TLS_MAXIMUM_VERSION |
| notifier.smtp.tls.minimum_version | AUTHELIA_NOTIFIER_SMTP_TLS_MINIMUM_VERSION |
| notifier.smtp.tls.server_name | AUTHELIA_NOTIFIER_SMTP_TLS_SERVER_NAME |
| notifier.smtp.tls.skip_verify | AUTHELIA_NOTIFIER_SMTP_TLS_SKIP_VERIFY |
| notifier.smtp.username | AUTHELIA_NOTIFIER_SMTP_USERNAME |
| notifier.template_path | AUTHELIA_NOTIFIER_TEMPLATE_PATH |
| ntp.address | AUTHELIA_NTP_ADDRESS |
| ntp.disable_failure | AUTHELIA_NTP_DISABLE_FAILURE |
| ntp.disable_startup_check | AUTHELIA_NTP_DISABLE_STARTUP_CHECK |
| ntp.max_desync | AUTHELIA_NTP_MAX_DESYNC |
| ntp.version | AUTHELIA_NTP_VERSION |
| password_policy.standard.enabled | AUTHELIA_PASSWORD_POLICY_STANDARD_ENABLED |
| password_policy.standard.max_length | AUTHELIA_PASSWORD_POLICY_STANDARD_MAX_LENGTH |
| password_policy.standard.min_length | AUTHELIA_PASSWORD_POLICY_STANDARD_MIN_LENGTH |
| password_policy.standard.require_lowercase | AUTHELIA_PASSWORD_POLICY_STANDARD_REQUIRE_LOWERCASE |
| password_policy.standard.require_number | AUTHELIA_PASSWORD_POLICY_STANDARD_REQUIRE_NUMBER |
| password_policy.standard.require_special | AUTHELIA_PASSWORD_POLICY_STANDARD_REQUIRE_SPECIAL |
| password_policy.standard.require_uppercase | AUTHELIA_PASSWORD_POLICY_STANDARD_REQUIRE_UPPERCASE |
| password_policy.zxcvbn.enabled | AUTHELIA_PASSWORD_POLICY_ZXCVBN_ENABLED |
| password_policy.zxcvbn.min_score | AUTHELIA_PASSWORD_POLICY_ZXCVBN_MIN_SCORE |
privacy
| Configuration Key | Environment Variable |
|---|---|
| privacy_policy.enabled | AUTHELIA_PRIVACY_POLICY_ENABLED |
| privacy_policy.policy_url | AUTHELIA_PRIVACY_POLICY_POLICY_URL |
| privacy_policy.require_user_acceptance | AUTHELIA_PRIVACY_POLICY_REQUIRE_USER_ACCEPTANCE |
| regulation.ban_time | AUTHELIA_REGULATION_BAN_TIME |
| regulation.find_time | AUTHELIA_REGULATION_FIND_TIME |
| regulation.max_retries | AUTHELIA_REGULATION_MAX_RETRIES |
| regulation.modes | AUTHELIA_REGULATION_MODES |
| server.address | AUTHELIA_SERVER_ADDRESS |
| server.asset_path | AUTHELIA_SERVER_ASSET_PATH |
| server.buffers.read | AUTHELIA_SERVER_BUFFERS_READ |
| server.buffers.write | AUTHELIA_SERVER_BUFFERS_WRITE |
| server.disable_healthcheck | AUTHELIA_SERVER_DISABLE_HEALTHCHECK |
| server.endpoints.enable_expvars | AUTHELIA_SERVER_ENDPOINTS_ENABLE_EXPVARS |
| server.endpoints.enable_pprof | AUTHELIA_SERVER_ENDPOINTS_ENABLE_PPROF |
| server.endpoints.rate_limits.reset_password_finish.enable | AUTHELIA_SERVER_ENDPOINTS_RATE_LIMITS_RESET_PASSWORD_FINISH_ENABLE |
| server.endpoints.rate_limits.reset_password_start.enable | AUTHELIA_SERVER_ENDPOINTS_RATE_LIMITS_RESET_PASSWORD_START_ENABLE |
| server.endpoints.rate_limits.second_factor_duo.enable | AUTHELIA_SERVER_ENDPOINTS_RATE_LIMITS_SECOND_FACTOR_DUO_ENABLE |
| server.endpoints.rate_limits.second_factor_totp.enable | AUTHELIA_SERVER_ENDPOINTS_RATE_LIMITS_SECOND_FACTOR_TOTP_ENABLE |
| server.endpoints.rate_limits.session_elevation_finish.enable | AUTHELIA_SERVER_ENDPOINTS_RATE_LIMITS_SESSION_ELEVATION_FINISH_ENABLE |
| server.endpoints.rate_limits.session_elevation_start.enable | AUTHELIA_SERVER_ENDPOINTS_RATE_LIMITS_SESSION_ELEVATION_START_ENABLE |
| server.headers.csp_template | AUTHELIA_SERVER_HEADERS_CSP_TEMPLATE |
| server.timeouts.idle | AUTHELIA_SERVER_TIMEOUTS_IDLE |
| server.timeouts.read | AUTHELIA_SERVER_TIMEOUTS_READ |
| server.timeouts.write | AUTHELIA_SERVER_TIMEOUTS_WRITE |
| server.tls.certificate | AUTHELIA_SERVER_TLS_CERTIFICATE |
| server.tls.client_certificates | AUTHELIA_SERVER_TLS_CLIENT_CERTIFICATES |
| server.tls.key | AUTHELIA_SERVER_TLS_KEY |
| session | AUTHELIA_SESSION |
| session.expiration | AUTHELIA_SESSION_EXPIRATION |
| session.inactivity | AUTHELIA_SESSION_INACTIVITY |
| session.name | AUTHELIA_SESSION_NAME |
| session.redis.database_index | AUTHELIA_SESSION_REDIS_DATABASE_INDEX |
| session.redis.high_availability.route_by_latency | AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_ROUTE_BY_LATENCY |
| session.redis.high_availability.route_randomly | AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_ROUTE_RANDOMLY |
| session.redis.high_availability.sentinel_name | AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_NAME |
| session.redis.high_availability.sentinel_username | AUTHELIA_SESSION_REDIS_HIGH_AVAILABILITY_SENTINEL_USERNAME |
| session.redis.host | AUTHELIA_SESSION_REDIS_HOST |
| session.redis.max_retries | AUTHELIA_SESSION_REDIS_MAX_RETRIES |
| session.redis.maximum_active_connections | AUTHELIA_SESSION_REDIS_MAXIMUM_ACTIVE_CONNECTIONS |
| session.redis.minimum_idle_connections | AUTHELIA_SESSION_REDIS_MINIMUM_IDLE_CONNECTIONS |
| session.redis.port | AUTHELIA_SESSION_REDIS_PORT |
| session.redis.timeout | AUTHELIA_SESSION_REDIS_TIMEOUT |
| session.redis.tls.maximum_version | AUTHELIA_SESSION_REDIS_TLS_MAXIMUM_VERSION |
| session.redis.tls.minimum_version | AUTHELIA_SESSION_REDIS_TLS_MINIMUM_VERSION |
| session.redis.tls.server_name | AUTHELIA_SESSION_REDIS_TLS_SERVER_NAME |
| session.redis.tls.skip_verify | AUTHELIA_SESSION_REDIS_TLS_SKIP_VERIFY |
| session.redis.username | AUTHELIA_SESSION_REDIS_USERNAME |
| session.remember_me | AUTHELIA_SESSION_REMEMBER_ME |
| session.same_site | AUTHELIA_SESSION_SAME_SITE |
storage
| Configuration Key | Environment Variable |
|---|---|
| storage.local.path | AUTHELIA_STORAGE_LOCAL_PATH |
| storage.mysql.address | AUTHELIA_STORAGE_MYSQL_ADDRESS |
| storage.mysql.database | AUTHELIA_STORAGE_MYSQL_DATABASE |
| storage.mysql.timeout | AUTHELIA_STORAGE_MYSQL_TIMEOUT |
| storage.mysql.tls.maximum_version | AUTHELIA_STORAGE_MYSQL_TLS_MAXIMUM_VERSION |
| storage.mysql.tls.minimum_version | AUTHELIA_STORAGE_MYSQL_TLS_MINIMUM_VERSION |
| storage.mysql.tls.server_name | AUTHELIA_STORAGE_MYSQL_TLS_SERVER_NAME |
| storage.mysql.tls.skip_verify | AUTHELIA_STORAGE_MYSQL_TLS_SKIP_VERIFY |
| storage.mysql.username | AUTHELIA_STORAGE_MYSQL_USERNAME |
| storage.postgres.address | AUTHELIA_STORAGE_POSTGRES_ADDRESS |
| storage.postgres.database | AUTHELIA_STORAGE_POSTGRES_DATABASE |
| storage.postgres.schema | AUTHELIA_STORAGE_POSTGRES_SCHEMA |
| storage.postgres.timeout | AUTHELIA_STORAGE_POSTGRES_TIMEOUT |
| storage.postgres.tls.maximum_version | AUTHELIA_STORAGE_POSTGRES_TLS_MAXIMUM_VERSION |
| storage.postgres.tls.minimum_version | AUTHELIA_STORAGE_POSTGRES_TLS_MINIMUM_VERSION |
| storage.postgres.tls.server_name | AUTHELIA_STORAGE_POSTGRES_TLS_SERVER_NAME |
| storage.postgres.tls.skip_verify | AUTHELIA_STORAGE_POSTGRES_TLS_SKIP_VERIFY |
| storage.postgres.username | AUTHELIA_STORAGE_POSTGRES_USERNAME |
| telemetry.metrics.address | AUTHELIA_TELEMETRY_METRICS_ADDRESS |
| telemetry.metrics.buffers.read | AUTHELIA_TELEMETRY_METRICS_BUFFERS_READ |
| telemetry.metrics.buffers.write | AUTHELIA_TELEMETRY_METRICS_BUFFERS_WRITE |
| telemetry.metrics.enabled | AUTHELIA_TELEMETRY_METRICS_ENABLED |
| telemetry.metrics.timeouts.idle | AUTHELIA_TELEMETRY_METRICS_TIMEOUTS_IDLE |
| telemetry.metrics.timeouts.read | AUTHELIA_TELEMETRY_METRICS_TIMEOUTS_READ |
| telemetry.metrics.timeouts.write | AUTHELIA_TELEMETRY_METRICS_TIMEOUTS_WRITE |
| theme | AUTHELIA_THEME |
| totp.algorithm | AUTHELIA_TOTP_ALGORITHM |
| totp.allowed_algorithms | AUTHELIA_TOTP_ALLOWED_ALGORITHMS |
| totp.allowed_digits | AUTHELIA_TOTP_ALLOWED_DIGITS |
| totp.allowed_periods | AUTHELIA_TOTP_ALLOWED_PERIODS |
| totp.digits | AUTHELIA_TOTP_DIGITS |
| totp.disable | AUTHELIA_TOTP_DISABLE |
| totp.disable_reuse_security_policy | AUTHELIA_TOTP_DISABLE_REUSE_SECURITY_POLICY |
| totp.issuer | AUTHELIA_TOTP_ISSUER |
| totp.period | AUTHELIA_TOTP_PERIOD |
| totp.secret_size | AUTHELIA_TOTP_SECRET_SIZE |
| totp.skew | AUTHELIA_TOTP_SKEW |
| webauthn.attestation_conveyance_preference | AUTHELIA_WEBAUTHN_ATTESTATION_CONVEYANCE_PREFERENCE |
| webauthn.disable | AUTHELIA_WEBAUTHN_DISABLE |
| webauthn.display_name | AUTHELIA_WEBAUTHN_DISPLAY_NAME |
| webauthn.enable_passkey_login | AUTHELIA_WEBAUTHN_ENABLE_PASSKEY_LOGIN |
| webauthn.experimental_enable_passkey_upgrade | AUTHELIA_WEBAUTHN_EXPERIMENTAL_ENABLE_PASSKEY_UPGRADE |
| webauthn.experimental_enable_passkey_uv_two_factors | AUTHELIA_WEBAUTHN_EXPERIMENTAL_ENABLE_PASSKEY_UV_TWO_FACTORS |
| webauthn.filtering.prohibit_backup_eligibility | AUTHELIA_WEBAUTHN_FILTERING_PROHIBIT_BACKUP_ELIGIBILITY |
| webauthn.metadata.enabled | AUTHELIA_WEBAUTHN_METADATA_ENABLED |
| webauthn.metadata.validate_entry | AUTHELIA_WEBAUTHN_METADATA_VALIDATE_ENTRY |
| webauthn.metadata.validate_entry_permit_zero_aaguid | AUTHELIA_WEBAUTHN_METADATA_VALIDATE_ENTRY_PERMIT_ZERO_AAGUID |
| webauthn.metadata.validate_status | AUTHELIA_WEBAUTHN_METADATA_VALIDATE_STATUS |
| webauthn.metadata.validate_status_permitted | AUTHELIA_WEBAUTHN_METADATA_VALIDATE_STATUS_PERMITTED |
| webauthn.metadata.validate_status_prohibited | AUTHELIA_WEBAUTHN_METADATA_VALIDATE_STATUS_PROHIBITED |
| webauthn.metadata.validate_trust_anchor | AUTHELIA_WEBAUTHN_METADATA_VALIDATE_TRUST_ANCHOR |
| webauthn.selection_criteria.attachment | AUTHELIA_WEBAUTHN_SELECTION_CRITERIA_ATTACHMENT |
| webauthn.selection_criteria.discoverability | AUTHELIA_WEBAUTHN_SELECTION_CRITERIA_DISCOVERABILITY |
| webauthn.selection_criteria.user_verification | AUTHELIA_WEBAUTHN_SELECTION_CRITERIA_USER_VERIFICATION |
| webauthn.timeout | AUTHELIA_WEBAUTHN_TIMEOUT |