| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598 |
- groups:
- - name: Authelia Configuration
- description: Configure Authelia
- - name: User and Group Configuration
- description: Configure User and Group for Authelia
- - name: Network Configuration
- description: Configure Network for Authelia
- - name: Storage Configuration
- description: Configure Storage for Authelia
- - name: Labels Configuration
- description: Configure Labels for Authelia
- - name: Resources Configuration
- description: Configure Resources for Authelia
- questions:
- - variable: TZ
- group: Authelia Configuration
- label: Timezone
- schema:
- type: string
- default: Etc/UTC
- required: true
- $ref:
- - definitions/timezone
- - variable: authelia
- label: ""
- group: Authelia Configuration
- schema:
- type: dict
- attrs:
- - variable: postgres_image_selector
- label: Postgres Image (CAUTION)
- description: |
- If you are changing this after the postgres directory has been initialized,</br>
- STOP! and make sure you have a backup of your data.</br>
- Changing this will trigger an one way database upgrade.</br>
- You can only select newer versions of postgres.</br>
- Selecting an older version will refuse to start.</br>
- If something goes wrong, you will have to restore from backup.
- schema:
- type: string
- default: postgres_17_image
- required: true
- enum:
- - value: postgres_17_image
- description: Postgres 17
- - variable: db_password
- label: Database Password
- description: The password for Authelia.
- schema:
- type: string
- default: ""
- required: true
- private: true
- - variable: redis_password
- label: Redis Password
- description: The password for Redis.
- schema:
- type: string
- default: ""
- required: true
- private: true
- - variable: encryption_key
- label: Encryption Key
- description: Sets `storage.encryption_key` in the configuration file.
- schema:
- type: string
- default: ""
- min_length: 20
- required: true
- private: true
- - variable: jwt_secret
- label: JWT Secret
- description: Sets `identity_validation.reset_password.jwt_secret` in the configuration file.
- schema:
- type: string
- default: ""
- required: true
- private: true
- - variable: session_secret
- label: Session Secret
- description: Sets `session.secret` in the configuration file.
- schema:
- type: string
- default: ""
- required: true
- private: true
- - variable: use_dummy_config
- label: Use Dummy Configuration
- description: |
- With this enabled, it just creates a dummy configuration file to make Authelia start.</br>
- You should disable this and use your own configuration file.
- schema:
- type: boolean
- default: true
- - variable: config_path
- label: Config Path
- description: |
- Where authelia should look for the configuration file.</br>
- This file must exist when Authelia starts.</br>
- It can also be a directory like `/config/config.d`.</br>
- In this case you need at least one file in that directory.
- schema:
- type: path
- show_if: [["use_dummy_config", "=", false]]
- default: /config/configuration.yaml
- valid_chars: "^/config/.*$"
- valid_chars_error: "The path must start with /config/"
- required: true
- - variable: base_path
- label: Base Path
- description: |
- If the path is configured to anything other than / requests will be handled for both / and the configured path.</br>
- For example if configured to /authelia then requests will be handled for both the / and /authelia/ path.
- schema:
- type: string
- default: "/"
- valid_chars: "^\/.*$"
- valid_chars_error: "The path must start with /"
- show_if: [["use_dummy_config", "=", false]]
- - variable: additional_envs
- label: Additional Environment Variables
- schema:
- type: list
- default: []
- items:
- - variable: env
- label: Environment Variable
- schema:
- type: dict
- attrs:
- - variable: name
- label: Name
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- - variable: run_as
- label: ""
- group: User and Group Configuration
- schema:
- type: dict
- attrs:
- - variable: user
- label: User ID
- description: The user id that Authelia files will be owned by.
- schema:
- type: int
- min: 568
- default: 568
- required: true
- - variable: group
- label: Group ID
- description: The group id that Authelia files will be owned by.
- schema:
- type: int
- min: 568
- default: 568
- required: true
- - variable: network
- label: ""
- group: Network Configuration
- schema:
- type: dict
- attrs:
- - variable: web_port
- label: WebUI Port
- schema:
- type: dict
- attrs:
- - variable: bind_mode
- label: Port Bind Mode
- description: |
- The port bind mode.</br>
- - Publish: The port will be published on the host for external access.</br>
- - Expose: The port will be exposed for inter-container communication.</br>
- - None: The port will not be exposed or published.</br>
- Note: If the Dockerfile defines an EXPOSE directive,
- the port will still be exposed for inter-container communication regardless of this setting.
- schema:
- type: string
- default: "published"
- enum:
- - value: "published"
- description: Publish port on the host for external access
- - value: "exposed"
- description: Expose port for inter-container communication
- - value: ""
- description: None
- - variable: port_number
- label: Port Number
- schema:
- type: int
- default: 30133
- min: 1
- max: 65535
- required: true
- - variable: host_ips
- label: Host IPs
- description: IPs on the host to bind this port
- schema:
- type: list
- show_if: [["bind_mode", "=", "published"]]
- default: []
- items:
- - variable: host_ip
- label: Host IP
- schema:
- type: string
- required: true
- $ref:
- - definitions/node_bind_ip
- - variable: storage
- label: ""
- group: Storage Configuration
- schema:
- type: dict
- attrs:
- - variable: config
- label: Config Storage
- description: The path to store config.
- schema:
- type: dict
- attrs:
- - variable: type
- label: Type
- description: |
- ixVolume: Is dataset created automatically by the system.</br>
- Host Path: Is a path that already exists on the system.
- schema:
- type: string
- required: true
- default: "ix_volume"
- enum:
- - value: "host_path"
- description: Host Path (Path that already exists on the system)
- - value: "ix_volume"
- description: ixVolume (Dataset created automatically by the system)
- - variable: ix_volume_config
- label: ixVolume Configuration
- description: The configuration for the ixVolume dataset.
- schema:
- type: dict
- show_if: [["type", "=", "ix_volume"]]
- $ref:
- - "normalize/ix_volume"
- attrs:
- - variable: acl_enable
- label: Enable ACL
- description: Enable ACL for the storage.
- schema:
- type: boolean
- default: false
- - variable: dataset_name
- label: Dataset Name
- description: The name of the dataset to use for storage.
- schema:
- type: string
- required: true
- hidden: true
- default: "config"
- - variable: acl_entries
- label: ACL Configuration
- schema:
- type: dict
- show_if: [["acl_enable", "=", true]]
- attrs: []
- - variable: host_path_config
- label: Host Path Configuration
- schema:
- type: dict
- show_if: [["type", "=", "host_path"]]
- attrs:
- - variable: acl_enable
- label: Enable ACL
- description: Enable ACL for the storage.
- schema:
- type: boolean
- default: false
- - variable: acl
- label: ACL Configuration
- schema:
- type: dict
- show_if: [["acl_enable", "=", true]]
- attrs: []
- $ref:
- - "normalize/acl"
- - variable: path
- label: Host Path
- description: The host path to use for storage.
- schema:
- type: hostpath
- show_if: [["acl_enable", "=", false]]
- required: true
- - variable: auto_permissions
- label: Automatic Permissions
- description: |
- Automatically set permissions for the host path.
- Enabling this, will check the top level directory,</br>
- If it finds incorrect permissions, it will `chown` the
- host path to the user and group required for the
- postgres container.
- schema:
- type: boolean
- default: false
- show_if: [["acl_enable", "=", false]]
- - variable: postgres_data
- label: Postgres Data Storage
- description: The path to store Postgres Data.
- schema:
- type: dict
- attrs:
- - variable: type
- label: Type
- description: |
- ixVolume: Is dataset created automatically by the system.</br>
- Host Path: Is a path that already exists on the system.
- schema:
- type: string
- required: true
- default: "ix_volume"
- enum:
- - value: "host_path"
- description: Host Path (Path that already exists on the system)
- - value: "ix_volume"
- description: ixVolume (Dataset created automatically by the system)
- - variable: ix_volume_config
- label: ixVolume Configuration
- description: The configuration for the ixVolume dataset.
- schema:
- type: dict
- show_if: [["type", "=", "ix_volume"]]
- $ref:
- - "normalize/ix_volume"
- attrs:
- - variable: acl_enable
- label: Enable ACL
- description: Enable ACL for the storage.
- schema:
- type: boolean
- default: false
- - variable: dataset_name
- label: Dataset Name
- description: The name of the dataset to use for storage.
- schema:
- type: string
- required: true
- hidden: true
- default: "pg_data"
- - variable: acl_entries
- label: ACL Configuration
- schema:
- type: dict
- show_if: [["acl_enable", "=", true]]
- attrs: []
- - variable: host_path_config
- label: Host Path Configuration
- schema:
- type: dict
- show_if: [["type", "=", "host_path"]]
- attrs:
- - variable: acl_enable
- label: Enable ACL
- description: Enable ACL for the storage.
- schema:
- type: boolean
- default: false
- - variable: acl
- label: ACL Configuration
- schema:
- type: dict
- show_if: [["acl_enable", "=", true]]
- attrs: []
- $ref:
- - "normalize/acl"
- - variable: path
- label: Host Path
- description: The host path to use for storage.
- schema:
- type: hostpath
- show_if: [["acl_enable", "=", false]]
- required: true
- - variable: auto_permissions
- label: Automatic Permissions
- description: |
- Automatically set permissions for the host path.
- Enabling this, will check the top level directory,</br>
- If it finds incorrect permissions, it will `chown` the
- host path to the user and group required for the
- postgres container.
- schema:
- type: boolean
- default: false
- show_if: [["acl_enable", "=", false]]
- - variable: additional_storage
- label: Additional Storage
- schema:
- type: list
- default: []
- items:
- - variable: storageEntry
- label: Storage Entry
- schema:
- type: dict
- attrs:
- - variable: type
- label: Type
- description: |
- ixVolume: Is dataset created automatically by the system.</br>
- Host Path: Is a path that already exists on the system.</br>
- SMB Share: Is a SMB share that is mounted to as a volume.
- schema:
- type: string
- required: true
- default: "ix_volume"
- enum:
- - value: "host_path"
- description: Host Path (Path that already exists on the system)
- - value: "ix_volume"
- description: ixVolume (Dataset created automatically by the system)
- - value: "cifs"
- description: SMB/CIFS Share (Mounts a volume to a SMB share)
- - variable: read_only
- label: Read Only
- description: Mount the volume as read only.
- schema:
- type: boolean
- default: false
- - variable: mount_path
- label: Mount Path
- description: The path inside the container to mount the storage.
- schema:
- type: path
- required: true
- - variable: host_path_config
- label: Host Path Configuration
- schema:
- type: dict
- show_if: [["type", "=", "host_path"]]
- attrs:
- - variable: acl_enable
- label: Enable ACL
- description: Enable ACL for the storage.
- schema:
- type: boolean
- default: false
- - variable: acl
- label: ACL Configuration
- schema:
- type: dict
- show_if: [["acl_enable", "=", true]]
- attrs: []
- $ref:
- - "normalize/acl"
- - variable: path
- label: Host Path
- description: The host path to use for storage.
- schema:
- type: hostpath
- show_if: [["acl_enable", "=", false]]
- required: true
- - variable: ix_volume_config
- label: ixVolume Configuration
- description: The configuration for the ixVolume dataset.
- schema:
- type: dict
- show_if: [["type", "=", "ix_volume"]]
- $ref:
- - "normalize/ix_volume"
- attrs:
- - variable: acl_enable
- label: Enable ACL
- description: Enable ACL for the storage.
- schema:
- type: boolean
- default: false
- - variable: dataset_name
- label: Dataset Name
- description: The name of the dataset to use for storage.
- schema:
- type: string
- required: true
- default: "storage_entry"
- - variable: acl_entries
- label: ACL Configuration
- schema:
- type: dict
- show_if: [["acl_enable", "=", true]]
- attrs: []
- $ref:
- - "normalize/acl"
- - variable: cifs_config
- label: SMB Configuration
- description: The configuration for the SMB dataset.
- schema:
- type: dict
- show_if: [["type", "=", "cifs"]]
- attrs:
- - variable: server
- label: Server
- description: The server to mount the SMB share.
- schema:
- type: string
- required: true
- - variable: path
- label: Path
- description: The path to mount the SMB share.
- schema:
- type: string
- required: true
- - variable: username
- label: Username
- description: The username to use for the SMB share.
- schema:
- type: string
- required: true
- - variable: password
- label: Password
- description: The password to use for the SMB share.
- schema:
- type: string
- required: true
- private: true
- - variable: domain
- label: Domain
- description: The domain to use for the SMB share.
- schema:
- type: string
- - variable: labels
- label: ""
- group: Labels Configuration
- schema:
- type: list
- default: []
- items:
- - variable: label
- label: Label
- schema:
- type: dict
- attrs:
- - variable: key
- label: Key
- schema:
- type: string
- required: true
- - variable: value
- label: Value
- schema:
- type: string
- required: true
- - variable: containers
- label: Containers
- description: Containers where the label should be applied
- schema:
- type: list
- items:
- - variable: container
- label: Container
- schema:
- type: string
- required: true
- enum:
- - value: authelia
- description: authelia
- - value: postgres
- description: postgres
- - value: redis
- description: redis
- - variable: resources
- label: ""
- group: Resources Configuration
- schema:
- type: dict
- attrs:
- - variable: limits
- label: Limits
- schema:
- type: dict
- attrs:
- - variable: cpus
- label: CPUs
- description: CPUs limit for Authelia.
- schema:
- type: int
- default: 2
- required: true
- - variable: memory
- label: Memory (in MB)
- description: Memory limit for Authelia.
- schema:
- type: int
- default: 4096
- required: true
|
