Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

edit policy rules

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-08-17 20:35:08 +02:00
parent d2d3b29140
commit 38398a4cc9
1 changed files with 11 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
utils/modules/authelia/default.nix
View File

@@ -76,17 +76,17 @@
}; };
access_control = { access_control = {
default_policy = "one_factor"; default_policy = "deny";
# rules = [ rules = [
# { {
# domain = ["auth.example.com"]; domain = ["auth.cloonar.com"];
# policy = "bypass"; policy = "bypass";
# } }
# { {
# domain = ["*.example.com"]; domain = ["*.cloonar.com"];
# policy = "one_factor"; policy = "one_factor";
# } }
# ]; ];
}; };
session = { session = {
@@ -128,21 +128,6 @@
## The other portions of the mandatory OpenID Connect 1.0 configuration go here. ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
## See: https://www.authelia.com/c/oidc ## See: https://www.authelia.com/c/oidc
clients = [ clients = [
{
id = "nextcloud";
description = "NextCloud";
secret = "$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng";
public = false;
authorization_policy = "one_factor";
redirect_uris = [ "https://nextcloud.example.com/apps/oidc_login/oidc" ];
scopes = [
"openid"
"profile"
"email"
"groups"
];
userinfo_signing_algorithm = "none";
}
{ {
id = "gitea"; id = "gitea";
description = "Gitea"; description = "Gitea";
@@ -158,21 +143,6 @@
]; ];
userinfo_signing_algorithm = "none"; userinfo_signing_algorithm = "none";
} }
{
id = "gbv-aktuell-typo3";
description = "GBV Aktuell";
secret = "$pbkdf2-sha512$310000$Uo9yGyKfhLxouYNFierOLQ$e37Ui7FIEUCezV4zgM1WX96ruzSA7dz4Q27G0o2iFiNUV/giHh0lyJklcI1UIs10Fs3bsZHDgRnDwaGL3DYsDw";
public = false;
authorization_policy = "one_factor";
redirect_uris = [ "https://gbv-aktuell.cloonar.dev/callback" ];
pre_configured_consent_duration = "1y";
scopes = [
"openid"
"profile"
"email"
];
userinfo_signing_algorithm = "none";
}
]; ];
}; };
}; };