---
###############################################################
#                   Authelia configuration                    #
###############################################################

server:
  address: 'tcp://:9091'

log:
  level: 'debug'

totp:
  issuer: 'authelia.com'

identity_validation:
  reset_password:
    jwt_secret: 'S3SorNdAWR786SeTP7a9MBNQQbSqRTGFitqRtemT7VD6PQtmQHsXhPGgs7bfKTvp'

authentication_backend:
  file:
    path: '/config/users_database.yml'

access_control:
  default_policy: 'deny'
  rules:
    - domain: 'www.delmar.bzh'
      policy: 'bypass'
    - domain: 'dkr.delmar.bzh'
      policy: 'one_factor'
    - domain: 'cloud.delmar.bzh'
      policy: 'two_factor'

session:
  secret: 'M7SQ7ornWrDas6ienGHmRJaNrX93KNLCTi8ggM3QMiKKcCdjAwyJrLFK3oSVgsfG'

  cookies:
    - name: 'authelia_session'
      domain: 'delmar.bzh'  # Should match whatever your root protected domain is
      authelia_url: 'https://auth.delmar.bzh'
      expiration: '1 hour'  # 1 hour
      inactivity: '5 minutes'  # 5 minutes
      default_redirection_url: 'https://public.example.com'

regulation:
  max_retries: 3
  find_time: '2 minutes'
  ban_time: '5 minutes'

storage:
  encryption_key: 'yxmVn7chQz6PWEwPyXYSnHo9y42sWMfEXvLxRA6wPsZdj5Jb2ZGM9dVjgUTUSnbx'
  local:
    path: '/config/db.sqlite3'

notifier:
  filesystem:
    filename: '/config/notification.txt'