server:
  address: 'tcp4://:{{ container_authelia_server_port | default(9091) }}'

log:
  level: {{ container_authelia_log_level | default('debug') }}
  file_path: '{{ container_authelia_log_file_path | default("/var/log/authelia/authelia.log") }}'
  keep_stdout: {{ container_authelia_log_keep_stdout | default(true) }}

identity_validation:
  elevated_session:
    require_second_factor: {{ container_authelia_elevated_session_2fa | default(true) }}
  reset_password:
    jwt_lifespan: '{{ container_authelia_jwt_lifespan | default("5 minutes") }}'
    jwt_secret: {{ container_authelia_jwt_secret }}

totp:
  disable: {{ container_authelia_totp_disable | default(false) }}
  issuer: '{{ container_authelia_totp_issuer | default("example.com") }}'
  period: {{ container_authelia_totp_period | default(30) }}
  skew: {{ container_authelia_totp_skew | default(1) }}

password_policy:
  zxcvbn:
    enabled: {{ container_authelia_zxcvbn_enabled | default(true) }}
    min_score: {{ container_authelia_zxcvbn_min_score | default(4) }}

authentication_backend:
  file:
    path: '{{ container_authelia_auth_file_path | default("/config/users.yml") }}'
    password:
      algorithm: '{{ container_authelia_auth_algorithm | default("argon2") }}'
      argon2:
        variant: '{{ container_authelia_auth_argon2_variant | default("argon2id") }}'
        iterations: {{ container_authelia_auth_argon2_iterations | default(3) }}
        memory: {{ container_authelia_auth_argon2_memory | default(65535) }}
        parallelism: {{ container_authelia_auth_argon2_parallelism | default(4) }}
        key_length: {{ container_authelia_auth_argon2_key_length | default(32) }}
        salt_length: {{ container_authelia_auth_argon2_salt_length | default(16) }}

access_control:
  default_policy: '{{ container_authelia_access_default_policy | default("deny") }}'
  rules:
{% for rule in container_authelia_access_rules %}
    - domain: '{{ rule.domain }}'
      policy: '{{ rule.policy }}'
{% endfor %}

session:
  name: '{{ container_authelia_session_name | default("authelia_session") }}'
  secret: {{ container_authelia_session_key }}

  cookies:
{% for cookie in container_authelia_session_cookies %}
    - domain: '{{ cookie.domain }}'
      authelia_url: '{{ cookie.authelia_url }}'
{% endfor %}

regulation:
  max_retries: {{ container_authelia_regulation_max_retries | default(4) }}
  find_time: {{ container_authelia_regulation_find_time | default(120) }}
  ban_time: {{ container_authelia_regulation_ban_time | default(300) }}

storage:
  encryption_key: {{ container_authelia_storage_encryption_key }}

  local:
    path: '{{ container_authelia_storage_path | default("/config/db.sqlite3") }}'

notifier:
  disable_startup_check: {{ container_authelia_notifier_disable_startup_check | default(false) }}
  filesystem:
    filename: '{{ container_authelia_notifier_file | default("/config/notification.txt") }}'