diff options
| author | James Elliott <james-d-elliott@users.noreply.github.com> | 2024-04-15 18:48:08 +1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-04-15 18:48:08 +1000 |
| commit | 01cb8780ae3b0be2138a711970cb30377605826d (patch) | |
| tree | bce811cb14c65c42822e66d36ee2f443fe0436a6 | |
| parent | 22e0c0a4243dcb29aadbcbb545ad0c5077064641 (diff) | |
docs: include many fenced titles (#7180)
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
42 files changed, 127 insertions, 158 deletions
diff --git a/docs/content/blog/release-notes-4.38/index.md b/docs/content/blog/release-notes-4.38/index.md index c1a2e245b..2bf7a1b68 100644 --- a/docs/content/blog/release-notes-4.38/index.md +++ b/docs/content/blog/release-notes-4.38/index.md @@ -567,7 +567,7 @@ server: {{< /details >}} {{< details "After" >}} -```yaml +```yaml {title="configuration.yml"} server: address: 'tcp://0.0.0.0:9091/authelia' ``` diff --git a/docs/content/configuration/first-factor/ldap.md b/docs/content/configuration/first-factor/ldap.md index 6e94a7531..a5524f6f3 100644 --- a/docs/content/configuration/first-factor/ldap.md +++ b/docs/content/configuration/first-factor/ldap.md @@ -81,13 +81,13 @@ located at `/var/run/slapd.sock` the address should be `ldapi:///var/run/slapd.s __Examples:__ -```yaml +```yaml {title="configuration.yml"} authentication_backend: ldap: address: 'ldaps://dc1.example.com' ``` -```yaml +```yaml {title="configuration.yml"} authentication_backend: ldap: address: 'ldap://[fd00:1111:2222:3333::1]' diff --git a/docs/content/configuration/identity-providers/openid-connect/clients.md b/docs/content/configuration/identity-providers/openid-connect/clients.md index 3183a1b28..aad270c15 100644 --- a/docs/content/configuration/identity-providers/openid-connect/clients.md +++ b/docs/content/configuration/identity-providers/openid-connect/clients.md @@ -288,7 +288,7 @@ a default policy of `two_factor` for everyone else. This policy is applied to th `client_with_policy_name`. You should refer to the [authorization_policies](./provider.md#authorization_policies) section for more in depth information. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: authorization_policies: @@ -609,7 +609,7 @@ Required when the following options are configured to specific values: The following is a contextual example (see below for information regarding each option): -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: clients: diff --git a/docs/content/configuration/identity-providers/openid-connect/provider.md b/docs/content/configuration/identity-providers/openid-connect/provider.md index cb136bf2c..09c9609b2 100644 --- a/docs/content/configuration/identity-providers/openid-connect/provider.md +++ b/docs/content/configuration/identity-providers/openid-connect/provider.md @@ -117,7 +117,7 @@ key in this list is used. The following is a contextual example (see below for information regarding each option): -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: jwks: @@ -184,7 +184,7 @@ It is recommended that you use a file to specify this particular option. In part the file is `/config/secrets/oidc/jwks/rsa.2048.key`: -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: jwks: @@ -355,7 +355,7 @@ The follow example shows a policy named `policy_name` which will `deny` access t a default policy of `two_factor` for everyone else. This policy is applied to the client with id `client_with_policy_name`. You should refer to the below headings which describe each configuration key in more detail. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: authorization_policies: @@ -451,7 +451,7 @@ The following is an exhaustive example of all of the options available. Each of same rules as the [access_token](#access_token), [authorize_code](#authorize_code), [id_token](#id_token), and [refresh_token](#refresh_token) global default options. The global lifespan options are included for reference purposes. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: lifespans: @@ -529,14 +529,14 @@ In addition to an Origin URI, you may specify the wildcard origin in the allowed and the [allowed_origins_from_client_redirect_uris](#allowed_origins_from_client_redirect_uris) MUST NOT be enabled. The wildcard origin is denoted as `*`. Examples: -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: cors: allowed_origins: "*" ``` -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: cors: diff --git a/docs/content/configuration/methods/environment.md b/docs/content/configuration/methods/environment.md index f1ce1b3d9..d49e5b98b 100644 --- a/docs/content/configuration/methods/environment.md +++ b/docs/content/configuration/methods/environment.md @@ -39,7 +39,7 @@ Configuration options are mapped by their name. Levels of indentation / subkeys For example this YAML configuration: -```yaml +```yaml {title="configuration.yml"} log: level: 'info' server: diff --git a/docs/content/configuration/methods/files.md b/docs/content/configuration/methods/files.md index 1b173ecae..0343702b6 100644 --- a/docs/content/configuration/methods/files.md +++ b/docs/content/configuration/methods/files.md @@ -137,7 +137,7 @@ information. An excerpt from a Kubernetes container that allows you to specify multiple configuration files is as follows: -```yaml +```yaml {title="deployment.yml"} kind: Deployment apiVersion: apps/v1 metadata: diff --git a/docs/content/configuration/miscellaneous/introduction.md b/docs/content/configuration/miscellaneous/introduction.md index e8560a2d0..f95fa6fac 100644 --- a/docs/content/configuration/miscellaneous/introduction.md +++ b/docs/content/configuration/miscellaneous/introduction.md @@ -69,7 +69,7 @@ Options are: * webauthn * mobile_push -```yaml +```yaml {title="configuration.yml"} default_2fa_method: totp ``` diff --git a/docs/content/configuration/miscellaneous/logging.md b/docs/content/configuration/miscellaneous/logging.md index bd0bc5ee7..a0ebeaad5 100644 --- a/docs/content/configuration/miscellaneous/logging.md +++ b/docs/content/configuration/miscellaneous/logging.md @@ -42,9 +42,9 @@ Defines the level of logs used by Authelia. This level can be set to `trace`, `d setting level to `trace`, you will generate a large amount of log entries and expose the `/debug/vars` and `/debug/pprof/` endpoints which should not be enabled in production. -```yaml +```yaml {title="configuration.yml"} log: - level: debug + level: 'debug' ``` ### format @@ -53,9 +53,9 @@ log: Defines the format of the logs written by Authelia. This format can be set to `json` or `text`. -```yaml +```yaml {title="configuration.yml"} log: - format: json + format: 'json' ``` #### JSON format @@ -90,23 +90,23 @@ the layout supported by Go. __Standard Example:__ -```yaml +```yaml {title="configuration.yml"} log: - file_path: /config/authelia.log + file_path: '/config/authelia.log' ``` __Date Time Example:__ -```yaml +```yaml {title="configuration.yml"} log: - file_path: /config/authelia.%d.log + file_path: '/config/authelia.%d.log' ``` __Date Time Example (with custom layout):__ -```yaml +```yaml {title="configuration.yml"} log: - file_path: /config/authelia.{datetime:Mon Jan 2 15:04:05 MST 2006}.log + file_path: '/config/authelia.{datetime:Mon Jan 2 15:04:05 MST 2006}.log' ``` ### keep_stdout @@ -116,7 +116,7 @@ log: Overrides the behavior to redirect logging only to the `file_path`. If set to `true` logs will be written to both standard output, and the defined logging location. -```yaml +```yaml {title="configuration.yml"} log: keep_stdout: true ``` diff --git a/docs/content/configuration/miscellaneous/ntp.md b/docs/content/configuration/miscellaneous/ntp.md index 8a91cff34..53c9620eb 100644 --- a/docs/content/configuration/miscellaneous/ntp.md +++ b/docs/content/configuration/miscellaneous/ntp.md @@ -58,12 +58,12 @@ Configures the address for the NTP Server. The address itself is a connector and __Examples:__ -```yaml +```yaml {title="configuration.yml"} ntp: address: 'udp://127.0.0.1:123' ``` -```yaml +```yaml {title="configuration.yml"} ntp: address: 'udp6://[fd00:1111:2222:3333::1]:123' ``` diff --git a/docs/content/configuration/miscellaneous/privacy-policy.md b/docs/content/configuration/miscellaneous/privacy-policy.md index 3c5456b53..aa0c27bdd 100644 --- a/docs/content/configuration/miscellaneous/privacy-policy.md +++ b/docs/content/configuration/miscellaneous/privacy-policy.md @@ -71,7 +71,7 @@ This option is required if the [enabled](#enabled) option is true. _**Example:**_ -```yaml +```yaml {title="configuration.yml"} privacy_policy: enabled: true policy_url: 'https://www.example.com/privacy-policy' diff --git a/docs/content/configuration/miscellaneous/server.md b/docs/content/configuration/miscellaneous/server.md index 662cedeb6..918b3b857 100644 --- a/docs/content/configuration/miscellaneous/server.md +++ b/docs/content/configuration/miscellaneous/server.md @@ -66,17 +66,17 @@ path. #### Examples -```yaml +```yaml {title="configuration.yml"} server: address: 'tcp://127.0.0.1:9091/' ``` -```yaml +```yaml {title="configuration.yml"} server: address: 'tcp://127.0.0.1:9091/subpath' ``` -```yaml +```yaml {title="configuration.yml"} server: address: 'unix:///var/run/authelia.sock' ``` diff --git a/docs/content/configuration/notifications/smtp.md b/docs/content/configuration/notifications/smtp.md index 45b60856d..5fc07b377 100644 --- a/docs/content/configuration/notifications/smtp.md +++ b/docs/content/configuration/notifications/smtp.md @@ -71,13 +71,13 @@ use a standard TCP transport and typically enforce StartTLS. __Examples:__ -```yaml +```yaml {title="configuration.yml"} notifier: smtp: address: 'smtp://127.0.0.1:25' ``` -```yaml +```yaml {title="configuration.yml"} notifier: smtp: address: 'submissions://[fd00:1111:2222:3333::1]:465' @@ -181,7 +181,7 @@ Controls the TLS connection validation parameters for either StartTLS or the TLS You need to generate an app password in order to use Gmail SMTP servers. The process is described [here](https://support.google.com/accounts/answer/185833?hl=en). -```yaml +```yaml {title="configuration.yml"} notifier: smtp: username: 'myaccount@gmail.com' diff --git a/docs/content/configuration/prologue/common.md b/docs/content/configuration/prologue/common.md index e4c34495e..47dfca105 100644 --- a/docs/content/configuration/prologue/common.md +++ b/docs/content/configuration/prologue/common.md @@ -210,13 +210,13 @@ no quotes or double quotes. Good Example: -```yaml +```yaml {title="configuration.yml"} domain_regex: '^(admin|secure)\.example\.com$' ``` Bad Example: -```yaml +```yaml {title="configuration.yml"} domain_regex: "^(admin|secure)\.example\.com$" ``` @@ -236,8 +236,7 @@ TLS verification parameters. Notably the [LDAP](../first-factor/ldap.md#tls), [S [PostgreSQL](../storage/postgres.md#tls), [MySQL](../storage/mysql.md#tls), and [Redis](../session/redis.md#tls) sections. This section documents the common parts of this structure. -{{< details "Example: TLS" >}} -```yaml +```yaml {title="configuration.yml"} tls: server_name: 'example.com' skip_verify: false @@ -255,7 +254,6 @@ tls: ... -----END RSA PRIVATE KEY----- ``` -{{< /details >}} #### server_name @@ -326,13 +324,11 @@ buffers. Notably the [server](../miscellaneous/server.md#buffers) and [metrics telemetry](../telemetry/metrics.md#buffers) sections. This section documents the common parts of this structure. -{{< details "Example: Server Buffers" >}} -```yaml +```yaml {title="configuration.yml"} buffers: read: 4096 write: 4096 ``` -{{< /details >}} #### read @@ -353,14 +349,12 @@ timeouts. Notably the [server](../miscellaneous/server.md#timeouts) and [metrics telemetry](../telemetry/metrics.md#timeouts) sections. This section documents the common parts of this structure. -{{< details "Example: Server Timeouts" >}} -```yaml +```yaml {title="configuration.yml"} timeouts: read: '6s' write: '6s' idle: '30s' ``` -{{< /details >}} #### read diff --git a/docs/content/configuration/prologue/migration.md b/docs/content/configuration/prologue/migration.md index cd8538a5f..064735234 100644 --- a/docs/content/configuration/prologue/migration.md +++ b/docs/content/configuration/prologue/migration.md @@ -30,7 +30,7 @@ be represented in [YAML] as a dictionary i.e. it's indented. In our table `server.host` with a value of `0.0.0.0` is represented in [YAML] like this: -```yaml +```yaml {title="configuration.yml"} server: host: '0.0.0.0' ``` diff --git a/docs/content/configuration/prologue/security-sensitive-values.md b/docs/content/configuration/prologue/security-sensitive-values.md index 0e5fc0d51..8bafaa1eb 100644 --- a/docs/content/configuration/prologue/security-sensitive-values.md +++ b/docs/content/configuration/prologue/security-sensitive-values.md @@ -50,7 +50,7 @@ see the [Reference Guide](../../reference/guides/templating.md). This example shows how to do a single-line value. The single quotes are only relevant if the value is a string and can be excluded for other value types. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: hmac_secret: '{{ secret "/config/secrets/absolute/path/to/hmac_secret" }}' @@ -60,7 +60,7 @@ Alternatively you can use the special `m` variants of the `indent` and `squote` layout depending on if the file has multiple lines, [msquote] will automatically single quote the value if it's not multiple lines, see [Multi-Line Value](#multi-line-value) for more information on [mindent]. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: hmac_secret: {{ secret "/config/secrets/absolute/path/to/hmac_secret" | mindent 10 "|" | msquote }} @@ -78,7 +78,7 @@ It's important to note the use of [mindent]: 8 characters, so the value `10` is correct. 2. The value of `|` indicates what multiline prefix to use. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: jwks: diff --git a/docs/content/configuration/security/access-control.md b/docs/content/configuration/security/access-control.md index acb3a35e7..ed0871206 100644 --- a/docs/content/configuration/security/access-control.md +++ b/docs/content/configuration/security/access-control.md @@ -157,7 +157,7 @@ implementation, and it is not currently a priority. *Single domain of `*.example.com` matched. All rules in this list are effectively the same rule just expressed in different ways.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: '*.example.com' @@ -170,7 +170,7 @@ access_control: *Multiple domains matched. These rules will match either `apple.example.com` or `orange.example.com`. All rules in this list are effectively the same rule just expressed in different ways.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: ['apple.example.com', 'banana.example.com'] @@ -184,7 +184,7 @@ access_control: *Multiple domains matched either via a static domain or via a [domain_regex]. This rule will match either `apple.example.com`, `pub-data.example.com`, or `img-data.example.com`.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: 'apple.example.com' @@ -218,7 +218,7 @@ In addition to standard regex patterns this criteria can match some [Named Regex `group-example1.example.com`, it would not match when the request is made to `user-fred.example.com` or `group-admin.example.com`.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain_regex: @@ -230,7 +230,7 @@ access_control: *Multiple domains example, one with a static domain and one with a regex domain. This will match requests to `protected.example.com`, `img-private.example.com`, or `data-private.example.com`.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: 'protected.example.com' @@ -277,7 +277,7 @@ Additionally each level of these lists does not have to be explicitly defined. user is in the group `super-admin`. All rules in this list are effectively the same rule just expressed in different ways.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: 'example.com' @@ -297,7 +297,7 @@ access_control: *Matches when the user is in the `super-admin` group. All rules in this list are effectively the same rule just expressed in different ways.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: 'example.com' @@ -342,7 +342,7 @@ relevant methods are listed in this table: *Bypass `OPTIONS` requests to the `example.com` domain.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: 'example.com' @@ -380,7 +380,7 @@ for administrators to tune the security to their specific needs if desired. *Require [two_factor](#two_factor) for all clients other than internal clients and `112.134.145.167`. The first two rules in this list are effectively the same rule just expressed in different ways.* -```yaml +```yaml {title="configuration.yml"} access_control: default_policy: 'two_factor' networks: @@ -431,7 +431,7 @@ likely save you a lot of time if you do it for all resource rules. *Applies the [bypass](#bypass) policy when the domain is `app.example.com` and the url is `/api`, or starts with either `/api/` or `/api?`.* -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: 'app.example.com' @@ -477,7 +477,7 @@ defaults to `present`. ##### Examples -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: 'app.example.com' @@ -554,7 +554,7 @@ if they have a path of exactly `/api` or if they start with `/api/`. This means `app.example.com` will not be considered if the request is to `https://app.example.com/api` because the first rule is a match for that request. -```yaml +```yaml {title="configuration.yml"} - domain: - 'example.com' - '*.example.com' @@ -614,7 +614,7 @@ alphanumeric (including spaces). Here is a detailed example of an example access control section: -```yaml +```yaml {title="configuration.yml"} access_control: default_policy: 'deny' networks: diff --git a/docs/content/configuration/session/redis.md b/docs/content/configuration/session/redis.md index e768ee367..0e55868a4 100644 --- a/docs/content/configuration/session/redis.md +++ b/docs/content/configuration/session/redis.md @@ -76,7 +76,7 @@ This section describes the individual configuration options. The [redis] host or unix socket path. If utilising an IPv6 literal address it must be enclosed by square brackets and quoted: -```yaml +```yaml {title="configuration.yml"} host: '[fd00:1111:2222:3333::1]' ``` @@ -176,7 +176,7 @@ host, not a regular one. The individual [redis] hosts are determined using [redi Each node has a host and port configuration. Example: -```yaml +```yaml {title="configuration.yml"} - host: redis-sentinel-0 port: 26379 ``` diff --git a/docs/content/configuration/storage/mysql.md b/docs/content/configuration/storage/mysql.md index 19c671b3f..7fc7b6908 100644 --- a/docs/content/configuration/storage/mysql.md +++ b/docs/content/configuration/storage/mysql.md @@ -70,19 +70,19 @@ the `unix` scheme or one of the `tcp` schemes. __Examples:__ -```yaml +```yaml {title="configuration.yml"} storage: mysql: address: 'tcp://127.0.0.1:3306' ``` -```yaml +```yaml {title="configuration.yml"} storage: mysql: address: 'tcp://[fd00:1111:2222:3333::1]:3306' ``` -```yaml +```yaml {title="configuration.yml"} storage: mysql: address: 'unix:///var/run/mysqld.sock' diff --git a/docs/content/configuration/storage/postgres.md b/docs/content/configuration/storage/postgres.md index a46064982..a3f31c8ca 100644 --- a/docs/content/configuration/storage/postgres.md +++ b/docs/content/configuration/storage/postgres.md @@ -70,19 +70,19 @@ the `unix` scheme or one of the `tcp` schemes. __Examples:__ -```yaml +```yaml {title="configuration.yml"} storage: postgres: address: 'tcp://127.0.0.1:5432' ``` -```yaml +```yaml {title="configuration.yml"} storage: postgres: address: 'tcp://[fd00:1111:2222:3333::1]:5432' ``` -```yaml +```yaml {title="configuration.yml"} storage: postgres: address: 'unix:///var/run/postgres.sock' diff --git a/docs/content/integration/deployment/docker.md b/docs/content/integration/deployment/docker.md index b1c9f4c1b..5756e64ea 100644 --- a/docs/content/integration/deployment/docker.md +++ b/docs/content/integration/deployment/docker.md @@ -88,8 +88,7 @@ It expects the following: Use this [Standalone Example](#standalone-example) if you want to use [docker secrets](https://docs.docker.com/engine/swarm/secrets/). -{{< details "docker-compose.yml" >}} -```yaml +```yaml {title="docker-compse.yml"} --- secrets: JWT_SECRET: @@ -124,15 +123,13 @@ networks: name: 'net' ... ``` -{{< /details >}} #### Using a Secrets Volume Use this [Standalone Example](#standalone-example) if you want to use a standard [docker volume](https://docs.docker.com/storage/volumes/) or bind mount for your secrets. -{{< details "docker-compose.yml" >}} -```yaml +```yaml {title="docker-compse.yml"} --- services: authelia: @@ -158,7 +155,6 @@ networks: name: 'net' ``` ... -{{< /details >}} ### Bundles @@ -225,8 +221,7 @@ The example below includes the additional `ports` option which must be added in [Standalone Example](#standalone-example) above. The example allows *Authelia* to be communicated with over the localhost IP address `127.0.0.1` on port `9091`. You need to adjust this to your specific needs. -{{< details "docker-compose.yml" >}} -```yaml +```yaml {title="docker-compse.yml"} --- services: authelia: @@ -242,7 +237,6 @@ services: - '127.0.0.1:9091:9091' ... ``` -{{< /details >}} [Docker]: https://docker.com [Docker Compose]: https://docs.docker.com/compose/ diff --git a/docs/content/integration/kubernetes/introduction.md b/docs/content/integration/kubernetes/introduction.md index 5ef3672c8..34908f469 100644 --- a/docs/content/integration/kubernetes/introduction.md +++ b/docs/content/integration/kubernetes/introduction.md @@ -54,7 +54,7 @@ for more details. #### Pod Example -```yaml + {title="pod.yml"} --- apiVersion: v1 kind: Pod diff --git a/docs/content/integration/kubernetes/istio.md b/docs/content/integration/kubernetes/istio.md index 14d7cf015..20633eb72 100644 --- a/docs/content/integration/kubernetes/istio.md +++ b/docs/content/integration/kubernetes/istio.md @@ -34,7 +34,7 @@ DNS domain name of `cluster.local`. This is an example IstioOperator manifest adjusted to authenticate with Authelia. This example only shows the necessary portions of the resource that you add as well as context. You will need to adapt it to your needs. -```yaml +```yaml {title="istio-operator.yml"} apiVersion: 'install.istio.io/v1alpha1' kind: 'IstioOperator' spec: @@ -65,7 +65,7 @@ spec: The following [Authorization Policy] applies the above filter extension provider to the `nextcloud.example.com` domain: -```yaml +```yaml {title="authoriztion-policy.yml"} apiVersion: 'security.istio.io/v1beta1' kind: 'AuthorizationPolicy' metadata: diff --git a/docs/content/integration/kubernetes/nginx-ingress.md b/docs/content/integration/kubernetes/nginx-ingress.md index b5b50d623..31bc6a96f 100644 --- a/docs/content/integration/kubernetes/nginx-ingress.md +++ b/docs/content/integration/kubernetes/nginx-ingress.md @@ -40,7 +40,7 @@ be applied to the Authelia Ingress itself.* ### Ingress Annotations -```yaml +```yaml {title="ingress.yml"} annotations: nginx.ingress.kubernetes.io/auth-method: 'GET' nginx.ingress.kubernetes.io/auth-url: 'http://authelia.default.svc.cluster.local/api/authz/auth-request' diff --git a/docs/content/integration/kubernetes/secrets.md b/docs/content/integration/kubernetes/secrets.md index 55b968378..b8e1d0ef8 100644 --- a/docs/content/integration/kubernetes/secrets.md +++ b/docs/content/integration/kubernetes/secrets.md @@ -42,8 +42,7 @@ can manually create a secret like this with `kubectl apply -f`. ##### secret.yaml -{{< details "secret.yml" >}} -```yaml +```yaml {title="secret.yml"} --- kind: Secret apiVersion: v1 @@ -100,14 +99,12 @@ stringData: -----END RSA PRIVATE KEY----- ... ``` -{{< /details >}} ##### Base64 Data Example This is the same manifest as above but encoded in base64. -{{< details "secret.yml" >}} -```yaml +```yaml {title="secret.yml"} --- kind: Secret apiVersion: v1 @@ -128,7 +125,6 @@ data: STORAGE_PASSWORD: Tk1IZjlaN0M1VVFZdUtLZ2g5QkpUS2VjY29adDZjNjQ3RlFxc0VIaGthcGtrbmRQa1B3M2Q4Ym52a3FMZ2laNQ== ... ``` -{{< /details >}} ### Kustomize @@ -136,8 +132,7 @@ The following example is a [Kustomize](https://kustomize.io/) example which can files listed in the `secretGenerator` section of the `kustomization.yaml` must exist and contain the contents of your desired secret value. -{{< details "kustomization.yaml" >}} -```yaml +```yaml {title="kustomization.yaml"} --- generatorOptions: disableNameSuffixHash: true @@ -160,7 +155,6 @@ secretGenerator: - 'STORAGE_PASSWORD' ... ``` -{{< /details >}} ## Usage @@ -170,8 +164,7 @@ details. The example is an excerpt for a manifest which can mount volumes. Examples of these are the [Pod], [Deployment], [StatefulSet], and [DaemonSet]. -{{< details "deployment.yml" >}} -```yaml +```yaml {title="deployment.yml"} --- spec: containers: @@ -230,7 +223,6 @@ spec: path: 'STORAGE_PASSWORD' ... ``` -{{< /details >}} [Kubernetes]: https://kubernetes.io/ [Pod]: https://kubernetes.io/docs/concepts/workloads/pods/ diff --git a/docs/content/integration/kubernetes/traefik-ingress.md b/docs/content/integration/kubernetes/traefik-ingress.md index 208d171cd..bc1656cef 100644 --- a/docs/content/integration/kubernetes/traefik-ingress.md +++ b/docs/content/integration/kubernetes/traefik-ingress.md @@ -50,8 +50,7 @@ that your cluster is configured with the default DNS domain name of `cluster.loc *__Important Note:__ The [Middleware] should be applied to an [Ingress] / [IngressRoute] you wish to protect. It __SHOULD NOT__ be applied to the Authelia [Ingress] / [IngressRoute] itself.* -{{< details "middleware.yml" >}} -```yaml +```yaml {title="middleware.yaml"} --- apiVersion: 'traefik.containo.us/v1alpha1' kind: 'Middleware' @@ -71,7 +70,6 @@ spec: - 'Remote-Name' ... ``` -{{< /details >}} ## Ingress @@ -79,8 +77,7 @@ This is an example [Ingress] manifest which uses the above [Middleware](#middlew application you wish to serve on `https://app.example.com` and there is a Kubernetes [Service] with the name `app` in the `default` [Namespace] with TCP port `80` configured to route to the application [Pod]'s HTTP port. -{{< details "ingress.yml" >}} -```yaml +```yaml {title="ingress.yaml"} --- apiVersion: 'networking.k8s.io/v1' kind: 'Ingress' @@ -105,7 +102,6 @@ spec: number: 80 ... ``` -{{< /details >}} ## IngressRoute @@ -113,8 +109,7 @@ This is an example [IngressRoute] manifest which uses the above [Middleware](#mi an application you wish to serve on `https://app.example.com` and there is a Kubernetes [Service] with the name `app` in the `default` [Namespace] with TCP port `80` configured to route to the application [Pod]'s HTTP port. -{{< details "ingressRoute.yml" >}} -```yaml +```yaml {title="ingressRoute.yaml"} --- apiVersion: 'traefik.containo.us/v1alpha1' kind: 'IngressRoute' @@ -140,7 +135,6 @@ spec: weight: 10 ... ``` -{{< /details >}} [Namespace]: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ [Pod]: https://kubernetes.io/docs/concepts/workloads/pods/ diff --git a/docs/content/integration/ldap/introduction.md b/docs/content/integration/ldap/introduction.md index 2d683e890..7d330f25b 100644 --- a/docs/content/integration/ldap/introduction.md +++ b/docs/content/integration/ldap/introduction.md @@ -44,7 +44,8 @@ In your Authelia configuration you will need to enter and update the following v * user `authelia` - username for Authelia service account * password `SUPER_COMPLEX_PASSWORD` - password for Authelia service account -```yaml +```yaml {title="configuration.yml"} +authentication_backend: ldap: address: 'ldap://OpenLDAP:1389' implementation: 'custom' @@ -93,7 +94,8 @@ In your Authelia configuration you will need to enter and update the following v * user `authelia` - username for Authelia service account * password `SUPER_COMPLEX_PASSWORD` - password for Authelia service account -```yaml +```yaml {title="configuration.yml"} +authentication_backend: ldap: address: 'ldaps://ldap.example.com' implementation: 'custom' @@ -138,8 +140,9 @@ In your Authelia configuration you will need to enter and update the following v * user `authelia` - username for Authelia service account. * password `SUPER_COMPLEX_PASSWORD` - password for Authelia service account, -```yaml -ldap: +```yaml {title="configuration.yml"} +authentication_backend: + ldap: address: 'ldap://lldap:3890' implementation: 'custom' timeout: '5s' diff --git a/docs/content/integration/openid-connect/frequently-asked-questions.md b/docs/content/integration/openid-connect/frequently-asked-questions.md index d5014620f..1b20de3f0 100644 --- a/docs/content/integration/openid-connect/frequently-asked-questions.md +++ b/docs/content/integration/openid-connect/frequently-asked-questions.md @@ -253,7 +253,7 @@ you're facing. Examples (assuming your Authelia Root URL is `https://auth.example.com`): -```yaml +```yaml {title="docker-compose.yml"} services: application: ## Mandatory that the application is on the same network as the proxy. diff --git a/docs/content/integration/openid-connect/nextcloud/index.md b/docs/content/integration/openid-connect/nextcloud/index.md index c85cfd2fa..041597878 100644 --- a/docs/content/integration/openid-connect/nextcloud/index.md +++ b/docs/content/integration/openid-connect/nextcloud/index.md @@ -138,7 +138,7 @@ The following example uses the [OpenID Connect user backend](https://apps.nextcl The following YAML configuration is an example __Authelia__ [client configuration] for use with [Nextcloud] which will operate with the application example: -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: ## The other portions of the mandatory OpenID Connect 1.0 configuration go here. diff --git a/docs/content/integration/openid-connect/oauth-2.0-bearer-token-usage.md b/docs/content/integration/openid-connect/oauth-2.0-bearer-token-usage.md index 0cd5c6108..22f3d8550 100644 --- a/docs/content/integration/openid-connect/oauth-2.0-bearer-token-usage.md +++ b/docs/content/integration/openid-connect/oauth-2.0-bearer-token-usage.md @@ -99,7 +99,7 @@ how to enable this scheme (along with the basic scheme). See the [Server Authz Endpoints](../../configuration/miscellaneous/server-endpoints-authz.md) configuration guide for more information. -```yaml +```yaml {title="configuration.yml"} server: endpoints: authz: @@ -138,7 +138,7 @@ server: This feature is only intended to be supported while using the new session configuration syntax. See the example below. -```yaml +```yaml {title="configuration.yml"} session: secret: 'insecure_session_secret' cookies: @@ -156,7 +156,7 @@ grant the client itself. It is important to note that the `client_credentials` grant is **always** treated as 1FA, thus only the `one_factor` policy is useful for this grant type. -```yaml +```yaml {title="configuration.yml"} access_control: rules: ## The 'app1.example.com' domain for the user 'john' regardless if they're using OAuth 2.0 or session based flows. @@ -196,7 +196,7 @@ The following examples illustrate how the [Client Restrictions](#client-restrict ##### Public Client Example -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: clients: @@ -228,7 +228,7 @@ identity_providers: This is likely the most common configuration for most users. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: clients: @@ -263,7 +263,7 @@ This example illustrates a method to configure a Client Credential flow for this automations. It's important to note that for access control evaluation purposes this token will match a subject of `oauth2:client:example-three` i.e. the `oauth2:client:` prefix followed by the client id. -```yaml +```yaml {title="configuration.yml"} identity_providers: oidc: clients: diff --git a/docs/content/integration/openid-connect/synapse/index.md b/docs/content/integration/openid-connect/synapse/index.md index 04194d399..3832446ec 100644 --- a/docs/content/integration/openid-connect/synapse/index.md +++ b/docs/content/integration/openid-connect/synapse/index.md @@ -68,7 +68,7 @@ To configure [Synapse] to utilize Authelia as an [OpenID Connect 1.0] Provider: 1. Edit your [Synapse] `homeserver.yaml` configuration file and add configure the following: -```yaml +```yaml {title="configuration.yml"} oidc_providers: - idp_id: authelia idp_name: "Authelia" diff --git a/docs/content/integration/prologue/get-started.md b/docs/content/integration/prologue/get-started.md index 233e36e94..ec40a31b1 100644 --- a/docs/content/integration/prologue/get-started.md +++ b/docs/content/integration/prologue/get-started.md @@ -83,13 +83,13 @@ The important sections to consider in initial configuration are as follows: 6. [access_control](../../configuration/security/access-control.md) is also important but should be configured with a very basic policy to begin with. Something like: - ```yaml - access_control: - default_policy: deny - rules: - - domain: '*.example.com' - policy: one_factor - ``` +```yaml {title="configuration.yml"} +access_control: + default_policy: deny + rules: + - domain: '*.example.com' + policy: one_factor +``` ## Deployment diff --git a/docs/content/integration/proxies/envoy.md b/docs/content/integration/proxies/envoy.md index 2b49742ad..6465bf048 100644 --- a/docs/content/integration/proxies/envoy.md +++ b/docs/content/integration/proxies/envoy.md @@ -117,8 +117,7 @@ Support for [Envoy] is possible with Authelia v4.37.0 and higher via the [Envoy] [external authorization]: https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/http/ext_authz/v3/ext_authz.proto.html#extensions-filters-http-ext-authz-v3-extauthz -{{< details "docker-compose.yml" >}} -```yaml +```yaml {title="docker-compose.yml"} --- networks: net: @@ -164,10 +163,8 @@ services: PGID: '1000' TZ: 'Australia/Melbourne' ``` -{{< /details >}} -{{< details "envoy.yaml" >}} -```yaml +```yaml {title="envoy.yml"} static_resources: listeners: - name: 'listener_http' @@ -317,7 +314,6 @@ layered_runtime: overload: global_downstream_max_connections: 50000 ``` -{{< /details >}} ## See Also diff --git a/docs/content/integration/proxies/nginx-proxy-manager/index.md b/docs/content/integration/proxies/nginx-proxy-manager/index.md index 3deab8ad4..5c60eebbc 100644 --- a/docs/content/integration/proxies/nginx-proxy-manager/index.md +++ b/docs/content/integration/proxies/nginx-proxy-manager/index.md @@ -70,8 +70,7 @@ following are the assumptions we make: The following docker compose example has various applications suitable for setting up an example environment. -{{< details "docker-compose.yml" >}} -```yaml +```yaml {title="docker-compose.yml"} --- networks: net: @@ -137,7 +136,6 @@ services: TZ: 'Australia/Melbourne' ... ``` -{{< /details >}} ## Configuration diff --git a/docs/content/integration/proxies/swag.md b/docs/content/integration/proxies/swag.md index 70f0ac44a..69008c1e2 100644 --- a/docs/content/integration/proxies/swag.md +++ b/docs/content/integration/proxies/swag.md @@ -88,8 +88,7 @@ they have several configuration examples in the `/config/nginx/proxy-confs` dire If you're looking for a more complete solution [linuxserver.io] also have an nginx container called [SWAG](swag.md) which includes ACME and various other useful utilities. -{{< details "docker-compose.yml" >}} -```yaml +```yaml {title="docker-compose.yml"} --- networks: net: @@ -163,7 +162,6 @@ services: TZ: 'Australia/Melbourne' ... ``` -{{< /details >}} ### Configuration Options diff --git a/docs/content/overview/authorization/access-control.md b/docs/content/overview/authorization/access-control.md index 0df1fcaf1..41eb7c5b9 100644 --- a/docs/content/overview/authorization/access-control.md +++ b/docs/content/overview/authorization/access-control.md @@ -24,7 +24,7 @@ the resource. For instance a rule can look like this: -```yaml +```yaml {title="configuration.yml"} access_control: rules: - domain: dev.example.com diff --git a/docs/content/overview/security/measures.md b/docs/content/overview/security/measures.md index d277bcc72..5e7b29027 100644 --- a/docs/content/overview/security/measures.md +++ b/docs/content/overview/security/measures.md @@ -467,7 +467,7 @@ docker run --user 8000:9000 -v /authelia:/config authelia/authelia:latest Example for docker-compose: -```yaml +```yaml {title="docker-compose.yml"} services: authelia: image: authelia/authelia @@ -499,7 +499,7 @@ docker run -e PUID=8000 -e PGID=9000 -v /authelia:/config authelia/authelia:late Example for docker-compose: -```yaml +```yaml {title="docker-compose.yml"} services: authelia: image: authelia/authelia diff --git a/docs/content/reference/guides/metrics.md b/docs/content/reference/guides/metrics.md index 94c6dbe13..95d32b021 100644 --- a/docs/content/reference/guides/metrics.md +++ b/docs/content/reference/guides/metrics.md @@ -26,6 +26,7 @@ when configured. If metrics are enabled the metrics listener listens on `:9959` [registered port] unless configured otherwise. #### Example Prometheus Job + ```yaml # Authelia - job_name: authelia diff --git a/docs/content/reference/guides/passwords.md b/docs/content/reference/guides/passwords.md index c564a3208..713f36b9b 100644 --- a/docs/content/reference/guides/passwords.md +++ b/docs/content/reference/guides/passwords.md @@ -24,7 +24,7 @@ This file should be set with read/write permissions as it could be updated by us The format of the [YAML] file is as follows: -```yaml +```yaml {title="users-database.yml"} users: john: disabled: false diff --git a/docs/content/reference/guides/rule-operators.md b/docs/content/reference/guides/rule-operators.md index 73f3368ee..95878cddb 100644 --- a/docs/content/reference/guides/rule-operators.md +++ b/docs/content/reference/guides/rule-operators.md @@ -51,7 +51,7 @@ instead. ##### Fully Expressed -```yaml +```yaml {title="configuration.yml"} rule: - - 'a' - 'b' @@ -60,7 +60,7 @@ rule: ##### Omitted Level -```yaml +```yaml {title="configuration.yml"} rule: - - 'a' - 'b' @@ -69,7 +69,7 @@ rule: ##### Compact -```yaml +```yaml {title="configuration.yml"} rule: - ['a', 'b'] - ['c'] @@ -77,7 +77,7 @@ rule: ##### Compact with Omitted Level -```yaml +```yaml {title="configuration.yml"} rule: - ['a', 'b'] - 'c' @@ -85,7 +85,7 @@ rule: ##### Super Compact -```yaml +```yaml {title="configuration.yml"} rule: [['a', 'b'], ['c']] ``` @@ -97,7 +97,7 @@ objects where the key is named `value`. This format should only be used for the ##### Fully Expressed -```yaml +```yaml {title="configuration.yml"} rule: - - value: 'a' - value: 'b' @@ -106,7 +106,7 @@ rule: ##### Omitted Level -```yaml +```yaml {title="configuration.yml"} rule: - - 'a' - 'b' @@ -115,7 +115,7 @@ rule: ##### Compact -```yaml +```yaml {title="configuration.yml"} rule: - ['a', 'b'] - ['c'] @@ -123,7 +123,7 @@ rule: ##### Compact with Omitted Level -```yaml +```yaml {title="configuration.yml"} rule: - ['a', 'b'] - 'c' @@ -131,6 +131,6 @@ rule: ##### Super Compact -```yaml +```yaml {title="configuration.yml"} rule: [['a', 'b'], ['c']] ``` diff --git a/docs/content/reference/guides/schemas.md b/docs/content/reference/guides/schemas.md index 27c7ef3d7..b12216040 100644 --- a/docs/content/reference/guides/schemas.md +++ b/docs/content/reference/guides/schemas.md @@ -27,7 +27,7 @@ https://www.authelia.com/schemas/<version>/json-schema/<name>.json These schemas can be added to the top of a YAML file using the following format: -```yaml +```yaml {title="configuration.yml"} # yaml-language-server: $schema=https://www.authelia.com/schemas/<version>/json-schema/<name>.json example: 'this is just an example' diff --git a/docs/content/reference/guides/templating.md b/docs/content/reference/guides/templating.md index b3f12b913..862906e1c 100644 --- a/docs/content/reference/guides/templating.md +++ b/docs/content/reference/guides/templating.md @@ -131,7 +131,7 @@ This template function takes a single input and is a string which should be a pa Example: -```yaml +```yaml {title="configuration.yml"} example: | {{- fileContent "/absolute/path/to/file" | nindent 2 }} ``` @@ -142,7 +142,7 @@ Overload for [fileContent](#filecontent) except that tailing newlines will be re ##### secret example -```yaml +```yaml {title="configuration.yml"} example: '{{ secret "/absolute/path/to/file" }}' ``` @@ -155,20 +155,20 @@ formatting string provided. Input is in the format of `(int, string, string)`. Input: -```yaml +```yaml {title="configuration.yml"} example: {{ secret "/absolute/path/to/file" | mindent 2 "|" | msquote }} ``` Output (with multiple lines): -```yaml +```yaml {title="configuration.yml"} example: | <content of "/absolute/path/to/file"> ``` Output (without multiple lines): -```yaml +```yaml {title="configuration.yml"} example: '<content of "/absolute/path/to/file">' ``` diff --git a/examples/compose/local/authelia/configuration.yml b/examples/compose/local/authelia/configuration.yml index f204e1070..6ed50b6d4 100644 --- a/examples/compose/local/authelia/configuration.yml +++ b/examples/compose/local/authelia/configuration.yml @@ -3,8 +3,6 @@ # Authelia configuration # ############################################################### -default_redirection_url: 'https://public.example.com' - server: address: 'tcp://:9091' @@ -41,6 +39,7 @@ session: authelia_url: 'https://authelia.example.com' expiration: '1 hour' # 1 hour inactivity: '5 minutes' # 5 minutes + default_redirection_url: 'https://public.example.com' regulation: max_retries: 3 |