| services.authelia.instances.<name>.settings.telemetry.metrics.enabled | Enable Metrics.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.mac | If this attribute is not included, or if is set to the wildcard address (ff:ff:ff:ff:ff:ff),
the entry is available for any station (client) to use
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.pk | If this attribute is given, SAE-PK will be enabled for this connection
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.vlanid | If this attribute is given, all clients using this entry will get tagged with the given VLAN ID.
|
| services.anuko-time-tracker.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.nginx.virtualHosts.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.authelia.instances.<name>.settings.telemetry.metrics.address | The address to listen on for metrics
|
| services.radicle.privateKeyFile | Absolute file path to an SSH private key,
usually generated by rad auth
|
| services.oauth2-proxy.nginx.virtualHosts.<name>.allowed_emails | List of emails to allow access to this vhost, or null to allow all.
|
| services.oauth2-proxy.nginx.virtualHosts.<name>.allowed_groups | List of groups to allow access to this vhost, or null to allow all.
|
| services.bookstack.nginx.basicAuth | Basic Auth protection for a vhost
|
| services.nginx.tailscaleAuth.enable | Whether to enable tailscale.nginx-auth, to authenticate nginx users via tailscale.
|
| services.influxdb2.provision.organizations.<name>.auths | API tokens to provision for the user in this organization.
|
| services.authelia.instances.<name>.environmentVariables | Additional environment variables to provide to authelia
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords | Sets allowed passwords for WPA3-SAE
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.auth_token_file | Optional authentication information for token-based authentication:
https://docs.mesosphere.com/1.11/security/ent/iam-api/#passing-an-authentication-token
It is mutually exclusive with auth_token and other authentication mechanisms.
|
| services.kanboard.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.librenms.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.dolibarr.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.agorakit.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.fediwall.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.mainsail.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.pixelfed.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.jirafeau.nginxConfig.basicAuth | Basic Auth protection for a vhost
|
| services.kanidm.provision.systems.oauth2.<name>.enableLocalhostRedirects | Allow localhost redirects
|
| services.hostapd.radios.<name>.networks.<name>.authentication.wpaPassword | Sets the password for WPA-PSK that will be converted to the pre-shared key
|
| services.kanidm.provision.systems.oauth2.<name>.allowInsecureClientDisablePkce | Disable PKCE on this oauth2 resource server to work around insecure clients
that may not support it
|
| services.strongswan-swanctl.swanctl.connections.<name>.local.<name>.xauth_id | Client XAuth username used in the XAuth exchange.
|
| services.zabbixWeb.nginx.virtualHost.basicAuth | Basic Auth protection for a vhost
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.id | A unique identifier for this authentication token
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswordsFile | Sets the password for WPA3-SAE
|
| services.radicle.httpd.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.passwordFile | The password for this entry, read from the given file when starting hostapd
|
| services.freeciv.settings.Newusers | Whether to enable new users to login if auth is enabled.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.pairwiseCiphers | Set of accepted cipher suites (encryption algorithms) for pairwise keys (unicast packets)
|
| services.hostapd.radios.<name>.networks.<name>.authentication.wpaPskFile | Sets the password(s) for WPA-PSK
|
| services.anuko-time-tracker.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.nginx.virtualHosts.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.mongodb.initialRootPasswordFile | Path to the file containing the password for the root user if auth is enabled.
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.allAccess | Grants all permissions in the associated organization.
|
| services.hostapd.radios.<name>.networks.<name>.authentication.mode | Selects the authentication mode for this AP.
- "none": Don't configure any authentication
|
| services.sabnzbd.settings.misc.inet_exposure | Restrictions for access from non-local IP addresses
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.tokenFile | The token value
|
| services.hostapd.radios.<name>.networks.<name>.authentication.saePasswords.*.password | The password for this entry
|
| services.bookstack.nginx.basicAuthFile | Basic Auth password file for a vhost
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.present | Whether to ensure that this user is present or absent.
|
| services.nginx.tailscaleAuth.virtualHosts | A list of nginx virtual hosts to put behind tailscale.nginx-auth
|
| services.prometheus.remoteRead.*.basic_auth.password_file | HTTP password file
|
| services.kanidm.provision.systems.oauth2.<name>.supplementaryScopeMaps | Maps kanidm groups to additionally returned oauth scopes
|
| services.davis.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.slskd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.movim.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.plausible.mail.smtp.passwordFile | The path to the file with the password in case SMTP auth is enabled.
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.readBuckets | The organization's buckets which should be allowed to be read
|
| services.prometheus.remoteWrite.*.basic_auth.password_file | HTTP password file
|
| services.snipe-it.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.operator | Grants all permissions in all organizations.
|
| services.vmagent.remoteWrite.basicAuthUsername | Basic Auth username used to connect to remote_write endpoint
|
| services.vlagent.remoteWrite.basicAuthUsername | Basic Auth username used to connect to remote_write endpoint
|
| services.jirafeau.nginxConfig.basicAuthFile | Basic Auth password file for a vhost
|
| services.influxdb2.provision.organizations.<name>.auths.<name>.writeBuckets | The organization's buckets which should be allowed to be written
|
| services.strongswan-swanctl.swanctl.authorities.<name>.cert_uri_base | Defines the base URI for the Hash and URL feature supported by
IKEv2
|
| services.postgresql.identMap | Defines the mapping from system users to database users
|
| services.gancio.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fedimintd.<name>.nginx.config.basicAuth | Basic Auth protection for a vhost
|
| services.fluidd.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.matomo.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.monica.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.zammad.secretKeyBaseFile | The path to a file containing the
secret_key_base secret
|
| services.zabbixWeb.nginx.virtualHost.basicAuthFile | Basic Auth password file for a vhost
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.authorization | Optional Authorization header configuration.
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.authorization.type | Sets the authentication type
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.oauth2 | Optional OAuth 2.0 configuration
|
| services.prometheus.scrapeConfigs.*.basic_auth.password_file | HTTP password file
|
| services.calibre-web.options.reverseProxyAuth.header | Auth proxy header name.
|
| services.calibre-web.options.reverseProxyAuth.enable | Enable authorization using auth proxy.
|
| services.strongswan-swanctl.swanctl.connections.<name>.reauth_time | Time to schedule IKE reauthentication
|
| services.vmagent.remoteWrite.basicAuthPasswordFile | File that contains the Basic Auth password used to connect to remote_write endpoint
|
| services.vlagent.remoteWrite.basicAuthPasswordFile | File that contains the Basic Auth password used to connect to remote_write endpoint
|
| services.mattermost.database.peerAuth | If set, will use peer auth instead of connecting to a Postgres server
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.authorization | Optional Authorization header configuration.
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.authorization.type | Sets the authentication type
|
| services.prometheus.scrapeConfigs.*.kuma_sd_configs.*.oauth2.scopes | Scopes for the token request.
|
| services.davis.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.movim.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.slskd.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.prometheus.scrapeConfigs.*.marathon_sd_configs.*.auth_token | Optional authentication information for token-based authentication:
https://docs.mesosphere.com/1.11/security/ent/iam-api/#passing-an-authentication-token
It is mutually exclusive with auth_token_file and other authentication mechanisms.
|
| services.snipe-it.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.teleport.insecure.enable | Whether to enable starting teleport in insecure mode
|
| services.prometheus.scrapeConfigs.*.uyuni_sd_configs.*.oauth2 | Optional OAuth 2.0 configuration
|
| services.fediwall.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.akkoma.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.fluidd.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.kanboard.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.librenms.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.dolibarr.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|
| services.fedimintd.<name>.nginx.config.basicAuthFile | Basic Auth password file for a vhost
|
| services.gancio.nginx.locations.<name>.basicAuthFile | Basic Auth password file for a vhost
|
| services.agorakit.nginx.locations.<name>.basicAuth | Basic Auth protection for a vhost
|