diff options
author | Emile <git@emile.space> | 2024-07-21 17:49:34 +0200 |
---|---|---|
committer | Emile <git@emile.space> | 2024-07-21 17:49:34 +0200 |
commit | 16ca088c2a601ef78e43024b3e6050e1fc86b0b0 (patch) | |
tree | 2d48f1c06e3fd1926d7ac9a37f7d2b6e93fbb295 /nix | |
parent | 0adf33787b5394b1cde4769bf2206ba252a26237 (diff) |
authelia sso setting changes
Diffstat (limited to 'nix')
-rw-r--r-- | nix/hosts/corrino/modules/authelia.emile.space.nix | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/nix/hosts/corrino/modules/authelia.emile.space.nix b/nix/hosts/corrino/modules/authelia.emile.space.nix index e96d0ca..4a4a72a 100644 --- a/nix/hosts/corrino/modules/authelia.emile.space.nix +++ b/nix/hosts/corrino/modules/authelia.emile.space.nix @@ -111,7 +111,7 @@ in { # we're using a file to store the user information authentication_backend = { - refresh_interval = "1m"; + refresh_interval = "20s"; file = { path = "/var/lib/authelia-main/user.yml"; watch = true; @@ -159,11 +159,11 @@ in { identity_providers = { oidc = { - # regenerate keys like this: - # ; nix run nixpkgs#authelia -- crypto certificate rsa generate - # current serial: deb83f17e27e663f544a16ad2947631d + # regenerate keys like this: + # ; nix run nixpkgs#authelia -- crypto certificate rsa generate + # current serial: deb83f17e27e663f544a16ad2947631d - enable_client_debug_messages = false; + enable_client_debug_messages = false; minimum_parameter_entropy = 8; enforce_pkce = "public_clients_only"; enable_pkce_plain_challenge = false; @@ -201,6 +201,14 @@ in { skew = 1; secret_size = 32; }; + + ntp = { + address = "time.cloudflare.com:123"; + version = 3; + max_desync = "3s"; + disable_startup_check = false; + disable_failure = false; + }; }; }; }; |