about summary refs log tree commit diff
path: root/nix/hosts/corrino/modules
diff options
context:
space:
mode:
Diffstat (limited to 'nix/hosts/corrino/modules')
-rw-r--r--nix/hosts/corrino/modules/authelia.emile.space.nix18
1 files changed, 13 insertions, 5 deletions
diff --git a/nix/hosts/corrino/modules/authelia.emile.space.nix b/nix/hosts/corrino/modules/authelia.emile.space.nix
index e96d0ca..4a4a72a 100644
--- a/nix/hosts/corrino/modules/authelia.emile.space.nix
+++ b/nix/hosts/corrino/modules/authelia.emile.space.nix
@@ -111,7 +111,7 @@ in {
 
 				# we're using a file to store the user information
 				authentication_backend = {
-					refresh_interval = "1m";
+					refresh_interval = "20s";
 					file = {
 						path = "/var/lib/authelia-main/user.yml";
 						watch = true;
@@ -159,11 +159,11 @@ in {
 
 				identity_providers = {
 					oidc = {
-						# regenerate keys like this:
-						# ; nix run nixpkgs#authelia -- crypto certificate rsa generate
-						# current serial: deb83f17e27e663f544a16ad2947631d
+							# regenerate keys like this:
+							# ; nix run nixpkgs#authelia -- crypto certificate rsa generate
+							# current serial: deb83f17e27e663f544a16ad2947631d
 
-						enable_client_debug_messages = false;
+							enable_client_debug_messages = false;
 							minimum_parameter_entropy = 8;
 							enforce_pkce = "public_clients_only";
 							enable_pkce_plain_challenge = false;
@@ -201,6 +201,14 @@ in {
 				  skew = 1;
 				  secret_size = 32;
 				};
+
+				ntp = {
+				  address = "time.cloudflare.com:123";
+				  version = 3;
+				  max_desync = "3s";
+				  disable_startup_check = false;
+				  disable_failure = false;
+				};
 			};
 		};
 	};