authentik/debian/etc/passbook/config.yml

http:
    host: 0.0.0.0
    port: 8000
secret_key_file: /etc/passbook/secret_key
log:
    level:
        console: INFO
        file: DEBUG
    file: /var/log/passbook/passbook.log
debug: false
secure_proxy_header:
  HTTP_X_FORWARDED_PROTO: https
rabbitmq: guest:guest@localhost/passbook
# Error reporting, sends stacktrace to sentry.services.beryju.org
error_report_enabled: true

passbook:
  sign_up:
    # Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true
    enabled: true
  password_reset:
    # Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true
    enabled: true
    # Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions`
    verification:
      - email
  # Text used in title, on login page and multiple other places
  branding: passbook
  login:
    # Override URL used for logo
    logo_url: null
    # Override URL used for Background on Login page
    bg_url: null
    # Optionally add a subtext, placed below logo on the login page
    subtext: null
  footer:
    links:
      # Optionally add links to the footer on the login page
      #  - name: test
      #    href: https://test
  # Specify which fields can be used to authenticate. Can be any combination of `username` and `email`
  uid_fields:
    - username
    - email
  session:
    remember_age: 2592000 # 60 * 60 * 24 * 30, one month
# Provider-specific settings
ldap:
  # Which field from `uid_fields` maps to which LDAP Attribute
  login_field_map:
    username: sAMAccountName
    email: mail # or userPrincipalName
  user_attribute_map:
    active_directory:
      username: "%(sAMAccountName)s"
      email: "%(mail)s"
      name: "%(displayName)"
oauth_client:
  # List of python packages with sources types to load.
  types:
    - passbook.oauth_client.source_types.discord
    - passbook.oauth_client.source_types.facebook
    - passbook.oauth_client.source_types.github
    - passbook.oauth_client.source_types.google
    - passbook.oauth_client.source_types.reddit
    - passbook.oauth_client.source_types.supervisr
    - passbook.oauth_client.source_types.twitter
saml_idp:
  # List of python packages with provider types to load.
  types:
    - passbook.saml_idp.processors.generic
    - passbook.saml_idp.processors.aws
    - passbook.saml_idp.processors.gitlab
    - passbook.saml_idp.processors.nextcloud
    - passbook.saml_idp.processors.salesforce
    - passbook.saml_idp.processors.shibboleth
    - passbook.saml_idp.processors.wordpress_orange
add debian package files 2019-03-07 15:01:31 +00:00			`http:`
			`host: 0.0.0.0`
			`port: 8000`
			`secret_key_file: /etc/passbook/secret_key`
			`log:`
			`level:`
			`console: INFO`
			`file: DEBUG`
			`file: /var/log/passbook/passbook.log`
finalize RabbitMQ replacement, update debian package, remove redis tgz 2019-03-11 20:35:06 +00:00			`debug: false`
			`secure_proxy_header:`
			`HTTP_X_FORWARDED_PROTO: https`
			`rabbitmq: guest:guest@localhost/passbook`
			`# Error reporting, sends stacktrace to sentry.services.beryju.org`
			`error_report_enabled: true`
add debian package files 2019-03-07 15:01:31 +00:00
finalize RabbitMQ replacement, update debian package, remove redis tgz 2019-03-11 20:35:06 +00:00			`passbook:`
			`sign_up:`
			`# Enables signup, created users are stored in internal Database and created in LDAP if ldap.create_users is true`
			`enabled: true`
			`password_reset:`
			`# Enable password reset, passwords are reset in internal Database and in LDAP if ldap.reset_password is true`
			`enabled: true`
			# Verification the user has to provide in order to be able to reset passwords. Can be any combination of `email`, `2fa`, `security_questions`
			`verification:`
			`- email`
			`# Text used in title, on login page and multiple other places`
			`branding: passbook`
			`login:`
			`# Override URL used for logo`
			`logo_url: null`
			`# Override URL used for Background on Login page`
			`bg_url: null`
			`# Optionally add a subtext, placed below logo on the login page`
			`subtext: null`
			`footer:`
			`links:`
			`# Optionally add links to the footer on the login page`
			`# - name: test`
			`# href: https://test`
			# Specify which fields can be used to authenticate. Can be any combination of `username` and `email`
			`uid_fields:`
			`- username`
			`- email`
			`session:`
			`remember_age: 2592000 # 60 * 60 * 24 * 30, one month`
			`# Provider-specific settings`
			`ldap:`
			# Which field from `uid_fields` maps to which LDAP Attribute
			`login_field_map:`
			`username: sAMAccountName`
			`email: mail # or userPrincipalName`
			`user_attribute_map:`
			`active_directory:`
			`username: "%(sAMAccountName)s"`
			`email: "%(mail)s"`
			`name: "%(displayName)"`
			`oauth_client:`
			`# List of python packages with sources types to load.`
			`types:`
			`- passbook.oauth_client.source_types.discord`
			`- passbook.oauth_client.source_types.facebook`
			`- passbook.oauth_client.source_types.github`
			`- passbook.oauth_client.source_types.google`
			`- passbook.oauth_client.source_types.reddit`
			`- passbook.oauth_client.source_types.supervisr`
			`- passbook.oauth_client.source_types.twitter`
			`saml_idp:`
			`# List of python packages with provider types to load.`
			`types:`
			`- passbook.saml_idp.processors.generic`
			`- passbook.saml_idp.processors.aws`
			`- passbook.saml_idp.processors.gitlab`
			`- passbook.saml_idp.processors.nextcloud`
			`- passbook.saml_idp.processors.salesforce`
			`- passbook.saml_idp.processors.shibboleth`
			`- passbook.saml_idp.processors.wordpress_orange`