v4.33.0+ Upgrade

PreviousAuthelia (Archived)NextAuthelia Config File

Last updated 3 years ago

Was this helpful?

v4.33.0+ Upgrade

There is one breaking change in the latest Authelia update. You will now need to amend your configuration.yml to align with the latest changes. If you have not added this key, Authelia will refuse to start. In general, if you ever find yourself with breaking changes in Authelia you can always check their migration page and it will likely tell you what needs changing and also explains why they have made those changes.

Reason for the breaking change

In case of a database leak, your 2FA/TOTP information was not encrypted. This new key will now be used to encrypt this information and keep it safe, even in the event of a database leak.

Error Logs

If you are seeing errors like the following then you are in the right place:

level=error msg="Configuration: storage: 'encryption_key' configuration option must be provided"
level=fatal msg="Can't continue due to the errors loading the configuration"

Fixing the error

In the Unraid terminal, type the following command to edit the configuration.yml

nano /mnt/user/appdata/Authelia/configuration.yml

Scroll down to the storage: section and add a new variable encryption_key. This key needs to be secure so we suggest using a random string 64 characters long.

PLEASE NOTE:

Once this key is set, it is difficult to change it so make sure to get it right the first time!

Example Config

storage:
  ## The encryption key that is used to encrypt sensitive information in the database. Must be a string with a minimum
  ## length of 20. Please see the docs if you configure this with an undesirable key and need to change it.
  encryption_key: you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this
  # local:
  #   path: /config/db.sqlite3
  mysql:
    host: mariadb
    port: 3306
    database: authelia
    username: authelia
    ## Password can also be set using a secret: https://www.authelia.com/docs/configuration/secrets.html
    password: mypassword
    timeout: 5s

Now that you have made the edit, simply press ctrl + x then press y to confirm and then enter to save and exit. Restart your container and everything should now be secure, up and running.

PreviousAuthelia (Archived)NextAuthelia Config File

Last updated 3 years ago

Was this helpful?

Reason for the breaking change

In case of a database leak, your 2FA/TOTP information was not encrypted. This new key will now be used to encrypt this information and keep it safe, even in the event of a database leak.

If you would like to see these changes in more detail you can check out the GitHub changelog or their official documentation.

Error Logs

If you are seeing errors like the following then you are in the right place:

level=error msg="Configuration: storage: 'encryption_key' configuration option must be provided"
level=fatal msg="Can't continue due to the errors loading the configuration"

Fixing the error

In the Unraid terminal, type the following command to edit the configuration.yml

nano /mnt/user/appdata/Authelia/configuration.yml

Scroll down to the storage: section and add a new variable encryption_key. This key needs to be secure so we suggest using a random string 64 characters long.

PLEASE NOTE:

Once this key is set, it is difficult to change it so make sure to get it right the first time!

Example Config

storage:
  ## The encryption key that is used to encrypt sensitive information in the database. Must be a string with a minimum
  ## length of 20. Please see the docs if you configure this with an undesirable key and need to change it.
  encryption_key: you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this
  # local:
  #   path: /config/db.sqlite3
  mysql:
    host: mariadb
    port: 3306
    database: authelia
    username: authelia
    ## Password can also be set using a secret: https://www.authelia.com/docs/configuration/secrets.html
    password: mypassword
    timeout: 5s

Now that you have made the edit, simply press ctrl + x then press y to confirm and then enter to save and exit. Restart your container and everything should now be secure, up and running.