Migration

An introduction into configuring Authelia.

This section documents changes in the configuration which may require manual migration by the administrator. Typically this only occurs when a configuration key is renamed or moved to a more appropriate location.

Format

The migrations are formatted in a table with the old key and the new key. Periods indicate a different section which can be represented in YAML as a dictionary i.e. it’s indented.

In our table server.host with a value of 0.0.0.0 is represented in YAML like this:

server:
  host: 0.0.0.0

Policy

Our deprecation policy for configuration keys is 3 minor versions. For example if a configuration option is deprecated in version 4.30.0, it will remain as a warning for 4.30.x, 4.31.x, and 4.32.x; then it will become a fatal error in 4.33.0+.

Migrations

4.33.0

The options deprecated in version 4.30.0 have been fully removed as per our deprecation policy and warnings logged for users.

4.30.0

The following changes occurred in 4.30.0:

Previous KeyNew Key
hostserver.host
portserver.port
tls_keyserver.tls.key
tls_certserver.tls.certificate
log_levellog.level
log_file_pathlog.file_path
log_formatlog.format

Please Note: you can no longer define secrets for providers that you are not using. For example if you’re using the filesystem notifier you must ensure that the AUTHELIA_NOTIFIER_SMTP_PASSWORD_FILE environment variable or other environment variables set. This also applies to other providers like storage and authentication backend.

Kubernetes 4.30.0

Please Note: if you’re using Authelia with Kubernetes and are not using the provided helm chart you will be required to configure the enableServiceLinks option.

4.25.0

The following changes occurred in 4.25.0:

Previous KeyNew Key
authentication_backend.ldap.tls.skip_verifyauthentication_backend.ldap.tls.skip_verify
authentication_backend.ldap.minimum_tls_versionauthentication_backend.ldap.tls.minimum_version
notifier.smtp.disable_verify_certnotifier.smtp.tls.skip_verify
notifier.smtp.trusted_certcertificates_directory

Please Note: certificates_directory is not a direct replacement for the notifier.smtp.trusted_cert, instead of being the path to a specific file it is a path to a directory containing certificates trusted by Authelia. This affects other services like LDAP as well.

4.7.0

The following changes occurred in 4.7.0:

Previous KeyNew Key
logs_levellog_level
logs_filelog_file

Please Note: The new keys also changed in 4.30.0 so you will need to update them to the new values if you are using 4.30.0 or newer instead of the new keys listed here.