version: v26.2.0 dsn: ${KRATOS_DSN} serve: public: base_url: ${KRATOS_BROWSER_URL:-http://localhost:4433/} cors: enabled: true allowed_origins: - http://localhost:5000 - http://localhost:5173 - http://localhost:5174 - http://localhost:5175 - http://backend:3000 - http://baron_backend:3000 admin: base_url: ${KRATOS_ADMIN_URL:-http://localhost:4434/} session: cookie: domain: ${KRATOS_SESSION_COOKIE_DOMAIN} same_site: Lax path: / selfservice: default_browser_return_url: ${KRATOS_UI_URL:-http://localhost:5000/} allowed_return_urls: ${KRATOS_ALLOWED_RETURN_URLS_YAML} methods: password: enabled: true link: enabled: true code: enabled: true passwordless_enabled: true flows: error: ui_url: ${KRATOS_UI_URL:-http://localhost:5000}/error settings: ui_url: ${KRATOS_UI_URL:-http://localhost:5000}/error?error=settings_disabled privileged_session_max_age: 15m recovery: ui_url: ${KRATOS_UI_URL:-http://localhost:5000}/recovery use: code verification: ui_url: ${KRATOS_UI_URL:-http://localhost:5000}/verification use: code logout: after: default_browser_return_url: ${KRATOS_UI_URL:-http://localhost:5000}/login login: ui_url: ${KRATOS_UI_URL:-http://localhost:5000}/login lifespan: 10m registration: ui_url: ${KRATOS_UI_URL:-http://localhost:5000}/registration lifespan: 10m log: level: debug format: text leak_sensitive_values: true secrets: cookie: - PLEASE-CHANGE-ME-I-AM-VERY-INSECURE cipher: - 32-LONG-SECRET-NOT-SECURE-AT-ALL ciphers: algorithm: xchacha20-poly1305 hashers: algorithm: bcrypt bcrypt: cost: 8 identity: default_schema_id: default schemas: - id: default url: file:///etc/config/kratos/identity.schema.json courier: template_override_path: /etc/config/kratos/courier-templates delivery_strategy: http http: request_config: url: http://baron_backend:3000/api/v1/auth/webhooks/kratos-courier method: POST body: file:///etc/config/kratos/courier-http.jsonnet headers: Content-Type: application/json smtp: connection_uri: smtps://test:test@mailslurper:1025/?skip_ssl_verify=true