From d686e6831d1b38c18e357935b30979d6727f606a Mon Sep 17 00:00:00 2001
From: Eduardo Silva <eduardo@eth0.com.br>
Date: Sat, 14 Mar 2026 11:49:34 -0300
Subject: [PATCH] update config example

---
 .../caddy/config_example/auth_policies.json   | 34 ++++++++++++++++---
 1 file changed, 29 insertions(+), 5 deletions(-)

diff --git a/containers/caddy/config_example/auth_policies.json b/containers/caddy/config_example/auth_policies.json
index 2d43e7c..edb2d1e 100644
--- a/containers/caddy/config_example/auth_policies.json
+++ b/containers/caddy/config_example/auth_policies.json
@@ -4,7 +4,9 @@
       "type": "local_password"
     },
     "totp_default": {
-      "type": "totp"
+      "type": "totp",
+      "totp_secret": "",
+      "totp_before_auth": false
     },
     "google_workspace_admins": {
       "type": "oidc",
@@ -18,6 +20,23 @@
         "eduardo@example.com",
         "alice@example.com"
       ]
+    },
+    "office_network": {
+      "type": "ip_address",
+      "rules": [
+        {
+          "address": "10.0.0.0",
+          "prefix_length": 24,
+          "action": "allow",
+          "description": "Office LAN"
+        },
+        {
+          "address": "192.168.1.100",
+          "prefix_length": null,
+          "action": "deny",
+          "description": "Blocked workstation"
+        }
+      ]
     }
   },
   "groups": {
@@ -42,20 +61,25 @@
   "users": {
     "eduardo": {
       "email": "eduardo@example.com",
-      "password_hash": "$argon2id$hash"
+      "password_hash": "$argon2id$hash",
+      "totp_secret": "JBSWY3DPEHPK3PXP"
     },
     "alice": {
       "email": "alice@example.com",
-      "password_hash": "$argon2id$hash"
+      "password_hash": "$argon2id$hash",
+      "totp_secret": ""
     },
     "bob": {
       "email": "bob@example.com",
-      "password_hash": "$argon2id$hash"
+      "password_hash": "$argon2id$hash",
+      "totp_secret": ""
     }
   },
   "policies": {
     "public": {
-      "policy_type": "bypass"
+      "policy_type": "bypass",
+      "groups": [],
+      "methods": []
     },
     "api_users": {
       "policy_type": "protected",