Question, maybe a tweak to instructions - Traefik/Authentik Video - accessing authentik over http rather than https

[HeneryH]

Thank you so much for the demo you recorded. I never could have gotten this far without it.

I noticed early in my testing that I could only access Authentik using its https port (7443 in my case since 8443 was taken by Portainer). Port 7000 (to keep with the 7xxx theme being Authentik) didn't connect. It was no problem in my early testing as the internally signed certificate gave me a sense of progress.

But now I am trying to use Traefik's LE certs which will then route to the http port of Authentic, which doesn't work form me.

Have you ever seen Authentik fail to accept http connection requests before? Maybe some setting to allow less secure? I used the two port settings and env variables to set them. My https works but no my http: COMPOSE_PORT_HTTP=7080 COMPOSE_PORT_HTTPS=7443

server: image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.8.3} container_name: authentik-server restart: unless-stopped command: server environment: AUTHENTIK_REDISHOST: redis AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQLUSER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQLNAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQLPASSWORD: ${PG_PASS} AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?error} volumes:

• ./media:/media
• ./custom-templates:/templates x env_file: I use portainer env variables x - .env I use portainer env variables ports:
• "${COMPOSE_PORT_HTTP:-9000}:9000"
• "${COMPOSE_PORT_HTTPS:-9443}:9443" labels: traefik.enable: true traefik.http.routers.server.rule: Host(auth.704clinton.place) traefik.http.routers.server.entrypoints: websecure traefik.http.routers.server.tls: true traefik.http.routers.server.tls.certresolver: production depends_on:
• postgresql
• redis

[HeneryH]

Sorry, I can never get my code to format properly in github posts.

I saw one potential traefik mistake but this is not the root problem.

If a container exposes multiple ports, then you must manually specify which port Traefik should use for communication by using the label traefik.http.services..loadbalancer.server.port (Read more on this label in the dedicated section in routing).

server: image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2024.8.3} container_name: authentik-server restart: unless-stopped command: server environment: AUTHENTIK_REDISHOST: redis AUTHENTIK_POSTGRESQL__HOST: postgresql AUTHENTIK_POSTGRESQLUSER: ${PG_USER:-authentik} AUTHENTIK_POSTGRESQLNAME: ${PG_DB:-authentik} AUTHENTIK_POSTGRESQLPASSWORD: ${PG_PASS} AUTHENTIK_SECRET_KEY: ${AUTHENTIK_SECRET_KEY:?error} volumes:

• ./media:/media
• ./custom-templates:/templates x env_file: x - .env ports:
• "${COMPOSE_PORT_HTTP:-9000}:9000"
• "${COMPOSE_PORT_HTTPS:-9443}:9443" labels: traefik.enable: true traefik.http.routers.server.rule: Host(auth.704clinton.place) traefik.http.routers.server.entrypoints: websecure traefik.http.services.server.loadbalancer.server.port: ${COMPOSE_PORT_HTTP:-9000} traefik.http.routers.server.tls: true traefik.http.routers.server.tls.certresolver: production depends_on:
• postgresql
• redis