Open mooglestiltzkin opened 11 months ago
Heziode
commented
11 months ago In fact, this template should works with all projects in containers. It only needs to add labels for Traefik (take a look at whoami example) and do not directly map port of the service to the host.
mooglestiltzkin
commented
11 months ago ty heziode
mooglestiltzkin
commented
11 months ago so weird, not sure why the traefik dashboard doesn't show for authelia. it works for others though like dashy.
version: '3'
services:
authelia:
image: authelia/authelia
container_name: authelia
volumes:
- /share/Container/authelia/config:/config
networks:
- proxy
security_opt:
- no-new-privileges:true
labels:
# Enable this container to be mapped by traefik
# For more information, see: https://docs.traefik.io/providers/docker/#exposedbydefault
- "traefik.enable=true"
# Define the network that should be used
- "traefik.docker.network=proxy"
# URL to reach this container
- "traefik.http.routers.authelia.rule=Host(`authelia.docker.lan`)"
# Activation of TLS
- "traefik.http.routers.authelia.tls=true"
# If port is different than 80, use the following service:
# - "traefik.http.services.<service_name>.loadbalancer.server.port=<port>"
# ports:
# - 9091:9091
restart: unless-stopped
environment:
- TZ=Asia/Kuala_Lumpur
healthcheck:
disable: true
redis:
image: redis:alpine
container_name: redis
volumes:
- /share/Container/redis-authelia/ubuntu/docker/redis:/data
networks:
- proxy
expose:
- 6379
restart: unless-stopped
environment:
- TZ=Asia/Kuala_Lumpur
networks:
proxy:
external: true
``First thing, you needs to set the label for loadbalancer port, since it is not 80 on authelia:
# If port is different than 80, use the following service:
# - "traefik.http.services.<service_name>.loadbalancer.server.port=<port>"
# SHOULD BE
- "traefik.http.services.authelia.loadbalancer.server.port=9001"If it still not shown on Traefik dashboard: Have you created the proxy network?
mooglestiltzkin
commented
11 months ago actually after checking authelia logs i discovered some issues. i'll try figure that out first.
time="2023-10-28T20:43:51+08:00" level=fatal msg="Can't continue due to the errors loading the configuration" time="2023-10-28T20:44:42+08:00" level=error msg="Configuration: authentication_backend: you must ensure either the 'file' or 'ldap' authentication backend is configured" time="2023-10-28T20:44:42+08:00" level=error msg="Configuration: access control: 'default_policy' option 'deny' is invalid: when no rules are specified it must be 'two_factor' or 'one_factor'" time="2023-10-28T20:44:42+08:00" level=error msg="Configuration: storage: configuration for a 'local', 'mysql' or 'postgres' database must be provided" time="2023-10-28T20:44:42+08:00" level=error msg="Configuration: storage: option 'encryption_key' is required" time="2023-10-28T20:44:42+08:00" level=error msg="Configuration: notifier: you must ensure either the 'smtp' or 'filesystem' notifier is configured" time="2023-10-28T20:44:42+08:00" level=fatal msg="Can't continue due to the errors loading theconfiguration"``
mooglestiltzkin
commented
11 months ago mooglestiltzkin
commented
11 months ago yeah i already added this to the authelia docker compose because it's not default 80 like mentioned
- "traefik.http.services.authelia.loadbalancer.server.port=9001"
this part should be fine.
also yes proxy server was created. like mentioned before, the traefik was setup and is working. It works for other container apps atm e.g. dashy.docker.lan resolves just fine.
however for authelia it is still not working. i think the issue is atm to be as mentioned in the errors i mentioned above. trying to figure out what's causing that. until that is resolved not sure we can follow up with other possible issues to get auhelia to work.
e.g. i thought maybe i needed to also add this to the traefik docker compose
- 'traefik.http.routers.api.middlewares=authelia@docker'
mooglestiltzkin
commented
11 months ago yes also
` networks:
networks: proxy: external: true`
is accounted for in the authelia docker compose. and yes the network does work, at least when the other docker compose that i also use that for such as traefik, dashy all work fine using it ;}
mooglestiltzkin
commented
11 months ago Just an update.
I gave up on authelia and switched to authentik. i sort of got it to work.
e.g. https://authentik.docker.lan works.
However i am still figuring out how to get oauth to work.
i recommend jim's video for setting this up (i used the docker compose up -d for the yaml and .env where the container config would be installed using jim's 2 files provided and some minor edits)
mooglestiltzkin
commented
10 months ago i figured out how to get authentik to work for this local homelab setup. if anyone help just message me and i'll get back to you. took a lot of trial and error to figure this out
Tx-amayiro
commented
7 months ago hey mooglses i will surely need you re help to setup authentik locally
mooglestiltzkin
commented
7 months ago hey mooglses i will surely need you re help to setup authentik locally
i hang out on discord if you need some assistance https://discord.gg/Zj9EYsf
or alternatively there is the authentik discord https://goauthentik.io/discord
I recommend watching some youtubes by these content creators. Cooptonian, Jim's Garage, Awesome Open Source and Ibra Corp
https://www.youtube.com/watch?v=gVWGEoc0n3w
https://www.youtube.com/watch?v=g-pbzAaYMq4
https://www.youtube.com/watch?v=1bTSOdYiIOQ
fyi i use authentik with traefik reverse proxy. alternatively to traefik, nginx proxy manager is a good option as well and probably easier to learn/setup by comparison tbh.
https://www.youtube.com/watch?v=scrtJ1U4wJU
If you do go down the authentik route, i highly recommend setting up passwordless for it. Follow cooptonian's guide for it. With it setup in such a way, you don't need to put username or password. Simply login using finger print scan from your smartphone. It's quick and secure (yes it works locally too).
Is there any docker compose for authelia to work with your setup for this Heziode?
managed to get your traefik for local lan homelab setup. just not sure how to add authelia to that however.