Stuck on "Loading basic auth libraries and configuring app"

[Mootfrost777]

Here is my compose file:

version: "3.9"

services:
  headscale:
    image: headscale/headscale:latest
    restart: always
    ports:
      - 9090:9090
      - 8080:8080
    labels:
      - traefik.enable=true
      - traefik.http.routers.headscale.rule=Host(`hs.<domain>.dev`) && PathPrefix(`/`)
      - traefik.http.services.headscale.loadbalancer.server.port=8080
      - traefik.http.routers.headscale.service=headscale
      - traefik.http.routers.headscale-m.rule=Host(`hs.<domain>.dev`) && Path(`/metrics`)
      - traefik.http.routers.headscale-m.service=headscale-m
      - traefik.http.services.headscale-m.loadbalancer.server.port=9090
    volumes:
      - ./config:/etc/headscale/
    command: headscale serve
  headscale-webui:
    image: ghcr.io/ifargle/headscale-webui:latest
    container_name: headscale-webui
    depends_on:
      - headscale
    ports:
      - 5016:5000
    labels:
      - traefik.enable=true
      - traefik.http.routers.headscale-ui.rule=Host(`hsa.<domain>.dev`) && PathPrefix(`/admin/`) || PathPrefix(`/admin`)
      - traefik.http.services.headscale-ui.loadbalancer.server.port=5000
      - traefik.http.routers.headscale-ui.service=headscale
    environment:
      - TZ=Europe/Moscow
      - COLOR=deep-purple                      # Use the base colors (ie, no darken-3, etc) - 
      - HS_SERVER=headscale:8080   # Reachable endpoint for your Headscale server
      - DOMAIN_NAME=https://hs.<domain>.dev  # The base domain name for this container.
      - SCRIPT_NAME=/                     # This is your applications base path (wsgi requires the name "SCRIPT_NAME").  Remove if you are hosing at the root /
      - KEY="UR95znuXJC7ghrVmhpdfJuOKehyrMkR8Vzon6teQjQc="             # Generate with "openssl rand -base64 32" - used to encrypt your key on disk.
      - AUTH_TYPE=basic                         # AUTH_TYPE is either Basic or OIDC.  Empty for no authentication
      - LOG_LEVEL=debug                         # Log level.  "DEBUG", "ERROR", "WARNING", or "INFO".  Default "INFO"
      # ENV for Basic Auth (Used only if AUTH_TYPE is "Basic").  Can be omitted if you aren't using Basic Auth
      - BASIC_AUTH_USER=admin                   # Used for basic auth
      - BASIC_AUTH_PASS=<pass>                   # Used for basic auth
      # ENV for OIDC (Used only if AUTH_TYPE is "OIDC").  Can be omitted if you aren't using OIDC
      - OIDC_AUTH_URL=https://auth.$DOMAIN/.well-known/openid-configuration # URL for your OIDC issuer's well-known endpoint
      - OIDC_CLIENT_ID=headscale-webui         # Your OIDC Issuer's Client ID for Headscale-WebUI
      - OIDC_CLIENT_SECRET=YourSecretHere      # Your OIDC Issuer's Secret Key for Headscale-WebUI
    volumes:
      - ./volume:/data                         # Headscale-WebUI's storage.  Make sure ./volume is readable by UID 1000 (chown 1000:1000 ./volume)
      - ./config/:/etc/headscale/:ro # Headscale's config storage location.  Used to read your Headscale config.

Headscale starts, but webui stuck on configuring step and provides blank page when accessing /admin. I would so appreciate any help

[SaigyoujiYuyuko233]

Try to go into the container (e.g docker exec -it <name> /bin/sh) and then use wget/ping to test the connect between ui and HS_SERVER

In my case, I set docker http proxy in both ~/.docker and in systemd. This prevents the ui to connect the HS_SERVER.

Hope it helps

[demanuPL]

I have the same issue, tried to add container name + port, host adress + port, nothing helped.

Also when I'm trying access webui i have this in logs:

[2023-09-11 17:15:04 +0200] [8] [ERROR] Error handling request / Traceback (most recent call last): File "/app/.venv/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 136, in handle self.handle_request(listener, req, client, addr) File "/app/.venv/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 169, in handle_request resp, environ = wsgi.create(req, client, addr, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/app/.venv/lib/python3.11/site-packages/gunicorn/http/wsgi.py", line 183, in create path_info = path_info.split(script_name, 1)[1]

IndexError: list index out of range
[2023-09-11 17:15:04 +0200] [8] [ERROR] Error handling request /favicon.ico
Traceback (most recent call last):
  File "/app/.venv/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 136, in handle
    self.handle_request(listener, req, client, addr)
  File "/app/.venv/lib/python3.11/site-packages/gunicorn/workers/sync.py", line 169, in handle_request
    resp, environ = wsgi.create(req, client, addr,
                    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/gunicorn/http/wsgi.py", line 183, in create
    path_info = path_info.split(script_name, 1)[1]
                ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^
IndexError: list index out of range

I've tried connect to headscale container from inside of headscale-webui using both wget and ping which wasn't successful becasue ping is limited for root user (which is prevented inside container), but wget returns 404 which I think is ok because headscale has no web interface

[nebeleben]

Hi everybody. I had the same issues.

This worked for me:

First ensure the file rights for docker volume: chown -R 1000:1000 /<directory mapped in docker-compose>. This should get rid of the message from @demanuPL.

Second ensure both containers are in the same network and can see each other as @SaigyoujiYuyuko233 wrote. A 404 return is a good sign (server is responding). In my case, only a wget on the local docker IP worked successfully (you find the ip with docker inspect <container_name>).

After replacing the HS_SERVER environment var with the docker IP the webui is accessible. When the webui container startup, it halts at Loading basic auth libraries and configuring app, but the webUI on http://host:port works as excepted and the API key from your HS server can be added.

Hope it helps.