search

ncarlier / readflow

readflow is a news-reading (or read-it-later) solution focused on versatility and simplicity.
https://about.readflow.app
GNU Affero General Public License v3.0
415 stars 33 forks source link

Unable to authenticate user #77

Open Smartich0ke opened 4 months ago

Smartich0ke commented 4 months ago

I'm trying to deploy readflow to my k8s cluster with an app-template:

controllers:
  main:
    strategy: Recreate

    containers:
      main:
        image:
          repository: ncarlier/readflow
          tag: edge
          pullPolicy: IfNotPresent

        env:
          READFLOW_DATABASE_URI:
            valueFrom:
              secretKeyRef:
                name: readflow-postgres-auth
                key: uri
          READFLOW_HTTP_PUBLIC_URL: "https://api.readflow.MYDOMAIN.com"
          READFLOW_UI_PUBLIC_URL: "https://readflow.MYDOMAIN.com"
          READFLOW_AUTHN_METHOD: oidc
          READFLOW_AUTHN_OIDC_ISSUER: "https://auth.MYDOMAIN.com/application/o/readflow/"
          READFLOW_UI_DIRECTORY: "/var/local/html"
          READFLOW_UI_CLIENT_ID:
           valueFrom:
              secretKeyRef:
                name: readflow-oidc-auth
                key: client-id
          READFLOW_AUTHN_OIDC_CLIENT_ID:
           valueFrom:
              secretKeyRef:
                name: readflow-oidc-auth
                key: client-id
          READFLOW_AUTHN_OIDC_CLIENT_SECRET:
            valueFrom:
              secretKeyRef:
                name: readflow-oidc-auth
                key: client-secret

service:
  main:
    controller: main
    ports:
      http:
        port: 8080

Where MYDOMAIN is the actualy domain I'm using.

I've connected it to authentik as my OIDC provider for authentication.

However, when I try to access the ui at readflow.MYDOMAIN.com, I just get the error message:

Unable to authenticate user
NetworkError when attempting to fetch resource.

Any ideas on why this is happening?

retarepo commented 2 months ago

I just wanted to give readflow a spin and ran into the same error with proxy, basic and mock auth... so its not working independent of the auth setting, besides traefik labels its the given standart docker-compose.yml

retarepo commented 2 months ago

from #79 I could find that setting "READFLOW_HTTP_PUBLIC_URL=" is crucial... very confusing error message, would be good if this would be shown in the standard docker-compose.yml