Hi #SelfHosted community. I’ve figured out a lot of my setup. I now have a new domain, laniesplace.us, just for #HomeServer stuff. It’s set up through Porkbun with Dynu for #DDNS. I’ve now got #Traefik, #TailscaleVPN, #Linkding, #Forgejo, #Dokuwiki, Code-Server, #Portainer, #Netdata, #Watchtower, #Cockpit, #Pihole, #MiniFlux, #TheLounge, #Filebrowser, #UptimeKuma, and the #Homer dashboard service installed. I’m now trying to set up #Authelia so I can have single sign-on to my services. For some, it’s working now, but I can’t seem to get Linkding to work no matter what I do. This is on a #RaspberryPi 500 with 8 GB RAM and a 512 GB SD card, running #Stormux, which is based on #ArchlinuxARM. Can anyone help? I’ll reply to this post with all my relevant config files in separate posts. What’s happening is this: Linkding is supposed to be available at bookmarks.laniesplace.us. When I go there, I see a 401 unauthorized error and a link to sign into Authelia. Once I sign in, though, it redirects back to the page with the 401 error. I’ve been trying to figure this out for hours with no luck. Files will be in replies to this post.
#SelfHosting #Linux #HomeLab #RPi #RaspberryPi500 #RPi500 #Tech #Technology
@selfhost @selfhosting @selfhosted @linux

  • Lanie Carmelo@caneandable.socialOP
    link
    fedilink
    arrow-up
    1
    ·
    12 hours ago

    @selfhost @selfhosting @selfhosted @linux Authelia docker-compose.yml:

    services:  
     authelia:  
     image: authelia/authelia:latest  
     container\_name: authelia  
     volumes:  
     \- ./config:/config  
     \- ./logs:/var/log/authelia  
     networks:  
     \- web  
     \- authelia\_internal  
     environment:  
     \- TZ=America/Chicago  
     \- AUTHELIA\_JWT\_SECRET\_FILE=/config/secrets/jwt\_secret  
     \- AUTHELIA\_SESSION\_SECRET\_FILE=/config/secrets/session\_secret  
     \- AUTHELIA\_STORAGE\_ENCRYPTION\_KEY\_FILE=/config/secrets/storage\_encryption\_key  
     labels:  
     \- "traefik.enable=true"  
     \- "traefik.http.routers.authelia.rule=Host(`auth.laniesplace.us`)"  
     \- "traefik.http.routers.authelia.entrypoints=websecure"  
     \- "traefik.http.routers.authelia.tls.certresolver=le"  
     \- "traefik.http.middlewares.authelia.forwardauth.authRequestHeaders=X-Forwarded-Proto,X-Forwarded-Host"  
     \- "traefik.http.middlewares.authelia-basic.forwardauth.authResponseHeaders=Remote-User,Remote-Name,Remote-Email"  
     \- "traefik.http.middlewares.authelia.forwardauth.tls.insecureSkipVerify=true"  
     \- "traefik.http.services.authelia.loadbalancer.server.port=9091"  
     \- "traefik.http.middlewares.authelia.forwardauth.address=http://authelia:9091/api/verify?rd=%5Bhttps%3A%2F%2Fauth.laniesplace.us%5D%28https%3A%2F%2Fauth.laniesplace.us%29"  
     \- "traefik.http.middlewares.authelia.forwardauth.trustForwardHeader=true"  
     \- "traefik.http.middlewares.authelia.forwardauth.authResponseHeaders=Remote-User,Remote-Groups,Remote-Name,Remote-Email"
    
     restart: unless-stopped  
     security\_opt:  
     \- no-new-privileges:true  
     depends\_on:  
     \- redis  
     healthcheck:  
     test: ["CMD", "wget", "--no-check-certificate", "--quiet", "--tries=1", "--spider", "http://localhost:9091/api/health"]  
     interval: 30s  
     timeout: 10s  
     retries: 3  
     start\_period: 60s
    
     redis:  
     image: redis:alpine  
     container\_name: authelia\_redis  
     networks:  
     \- authelia\_internal  
     restart: unless-stopped  
     volumes:  
     \- ./redis:/data  
     command: redis-server --save 60 1 --loglevel warning  
     healthcheck:  
     test: ["CMD", "redis-cli", "ping"]  
     interval: 30s  
     timeout: 10s  
     retries: 3  
     security\_opt:  
     \- no-new-privileges:true
    
    networks:  
     web:  
     external: true  
     authelia\_internal:  
     internal: true