Everything posted by Sycotix
-
[Support] IBRACORP - All images and files
@muwahhid those lines can be found in the Protected Endpoint and Authelia conf files in the repository for you to download and customise. Please read the document one step at a time and it will make sense. The references section is just a list of stuff to look out for later.
-
[Support] IBRACORP - All images and files
Have you tried following my setup guide?
-
[Support] IBRACORP - All images and files
Hi @Korshakov thanks for getting in touch. The rule looks good. To help troubleshoot, I would set the rule to : access_control: default_policy: deny rules: - domain: "*.lssolutions.ie" policy: one_factor Then test again. This will make sure the subdomain and group requirement is removed temporarily. How about your user config? Can you check the group is set correctly? Be mindful of the formatting in the conf files because it is VERY tempremental. One wrong space could throw it off but it should tell you in the logs if this happens anyway. Update me. EDIT: I just noticed in the official docs that anywhere there is a full URL in the rule, there isn't any quotation marks. (i.e. office.lssolutions.ie). But where there is a wildcard there is (i.e. "*.lssolutions.ie"). I'm at work and can't test right now, can you see if this makes a difference?
-
[Support] IBRACORP - All images and files
Hi all. A user has raised a question via PM regarding rules. If you are getting a 401 on a particular subdomain, it's important you don't simply change the default rule behaviour to 'allow'. Why? Well we're all about security right? The heirachy should be as follows: Default = Deny. If there is no rule set to explicitly allow a subdomain, or group, or both etc. then deny. Then, create a rule to allow access to that particular subdomain(s). Even if it is a public page, you can still protect it with Authelia by setting the rule to 'bypass', for example. For the official docs see here: https://www.authelia.com/docs/configuration/access-control.html Thanks
-
[Support] IBRACORP - All images and files
@nojutsu42 great to hear you got it working! And super happy to hear my doco helped. Thanks for sharing the outcome. It can be tricky getting to match your own setup but once you have it down pat it's worth it for the extra protection. I will check out this DUO right now and see what the go is.
-
[Support] IBRACORP - All images and files
Thanks for the feedback and picking that up @kaiguy. You're very welcome. Wanted to help out whatever way I could. I have amended the doco with the semicolon. I will also add the block/instruction you added to help those with LSIO Let'sEncrypt container.
-
[Support] IBRACORP - All images and files
Oh good pickup. So if you modify it similar to the ones in my doco does it work now? As for duo I'm not sure actually. I haven't configured that section as of yet.
-
[Support] IBRACORP - All images and files
I got a lot of information from here: https://discourse.linuxserver.io/t/need-some-help-with-authelia-plz/734 Which is based on a Let'sEncrypt setup. EDIT: Read the whole discussion as it develops more down the page.
-
[Support] IBRACORP - All images and files
Hi nojutsu42, Thanks for kind words. The container is the official one from Authelia, I just helped collect it all and get up for everyone to use after weeks of trying to get it going. With regards to your issue can you confirm: - After authenticating, are you able to hit (either manually or with the redirect): sonarr.domain.com? Your rules look good. Going forward you will want to set specific subdomain rules but here's mine atm while I'm testing each subdomain: access_control: # Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. # It is the policy applied to any resource if there is no policy to be applied # to the user. default_policy: deny rules: # Rules applied to 'admins' group - domain: "*.domain.com" subject: - "group:admins" policy: one_factor The instructions I wrote for NPM utilize snippets from those letsencrypt files to get it to work. So in theory, you should not really need to change much for Let'sEncrypt In the letsencrypt\nginx\proxy-confs you can find the sample conf for Sonarr with the lines referencing Authelia. Do you have those? And do you also have: authelia-location.conf, authelia-server.conf Located here: \appdata\letsencrypt\nginx
-
[Support] IBRACORP - All images and files
It's now back up on CA. Won't be messing with it anymore!
-
[Support] IBRACORP - All images and files
Very sorry everyone, got a little too finicky with it. Issue was caused by changing the <overview> tags to null. I have replaced it again and waiting to see if that fixes it.
-
**GUIDE** How to Install Authelia on unRAID
The app has been published in Community Apps and the support thread can be found here:
-
[Support] IBRACORP - All images and files
**CHANGELOG** 17/04/2021 Hi all! I have now updated the configuration.yml file for Authelia on Git. The new file is a replica of the latest official one with a lot of new changes and also customized ready for use with FreeIPA. Enjoy 02/03/2021 - Added Cachet template to CA store. As well as the URL plugin. Video will be coming out soon on our site first so check it out. 26/01/2021 - Created template for Serviio as requested. Should be up in next two hours. 14/01/2021 - Modified Protected Endpoint Conf file to hardcode https redirection 10/01/2021 - Added to link our YouTube: https://bit.ly/3q39SJO 29/11/2020 - Updated Git page for IBRACORP/Authelia with new and updated information as provided by the community. - Formatting and clean-up to make it easier to follow. - Added LDAP instructions and DUO 2FA tips A big thank you to all those who have helped develop the documentation! 16/11/2020 - Submitted XML template for Jira Service Desk for review to Community Applications. 04/07/2020 - Updated documentation to reflect the CONTAINERIP instead of SERVERIP where appropriate. Also updated the Protected Endpoint.conf to suit. (thanks to @Korshakov) 02/07/2020 - Under NPM config, added the YOURDOMAIN placeholder to Protected Endpoint.conf to be updated by the user. 30/06/2020 - Updated documentation with some advice for Let'sEncrypt (thanks to @kaiguy). - Fixed missing semicolon on database instructions. 29/06/2020 - Updated documentation to assist with issue: No/infinite native login screen on endpoint 28/06/2020 - Updated documentation for Authelia to reflect that the XML is now published in Community Apps and no longer requires manual pull. - Updated logo in XML for Authelia to show in CA. - Updated Categories in XML for Authelia to be Security. - Updated support thread with official Authelia links. - Updated documentation for Authelia with instructions on bypassing authentication for API's (i.e. Sonarr/Ombi)
-
[Support] IBRACORP - All images and files
Welcome to IBRACORP Support = Support Us = Membership Help support my work by subscribing to our site and our Youtube Channel. It's free with paid options. There are no fees involved and it really helps me give back to you. Become a free subscriber of our site to: Receive the latest YouTube videos first, before going public on YouTube. Read our articles which go with our videos and other work we do. Emails directly to your inbox with the latest content. No spam, no bs. More Become a paid subscriber of our site to: Get exclusive videos only for supporters. Ask for direct support with helping install or provide consultancy to you. Receive advanced tutorials and articles for your IT needs. Help support indie creators (and a father of two) to bring you the best content possible! = PayPal = Prefer to donate via PayPal? You can donate to us right HERE. We really appreciate your support in any shape or form. = IBRACORP = IBRACORP - https://ibracorp.io/ YouTube: https://youtube.com/c/IBRACORP GitHub - https://github.com/ibracorp Discord - https://discord.gg/VWAG7rZ Twitter - https://twitter.com/IBRACORP_IO == Contact Us == If you require support or have any questions you can contact us at [email protected]. All questions/issues related to getting any of my images running on Unraid can be asked here. If you think a template needs improvement, feel free to post that here too. <-------------------------------------------------------------------------------------------------------------------------------------------------------> Authelia Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy to let them know whether queries should pass through. Unauthenticated users are redirected to Authelia Sign-in portal instead. IBRACORP Links: Guide: unRAID Template: https://github.com/ibracorp/authelia.xml/blob/master/authelia.xml unRAID Installation instructions: https://github.com/ibracorp/authelia This documentation will help users who have NGINX Proxy Manager and want to use Authelia to secure their endpoint. i.e. radarr etc. Official Links: Authelia: https://www.authelia.com/ Docs: https://www.authelia.com/docs GitHub: https://github.com/authelia/authelia Docker Hub: https://hub.docker.com/r/authelia/authelia
-
**GUIDE** How to Install Authelia on unRAID
Had a lot of trouble fining help getting Authelia working on unRAID. Mostly due to my own lack of knowledge. But thanks to some help and time put in, I present you my guide written based on what I did to get it working, alongside NGINX Proxy Manager. Never used git before but here you go: https://github.com/ibracorp/authelia If anyone knows how to put an XML on Community Apps for easier finding please let me know I'd be happy to do it. Cheers