-
Error When using Authentik as my OIDC provider
Well, I guess nevermind cause another update came through and this issue was resolved.
-
cordlord started following Error When using Authentik as my OIDC provider
-
Error When using Authentik as my OIDC provider
I'm on Unraid v7.1.4 and the Unraid Connect plugin is on v2025.09.03.1929. I have Authentik setup as an OIDC provider and am receiving these errors when trying to sign in with it: [15:09:54 ERROR OidcTokenExchangeService]: Token exchange failed {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error type: ClientError {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error message: invalid response encountered {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error code: OAUTH_INVALID_RESPONSE {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: Error cause chain: {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: [Cause 1] OperationProcessingError: unexpected "iss" (issuer) response parameter value {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: [Cause 1] Code: OAUTH_INVALID_RESPONSE {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcTokenExchangeService]: [Cause 2] object: [object Object] {"apiVersion":"4.18.2+5d89682","logger":"OidcTokenExchangeService","context":"OidcTokenExchangeService"} [15:09:54 ERROR OidcService]: OAuth callback error: invalid response encountered {"apiVersion":"4.18.2+5d89682","logger":"OidcService","context":"OidcService"} [15:09:54 ERROR OidcRestController]: OIDC callback error: UnauthorizedException: Authentication failed {"apiVersion":"4.18.2+5d89682","logger":"OidcRestController","context":"OidcRestController"}I have double, triple checked that all of my settings are correct both on the plugin and in Authentik. I also have Unraid.net setup and that works perfectly with 0 errors. When I save the OIDC settings, the logs show successful discovery of all the endpoints and gives no errors, so I'm confident that the config is all correct. Edit: I should also mention that Authentik uses the issuer URL as https://auth.domain.com/application/o/unraid/ WITH the trailing '/'. Even though the Unraid docs and error message state to NOT include that, the discovery will error out unless it is included. When I inspect the JWT data, the value for the iss claim also includes the trailing '/'. This seems like an issue somewhere in Unraid where it's getting slightly different data than it's expecting.
-
Disable User/Password login (for specific IP-Ranges) when OIDC is configured
Just my two cents, I'd like a whitelist and a blacklist of client IPs where I can/can't see the username/password prompt. The main way I'd use this is to just whitelist my local and VPN subnets so I can get in on my own network should my OIDC be down, while everywhere else would only see the OIDC providers. Another way that may be easier or require less config, would be to restrict it by url. I have a reverse proxy and domain, so I'd preferably only like to see the OIDC when accessing from there, but would still like to see the username/password field if accessing Unraid through the IP address. It would also be sweet to have auto-signin if I'm already signed in with my OIDC provider.
-
Low-power 2023+ Intel N & U series boards (all form factors) + info on turnkey solutions
Next time I'm able to take my server down, I would be happy to test this out. The only fan I have connected to the motherboard is the cpu fan, but I would be comfortable disconnecting that as the heat sinks should handle the cpu at idle. Good tip about the power measurements. I'll find another way and come back with more concrete numbers, both loaded and unloaded. On the Aliexpress page, they claim the board should sit around 18-23 watts completely bare. We'll see if my numbers are similar.
-
Low-power 2023+ Intel N & U series boards (all form factors) + info on turnkey solutions
Alright, so I finally received the board and got it installed. I've had it running for about 4 days now. In summary, I do not regret this upgrade at all. This new board is MILES ahead of the N5105. Absolutely worth the extra money. Full Overview: Note: When using the term "idle" in my case, this means one drive spun up and no special processes running outside of Unraid, containers and VMS. I posted all the specs in the last post and they all seem to be correct. One correction, I believe is, that this is a CWWK board. I'm not completely savvy to how resellers work, but I got it from the Aliexpress link provided. The board arrived intact and passed all of my testing. It booted, runs the same American Mega Trends bios all of these boards run, and has been running my server perfectly. Both of the boards support automatic power on after power loss. The USB 3.0 header on the N305 board is a very nice addition. The biggest benefit for this board over other N305 boards specifically, is that the 2nd M.2 slot and the PCIe x4 expansion slot are SEPARATE, meaning they can both be used AT THE SAME TIME. On other N305 boards, these are shared, meaning you can only have one or the other active. With the size constraints of this board, you will need to use a riser cable with the PCIe x4 expansion slot if you're also using any of the SATA ports as they will interfere with each other, but this is a small price to pay in my opinion. I indeed am running a single Crucial DDR5 32GB 5200MHz RAM clocked down to the max supported 4800MHz with 0 issues whatsoever. Memtest passed a full 13 passes with 0 issues. Unraid sees all 32GB and has not had any issues. The Noctua NH L12S cooler I ordered mounted right over the included copper heat-sink with no problems at all. It keeps this CPU very happy at 17C at "idle". I've never seen it jump higher than 30C under load. I don't see myself ever worrying about overheating. Note: This is in an unheated room during winter where ambient temp is around 4.5C, so your temps may be a little higher. I have the fan running about half speed if the temps get over 20C, then jump to full speed at 40C. This is configurable through the bios. As for actual performance for Unraid, this thing is a beast. It booted right up after swapping the motherboard and has no issues whatsoever. No changes or special configs were necessary to get anything working, c-states, network ports, etc. I'm running about 30 docker containers, pihole, full media stack and full Nextcloud AIO install, and a Home Assistant VM, 3cpus 6GB ram, and it barely breaks a sweat. I rarely see it go over 10% usage unless I'm doing something intensive or doing a big file transfer. Even then, it can handle a ton and I still have yet to actually get it to 100% usage outside of a benchmark test. My favorite part, there has been no significant power draw changes during normal usage. I have a UPS that tells me the total power draw and the numbers are exactly the same as they were with the old board. Overall, with 2 NVMe drives, 4 7200RPM SATA drives, and the new motherboard, I'm running about 30 watts at "idle" and up to 50 watts or so during something like a parity sync. This is with a PSU that isn't even super efficient at this power draw. Again, all out of the box with no time spent tinkering with the bios or special configs. All in all, if you're looking for a low-power, small form factor, yet powerful, modern and flexible CPU, I would highly recommend this motherboard for the price. I paid right around $300 for the board and cooler. If you have any other questions about the board, my setup, or want me to run any tests, just let me know.
-
Low-power 2023+ Intel N & U series boards (all form factors) + info on turnkey solutions
Just stumbled upon these boards only a month after I bought an N5105 board. https://www.aliexpress.us/item/3256807243287509.html?spm=a2g0o.order_list.order_list_main.5.21ef180247OG2P&gatewayAdapt=glo2usa#nav-specification Edit: It appears to be the same board as this: https://cwwk.net/products/cwwk-12th-gen-i3-n305-n100-2-intel-i226-v-2-5g-nas-motherboard-6-sata3-0-6-bay-soft-rout-1-ddr5-4800mhz-firewall-itx-mainboard?_pos=21&_sid=f0793905f&_ss=r&variant=46326552625384 Not sure if anyone else has seen them. It's a Topton i3-N305 board, but it's different from the others I've seen. It's got 2x M.2 on PCIe x1, 6x SATA 3.0 on PCIe x1, only 2x 2.5 GB eth, a 1x PCIe x4 slot, a USB3 header, and support for Intel 115x coolers. All this at only 18W. The pcb is also purple instead of green or black. This board fixes all the issues I was seeing with the N5105. I only need 2 eth instead of 4 and wanted a little more power than 4 cores. 8 is plenty for me. My least favorite was the cooler support, which was non existent. With the N305 board, you can use coolers like the Noctua NH L12S. Having the ability to add a graphics card for transcoding, a 10 GB eth, or more SATA ports is also great for future proofing. The one downside is the single channel RAM, but, the way I see it, I really don't dual channel for a small server application. Especially since it supports DDR5 4800MHz, nearly double the speed of the N5105. So, needless to say, mine is on it's way and will be immediately replacing the old board. I can post an update once it's in if anyone is interested.
-
[Plugin] Snapshots
Thanks for this. It would be most helpful to have this info built in to the system help. And really any other amount of help information for that matter. This plugin is severely lacking in that area.
cordlord
Members
-
Joined
-
Last visited