June 2, 20224 yr I've got Authentik set up and accessible through my domain. I'm currently using linuxserver's Swag Docker with Vouch and Keycloak for authentication/authorization. I'm not seeing any guides on how to integrate Authentik with Swag. It appears as if Authentik should replace both Vouch and Keycloak so I'm trying to figure out how to implement it through Swag. Maybe I need to read the docs. I set up a proxy provider and an application and outpost. I took the nginx standalone code and put the "/" location code into a file to include in the application's location and put the other server block code into a separate file to include outside the app's location blocks. When I browse to my application I just get a 500 error. Any ideas?
July 7, 20223 yr I think Hibracorp wanted to break things down into stages. This is the install only which includes Postgres/Redis/Authentik. It's already a good thing and it takes place without complications. I think the next step will be on a concrete use case with an application for example not secure ? In this regard, if someone can answer this question : with Authelia we have strong Authentication. But once the authentication passed, we have the Login / Password authentication of the app. How to remove the authentication of an application so as not to duplicate ? Thanks Edited July 7, 20223 yr by Casadream_1
September 16, 20223 yr Great video but cant get the authentik-worker to connect to postgres. Followed the guide exactly. Gets this error in worker log: {"event": "PostgreSQL connection successful", "level": "info", "logger": "__main__", "timestamp": 1663354077.5986426} {"event": "PostgreSQL connection failed, retrying... (connection to server at \"postgres\" (172.18.0.12), port 5432 failed: FATAL: password authentication failed for user \"postgres\"\n)", "level": "info", "logger": "__main__", "timestamp": 1663354078.6033316} Anyone got an idea? Removed every special character everywhere. Thanks!
October 10, 20223 yr On 6/2/2022 at 2:59 PM, Taddeusz said: I've got Authentik set up and accessible through my domain. I'm currently using linuxserver's Swag Docker with Vouch and Keycloak for authentication/authorization. I'm not seeing any guides on how to integrate Authentik with Swag. It appears as if Authentik should replace both Vouch and Keycloak so I'm trying to figure out how to implement it through Swag. Maybe I need to read the docs. I set up a proxy provider and an application and outpost. I took the nginx standalone code and put the "/" location code into a file to include in the application's location and put the other server block code into a separate file to include outside the app's location blocks. When I browse to my application I just get a 500 error. Any ideas? Same problem here. Switched to nginx proxy manager and still get the 500 error. followed all online sources troubleshooting, error remains.
November 18, 20223 yr I succefully installed Authentik thanks to this video, but after that there's a steep learning curve about terminology and concepts. To be honest I'm strill trying to figure out what is an outpost, and should I care about it. Here's a link I followed to mimic what Authelia does for a simple SSO with NPM : https://geekscircuit.com/set-up-authentik-sso-with-nginx-proxy-manager/ I also had a 500 error fixed by adjusting the proxy_pass in NPM configuration, as explained in the link : Quote Make sure you have changed the authentik proxy pass config. either you can use internal IP address with port number or public address proxy_pass https://auth.example.com/outpost.goauthentik.io; proxy_pass http://10.10.20.25:9090/outpost.goauthentik.io; I will definitely continue to dig on how use this tool as the possibilities are larger comparing to Authelia.
March 30, 20233 yr Has anyone gotten this to work properly? I got the redirect working, but it automatically denies me access and doesn't go to the login screen. Even going directly to authentic produces the same problem until I turn off the workflows within authentic or remove the configs from the targeted app. The only way I really got it to work briefly is when all the apps are in the same proxy network, but that isn't really feasible as some apps need to be on it's own IP
August 15, 20232 yr I have installed authentik with unraid. Do I still need to set up port 389 in Docker settings? At least this is required when setting up with ldap jellyfin: https://www.reddit.com/r/selfhosted/comments/x3b74z/authentik_ldap_with_jellyfin_setup/
December 21, 20232 yr I followed IBRACORP tutorial and had authentik + postgres installed in unraid. I use SWAG + Cloudflare as well as reverse proxy and have the annoying "500 Internal Server Error" when I connect to one of my subdomains (which is a VM service exposed to port 80). The service works fine when I use the actual LAN IP. In Authentik log I have this error log (I x'd and y'd the IPs and the domain). Any idea? Outpost authentik Embedded Outpost (Provider NGINX) failed to detect a forward URL from nginx { "url": "https:///outpost.goauthentik.io/auth/nginx", "headers": { "Accept": "image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8", "Cf-Ray": "838cea73496dc339-EWR", "Referer": "https://my.domain.com/", "Cdn-Loop": "cloudflare", "Priority": "u=1, i", "Sec-Ch-Ua": "\"Not_A Brand\";v=\"8\", \"Chromium\";v=\"120\", \"Google Chrome\";v=\"120\"", "X-Real-Ip": "xxx.xxx.xxx.xxx", "Cf-Visitor": "{\"scheme\":\"https\"}", "Connection": "close", "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36", "Cf-Ipcountry": "US", "Sec-Fetch-Dest": "image", "Sec-Fetch-Mode": "no-cors", "Sec-Fetch-Site": "same-origin", "Accept-Language": "en-US,en;q=0.9,es-AR;q=0.8,es;q=0.7", "X-Forwarded-For": "xxx.xxx.xxx.xxx, yyy.yyy.yyy.yyy", "X-Forwarded-Ssl": "on", "Cf-Connecting-Ip": "xxx.xxx.xxx.xxx", "Sec-Ch-Ua-Mobile": "?0", "X-Forwarded-Host": "my.domain.com", "X-Forwarded-Proto": "https", "Sec-Ch-Ua-Platform": "\"Windows\"" }, "message": "Outpost authentik Embedded Outpost (Provider NGINX) failed to detect a forward URL from nginx", "outpost": "authentik Embedded Outpost", "provider": "NGINX" } User {} Edited December 21, 20232 yr by chenci
August 9, 20241 yr It took me a while but I got a working installation now. I followed the docker-compose installation method : https://docs.goauthentik.io/docs/installation/docker-compose I though it would be best as the images versions were selected by the Authentik team. And after some tryouts I successfully configured Authentik to work with NPM : - SSO with Radarr/Sonarr - Login page for service that does not support authentication. I'm still working on OAuth SSO for Guacamole.
September 6, 20241 yr I've yet to have any of Ibracorp's dockers and video instructions "just work" - why should this be any different. 👌
September 7, 20241 yr Author 4 hours ago, Espressomatic said: I've yet to have any of Ibracorp's dockers and video instructions "just work" - why should this be any different. 👌 Feel free to update them if you like. We volunteer our time so if you can do it better please get to it.
September 21, 20241 yr On 9/7/2024 at 12:12 AM, Espressomatic said: I've yet to have any of Ibracorp's dockers and video instructions "just work" - why should this be any different. 👌 Fun fact, applications tend to receive updates, which eventually results in a once-useful instructional video becoming obsolete, even their Unraid setup video isn't as useful as it once was after the 6.12 update which changed how storage is assigned to shares. This very fact is the reason I stumbled upon this post, in the hopes of finding others who may have got Authentik up and running.
September 21, 20241 yr 1 hour ago, UnknownWitcher said: Fun fact, applications tend to receive updates, which eventually results in a once-useful instructional video becoming obsolete I typically watch out for things like that, which wasn't what I was referring to. Funnily enough, the Authentik video instructions do in fact work (so kudos), and I didn't notice any glaring omissions. It leaves you with a functioning Authentik installation which you can successfully log into when finished. My previous post was more along the lines of steps completely missed or dependencies and other requirements not disclosed, both in video and written instructions. Again, not relating to changes in the software in question - those issues are easy to ignore for the most part.
October 28, 20241 yr On 8/9/2024 at 4:36 AM, hot22shot said: It took me a while but I got a working installation now. I followed the docker-compose installation method : https://docs.goauthentik.io/docs/installation/docker-compose I though it would be best as the images versions were selected by the Authentik team. And after some tryouts I successfully configured Authentik to work with NPM : - SSO with Radarr/Sonarr - Login page for service that does not support authentication. I'm still working on OAuth SSO for Guacamole. can you share your solution for authentik + npm?
October 28, 20241 yr 18 hours ago, D34DPUULL said: can you share your solution for authentik + npm? Nothing fancy, I just used what Authentik advised for NPM, one trick though : I had to used my server IP in the proxy_pass URL of the outpost location.
July 18, 2025Jul 18 I've been running Authentik for nearly a year now ... and I just put it down yesterday.It is a great product but way overkill for my usage. I'm trying to limit the number of containers running on my server and it was just too much compared to what can be achieve by competitors.To be honest it was aso a bit of a hassle to configure.After considering going back to Authelia I'm now using Tinyauth, designed for homelabs, simple to configure and use minimal resources to run.As I have also changed NPM by traefik it is very easy to secure my homelab.
July 18, 2025Jul 18 I happily skipped all these headache auth providers entirely. No one can access my containers nor systems as I don't open any to the public internet. Tailscale is the only way in.
February 19Feb 19 Is this still the recommended method to install Authentik on Unraid? I am on Unraid 7.2.3 and I want to secure AudioBookShelf behind authentik.There is an IBRACORP docker in the community applications but it uses an old version of Authentik and still requires Redis. The latest version of Authentik doesn't need Redis anymore.Cheers
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.