**GUIDE** How to Install Authelia on unRAID


Recommended Posts

  • 2 months later...

After updating your Authelia to  v4.33.1, You'll probably see an error "Can't continue due to the errors loading the configuration"

 

To solve the issue, edit the configuration yaml file, and add a new encryption_key key under storage.

 

storage:
  local:
    path: /config/db.sqlite3 #this is your databse. You could use a mysql database if you wanted, but we're going to use this one.
  encryption_key: you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this

 

Hope this helps :)

Edited by NotYourAverageDev
  • Thanks 2
Link to comment
13 minutes ago, NotYourAverageDev said:

After updating your Authelia to  v4.33.1, You'll probably see an error "Can't continue due to the errors loading the configuration"

 

To solve the issue, edit the configuration yaml file, and add a new encryption_key key under storage.

 

storage:
  local:
    path: /config/db.sqlite3 #this is your databse. You could use a mysql database if you wanted, but we're going to use this one.
  encryption_key: you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this

 

Hope this helps :)

Thanks mate, we did also add this to our docs incase anyone doesn't know about it:

https://docs.ibracorp.io

  • Like 2
Link to comment
16 minutes ago, NotYourAverageDev said:

After updating your Authelia to  v4.33.1, You'll probably see an error "Can't continue due to the errors loading the configuration"

 

To solve the issue, edit the configuration yaml file, and add a new encryption_key key under storage.

 

storage:
  local:
    path: /config/db.sqlite3 #this is your databse. You could use a mysql database if you wanted, but we're going to use this one.
  encryption_key: you_must_generate_a_random_string_of_more_than_twenty_chars_and_configure_this

 

Hope this helps :)

 

Just noticed this come up on my server, thanks for the help!

Link to comment
3 hours ago, Masterwishx said:

have question about smtp port , im using 465 and its ok but its like old port for SSL and for TLS better to use 587 like in video guide? 

but i have some red line when i change to 587 

image.thumb.png.0c85755b3eeff5f600372f24d1c5e7e3.png

 

this log for 465

image.thumb.png.37f39b6cf9513b76161899283a624ce7.png

so what port is better to use ?

 

Both are fine it really depends on your SMTP provider and what they require

  • Like 1
Link to comment
21 hours ago, Sycotix said:

Both are fine it really depends on your SMTP provider and what they require

Thanks i got it ,im using google SMPT jsut didnt understand why is red line on 587 and i though 465 is obsoled port but after i founded info in :

https://github.com/authelia/authelia/issues/2194

and 

https://datatracker.ietf.org/doc/html/rfc8314

so i understand there is a little confusion about thouse ports in SMTP usage, but like you said they both OK...

Link to comment

im trying to setup Authelia also for Dockers with andriod apps like Airsonic Advanced,Nextcloud ...

in Airsonic Advanced can access from App ,can be "^/rest([/?].*)?$" added to all :

 

## bypass api / trigges
      - domain: "*.mysite.com"
        resources:
          - "^/api([/?].*)?$"

          - "^/rest([/?].*)?$"
          - "^/identity.*$"
          - "^/triggers.*$"
          - "^/meshagents.*$"
          - "^/meshsettings.*$"
          - "^/agent.*$"
          - "^/control.*$"
          - "^/meshrelay.*$"
          - "^/wl.*$"

 

or better to setup alone ?

 

access_control:

default_policy:

deny rules:

- domain: authelia.example.com

policy: bypass

- domain: sonic.example.com

policy: bypass

# not sure how else to let android & iOS apps get in resources:

"^/rest([/?].*)?$"

 

Link to comment
  • 2 weeks later...

Hi there, I'm trying to get Authelia up and running.

I'm using it with SWAG, using the default authelia-server.conf and authelia-location.conf.

When I try and access an application that is reverse proxied and setup to use authelia, it correctly goes to the Authelia login page. When I log in correctly, it seems to redirect successfully, but without any session info (the user name is blank), and I end up at the Authelia login page again.

I've tried removing redis from the config to see if in memory session handling would make a difference, but no change.

Relevant log belong.

Thanks.

 

time="2021-12-28T23:51:14+11:00" level=debug msg="Check authorization of subject username= groups= ip=x.x.x.x and object https://xxx.duckdns.org/ (method GET)."
time="2021-12-28T23:51:14+11:00" level=info msg="Access to https://xxx.duckdns.org/ (method GET) is not authorized to user <anonymous>, responding with status code 401" method=GET path=/api/verify remote_ip=x.x.x.x
time="2021-12-28T23:51:20+11:00" level=debug msg="Mark 1FA authentication attempt made by user 'test'" method=POST path=/api/firstfactor remote_ip=x.x.x.x
time="2021-12-28T23:51:20+11:00" level=debug msg="Successful 1FA authentication attempt made by user 'test'" method=POST path=/api/firstfactor remote_ip=x.x.x.x
time="2021-12-28T23:51:20+11:00" level=debug msg="Check authorization of subject username=test groups=admins,dev ip=x.x.x.x and object https://xxx.duckdns.org/ (method )."
time="2021-12-28T23:51:20+11:00" level=debug msg="Required level for the URL https://xxx.duckdns.org/ is 1" method=POST path=/api/firstfactor remote_ip=x.x.x.x
time="2021-12-28T23:51:20+11:00" level=debug msg="Redirection URL https://xxx.duckdns.org/ is safe" method=POST path=/api/firstfactor remote_ip=x.x.x.x
time="2021-12-28T23:51:20+11:00" level=debug msg="Check authorization of subject username= groups= ip=x.x.x.x and object https://xxx.duckdns.org/ (method GET)."
time="2021-12-28T23:51:20+11:00" level=info msg="Access to https://xxx.duckdns.org/ (method GET) is not authorized to user <anonymous>, responding with status code 401" method=GET path=/api/verify remote_ip=x.x.x.x

 

Link to comment
12 hours ago, xxbigfootxx said:

Have you added the group admins to be able to access those sites using 1FA?

 

I think so, but as a test, I've removed groups from my user and the rule and getting the same problem.

 

My access control is this

default_policy: deny

  rules:
    ## Rules applied to everyone
    - domain: "*.duckdns.org"
      policy: one_factor

 

Link to comment
  • 5 months later...
  • 5 months later...

If I want to add multiple subdomains to the Authelia config would I format it like this?

access_control:
  default_policy: deny
  rules:
    ## bypass rule
    - domain:
        - "auth.domain.com"
       policy: bypass
    ## catch-all
    - domain:
        - "radarr.[mydomain].org"
        - "sonarr.[mydomain].org"
      subject:
        - "group:admins"
      policy: one_factor

 

Also is the encryption key entry found in the storage section just any key you generate using a generator over 20 chars?

Edited by DontWorryScro
Link to comment
  • 2 weeks later...

My Authilia was running perfectly and then suddenly it just wouldn't start?

I found that if I stopped the Maria DB it would start.

I then restored both the Authilia & Marid DB and it still wouldn't start?

 

SOLUTION

The latest (I have auto update enabled for this docker) update of Maria DB introduced an error!

Start your Marid DB docker for Authelia (Backup the db first) and go to the Docker terminal and execute:

 

$ mysql_upgrade -u root -p

 

After running this the update is "fixed" and everything works again

More about this error can be found here:

https://github.com/authelia/authelia/issues/4519

  • Thanks 1
Link to comment
  • 1 year later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.