[Support] IBRACORP - All images and files

[nojutsu42 2]

Hey Sycotix, 

 

I updated the docker with the new container uploaded to CA - I am now getting some strange database panic.  Have you seen this before?  

panic: Invalid schema of database: Users.MYUSERNAME.DisplayName: non zero value required

Prior to the update the container was functioning proper. 

[Sycotix 23]

@nojutsu42 no idea. I have been at work all day. I could reach everything this morning but not now, which means the auto update has broken it for me too.

I will need to look into it. Let me know if you find anything 

[nojutsu42 2]

Kinda looks like it has something to do with the static username file interacting with the db.  

[Korshakov 3]

8 hours ago, Sycotix said:

@Korshakov I read your file data and found this:

 error_page 401 =302 https://auth.YOURDOMAIN.com/?rd=$target_url;

You need to update YOURDOMAIN. If you haven't yet, then yes, this would confirm your theory of a redirection issue.

I will add this in the documentation which seems I missed. 

I did sorry i didn't send it to you properly.

[muwahhid 7]

Do I need to create a subdomain for it 'auth.MYDOMAIN.ru'? And which container to redirect to it? Local ip Authelia?

[Korshakov 3]

I've been looking at it whole day and i can't really find out why it's not passing authorised session back to protected subdomain. Whatever i try i always get 401 redirection, which makes me feel like there is some sort of issue in proxy manager advanced settings for both auth and endpoint subdomain.

[muwahhid 7]

@SpaceInvaderOne I am calling you and your video guide))

Edited July 2, 2020 by muwahhid

[Korshakov 3]

11 minutes ago, muwahhid said:

spaceinvader I am calling you and your video guide))

hahaha yeah! @SpaceInvaderOne

[Sycotix 23]

@muwahhid the subdomain can be named whatever you like, but yes, you need to have one so that you have a portal which is ridirected to. So yes, the Authelia IP address locally. 

 

@Korshakov I'm not sure what's going on with your setup but it is certainly working for me using those instructions. The only thing I have to figure out is bypassing certain thing like the Radarr calendar API which is being called by Organizr. 

 

More than welcoming for SpaceInvaderOne to step in. 

Edited July 2, 2020 by Sycotix

[Sycotix 23]

@Korshakov I have compared your files for NPM side by side. Here's the only things that stand out to me:

 

Protected Endpoint:

set_real_ip_from 192.168.1.0/16;

 

I noticed your subnet is different in the Authelia config, so perhaps this needs to be changed to match?

Can you try and confirm?

 

EDIT: Disregard. I changed mine to a different subnet and it made no difference. Could still reach the endpoint fine. I'll keep looking

Edited July 3, 2020 by Sycotix

[Sycotix 23]

Do you have any other services you can try testing with? i.e. Sonarr/Radarr? Just to help narrow down whether it's the config or the endpoint not playing nice?

 

I'll wait for you to send your configuration.yml to read over also. 

If you can send the actual 401 error line from Authelia logs that would be very helpful. If it's sensitive you can just PM me.

Edited July 3, 2020 by Sycotix

[nojutsu42 2]

17 hours ago, nojutsu42 said:

Kinda looks like it has something to do with the static username file interacting with the db.  

@Sycotix It's fixed - all I did was delete the users_database.yml let Authelia recreate the file.  I edited the new file with new credentials and its back up normal now. 

[Sycotix 23]

@nojutsu42 beautiful, that's what we like to hear mate! Mine has been working fine since yesterday when I got back from work so not sure what happened. 

 

Happy days. Thanks for updating me

[Korshakov 3]

I got it working at the end. Some confusion in guide caused it not to work propetly. Thank you!

[Sycotix 23]

hi all, a big thank you to @Korshakov, a small but important detail was pickup on on the guide:

 

In Protected Endpoint line 3:

set $upstream_authelia http://SERVERIP/api/verify;

 

I would suggest to change it to:

 

set $upstream_authelia http://SERVERIP:9091/api/verify;

 

*****

in protected endpoint line 33:

 

i would suggest to change it from:

 

set $upstream_CONTAINERNAME http://SERVERIP:CONTAINERPORT;

 

to:

 

set $upstream_CONTAINERNAME http://CONTAINERIP:CONTAINERPORT;

 

It only worked for me properly when i changed it from server ip of authelia to the actual protected endpoint ip. in your guide you are talking SERVERIP first in authelia portal config and later you talked about protected endpoint, but the term SERVERIP is used as the same in both steps and that could be confusing, at least it was to me.

 

I think that's all mate.

I will update the guide now accordingly.

Thank you

[muwahhid 7]

will be working with Ngynx proxy manager?

[Sycotix 23]

2 minutes ago, muwahhid said:

will be working with Ngynx proxy manager?

I don't want to be rude here mate but the guide literally explains the setup solely for NGINX Proxy Manager. Is there somewhere you're stuck that I can help with?

[muwahhid 7]

3 minutes ago, Sycotix said:

I don't want to be rude here mate but the guide literally explains the setup solely for NGINX Proxy Manager. Is there somewhere you're stuck that I can help with?

 

Forgive me for my ignorance.)) I repeat I am a beginner. A question. If I give you all my data and my completed config file, could you check it?

[Sycotix 23]

@muwahhid hey that's no problem mate. I am also a beginner so we're all here to help each other.

 

Yes sure, as long as you've read the guide and still can't get it working. Send them via private message to protect your information. 

Can you also tell me where you're stuck?

[muwahhid 7]

1 minute ago, Sycotix said:

@muwahhid hey that's no problem mate. I am also a beginner so we're all here to help each other.

 

Yes sure, as long as you've read the guide and still can't get it working. Send them via private message to protect your information. 

Can you also tell me where you're stuck?

Thank you, tomorrow I will try again, and if it doesn’t work out, I will send you for verification.

[muwahhid 7]

15 hours ago, Sycotix said:

@muwahhid hey that's no problem mate. I am also a beginner so we're all here to help each other.

 

Yes sure, as long as you've read the guide and still can't get it working. Send them via private message to protect your information. 

Can you also tell me where you're stuck?

I successfully launched the container, created the user, logged in. Now I settled on the NPM configuration item.
I have MyDomain.ru (my main domain), auth.MyDomain.ru (with local ip Authelia) and radarr.MyDomain.ru (with local ip Radarr).
You write about editing files:

(Change the data inside Authelia Portal.conf and Protected Endpoint.conf. If none of the ports has been changed in any of the above config files, you only need to change)

Where are their files located? I can not find them.

 

Edited July 4, 2020 by muwahhid

[Sycotix 23]

@muwahhid sorry for late reply. I'm in Australia so bit of time difference. 

 

The files can be found in the repository on GitHub (https://github.com/ibracorp/authelia):

 

 

 

 

Edited July 4, 2020 by Sycotix

[muwahhid 7]

6 minutes ago, Sycotix said:

@muwahhid Извините за поздний ответ. Я в Австралии, поэтому небольшая разница во времени. 

 

Файлы можно найти в репозитории на GitHub ( https://github.com/ibracorp/authelia 😞

 

 

 

 

authentication portal.conf needs to be copied and pasted into /NPM /edit proxy Host- /Advanced (auth.MYdomain.ru)?
and protected endpoint.conf needs to be copied and pasted into /NPM /edit proxy Host / Advanced (needProtect.MyDomain.ru)?

Edited July 4, 2020 by muwahhid

[Sycotix 23]

@muwahhid Correct the Authentication Portal.conf goes into the advanced config for your Authelia proxy.

 

The Protected Endpoint goes into whichever service you want to protect. For example, Radarr or Office etc. 

 

You must edit these files to suit you, replacing the referenced placeholders such as SERVERIP or CONTAINERNAME. 

In the information you posted to Discord I can see the formatting is incorrect which (maybe) giving you issues. For example:

http://192.168.31.100:4430/;

There is a '/' at the end of your IP. A trailing slash can sometimes cause issues. In the template it looks like this:

set $upstream_CONTAINERNAME http://CONTAINERIP:CONTAINERPORT;

 

[muwahhid 7]

5 minutes ago, Sycotix said:

@muwahhid Исправьте аутентификацию. Portal.conf входит в расширенную конфигурацию вашего прокси-сервера Authelia.

 

Защищенная конечная точка переходит в любой сервис, который вы хотите защитить. Например, Радарр или Офис и т. Д. 

 

Вы  должны  отредактировать эти файлы в соответствии с вашими предпочтениями, заменив ссылочные заполнители, такие как SERVERIP или CONTAINERNAME. 

В информации, которую вы разместили в Discord, я вижу неправильное форматирование, которое (возможно) вызывает у вас проблемы. Например:

В конце вашего IP есть символ «/». Конечный слеш может иногда вызывать проблемы. В шаблоне это выглядит так:

 

It’s not me who wrote the discord) But you are right, the problem I had was in "/". Thanks for the clarification. If you do not mind, I will still write if questions arise. I'm starting to customize Authelia and all my web applications.

Edited July 4, 2020 by muwahhid