[Support] IBRACORP - All images and files


200 posts in this topic Last Reply

Recommended Posts

I have just recently stumbled across your Channel on YouTube and want to tell you that you are on to a winner here you have some great content already and look forward to upcoming videos.

 

a question is do you do requests?  i would love a upto date and supported container for Serviio if that is possible

Link to post
  • Replies 199
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Welcome to IBRACORP Support   = Support Us = Membership   Help support my work by subscribing to our site and our Youtube Channel. It's free with paid options. There are no fe

Thanks, Sycotix, for setting up this template and providing your writeup. This was super helpful to get me up and running behind the LSIO Letsencrypt container.   Just FYI, the section where

Thanks for the feedback and picking that up @kaiguy. You're very welcome. Wanted to help out whatever way I could.    I have amended the doco with the semicolon. I will also add the block/in

Posted Images

10 hours ago, SohailS said:

I have just recently stumbled across your Channel on YouTube and want to tell you that you are on to a winner here you have some great content already and look forward to upcoming videos.

 

a question is do you do requests?  i would love a upto date and supported container for Serviio if that is possible

Hi Sohail thanks for the feedback mate that's very much appreciated. 

 

I can look into it and if it's a quick one shouldn't be hard to get a template up 

Link to post
9 minutes ago, Sycotix said:

Hi Sohail thanks for the feedback mate that's very much appreciated. 

 

I can look into it and if it's a quick one shouldn't be hard to get a template up 

Thanks Sycotix 

 

Really appreciate it.  Linuxserver used to do one but it's now a really old version and it's deprecated, really appreciate your time 

Link to post
6 hours ago, SohailS said:

Thanks Sycotix 

 

Really appreciate it.  Linuxserver used to do one but it's now a really old version and it's deprecated, really appreciate your time 

Created and tested mate, seems to work for me. I've just put it on Github so give it a few hours then check app store

Link to post
On 1/17/2021 at 2:54 PM, mikedm139 said:

I'm in the process of switching my install over from the LetsEncrypt/SWAG container to NginxProxyManager for my reverse proxy. I had Authelia set up and working with SWAG and it appears that it should be working with NPM, but my protected endpoints are all exposed without authenticating through Authelia. I have been following the guide (although I have not set up Redis or MariaDB, if that is possibly relevant).

I am able to access Authelia at "auth.MYDOMAIN.ca" . I have copied the conf files to the advanced tabs for authelia and each of my endpoints needing protection, and edited them appropriately. When I try to access any of the "protected" endpoints via private browsing in FireFox or from outside my LAN, it bypasses authelia entirely.

Here is the Access Control section of my authelia configuration.yml:


access_control:
  # Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'.
  # It is the policy applied to any resource if there is no policy to be applied
  # to the user.
  default_policy: deny

  rules:
    - domain: "*.REDACTED.ca"
      policy: two_factor

 

I have tried configuring several different containers/endpoints (cloud9, ApacheGuacamol, sonarr) and they all seem to bypass Authelia.

 

Any suggestions on how to fix or troubleshoot would be much appreciated.

 

For anyone else who runs into this issue. Apparently, there needs to be a slight change in the authelia config file when switching from SWAG to NPM. With SWAG, line 20 of the config is "authelia"

 

# Set the single level path Authelia listens on, must be alphanumeric chars and should not contain any slashes.
  path: "authelia"

With NPM, it needs to be ""

# Set the single level path Authelia listens on, must be alphanumeric chars and should not contain any slashes.
  path: ""

 

 Big thanks to @Muwahhidun for helping track this down. Discussion is here.

Link to post
17 hours ago, Sycotix said:

Created and tested mate, seems to work for me. I've just put it on Github so give it a few hours then check app store

Wow thanks that was super fast i will give it a go now

 

And it worked a treat thanks again 

Edited by SohailS
Link to post

Hi,
I am very new to Unraid and I have just begun following the instructions to install Authelia. For some reason, I am getting a "You do not have permission to open this file..." error, when trying to edit the configuration.yml, using Notepad++ on Windows 10. How do I fix this? I know I am probably missing something basic. 

Link to post
1 hour ago, MsDarkDiva said:

Hi,
I am very new to Unraid and I have just begun following the instructions to install Authelia. For some reason, I am getting a "You do not have permission to open this file..." error, when trying to edit the configuration.yml, using Notepad++ on Windows 10. How do I fix this? I know I am probably missing something basic. 

Hi there and welcome to unRAID!

 

This can often happen because of permissions applied by unRAID/Docker. 

One the ways I combat this is using the Krusader container from the App Store. It allows you to view/edit your files and have full permissions. 

 

So I would install Krusader then when you open it, navigate to your appdata folder (mnt/user/appdata/authelia) and simply delete the config file. On your Windows 10 machine, once you've finished creating your config file just copy it into the appdata folder for Authelia. It should keep the right permissions so you can continue editing and saving as you go. 

 

Just be really careful in Krusader that you DO NOT delete or move anything accidentally. Always make sure you are accessing the user share folder like above and not any of the disk folders. 

 

There might be a more elegant solution but it works. 

Edited by Sycotix
Link to post
14 hours ago, Sycotix said:

Hi there and welcome to unRAID!

 

This can often happen because of permissions applied by unRAID/Docker. 

One the ways I combat this is using the Krusader container from the App Store. It allows you to view/edit your files and have full permissions. 

 

So I would install Krusader then when you open it, navigate to your appdata folder (mnt/user/appdata/authelia) and simply delete the config file. On your Windows 10 machine, once you've finished creating your config file just copy it into the appdata folder for Authelia. It should keep the right permissions so you can continue editing and saving as you go. 

 

Just be really careful in Krusader that you DO NOT delete or move anything accidentally. Always make sure you are accessing the user share folder like above and not any of the disk folders. 

 

There might be a more elegant solution but it works. 


Thanks for this Sycotix!

I had Krusader installed, so I navigated to the configuration file and under properties, I found that it actually allows you to change file permissions for the Owner, Group and Others. Once I changed that, the file opened up no fuss. Now, comes the task of editing the file properly, so your video has come out just in time!

Link to post
4 hours ago, MsDarkDiva said:


Thanks for this Sycotix!

I had Krusader installed, so I navigated to the configuration file and under properties, I found that it actually allows you to change file permissions for the Owner, Group and Others. Once I changed that, the file opened up no fuss. Now, comes the task of editing the file properly, so your video has come out just in time!

Glad to hear it! You just taught me something too!

Enjoy 

Link to post
On 2/3/2021 at 4:39 PM, Sycotix said:

Glad to hear it! You just taught me something too!

Enjoy 


Well, I got a little farther. I followed your video which made editing everything much easier! However, when I try to start Authelia I get: "Error malformed yaml: line 200: did not find expected key". The only thing at line 200 for me is a comment hashtag. Is it referring to something else?

1066952323_200Error.thumb.jpg.cbe1e0742c65e650f0e36910bc8870ab.jpg

Link to post
3 minutes ago, MsDarkDiva said:


Well, I got a little farther. I followed your video which made editing everything much easier! However, when I try to start Authelia I get: "Error malformed yaml: line 200: did not find expected key". The only thing at line 200 for me is a comment hashtag. Is it referring to something else?

1066952323_200Error.thumb.jpg.cbe1e0742c65e650f0e36910bc8870ab.jpg

Your backend file config is not correct. It needs to look like this:

  file:
    path: /config/users_database.yml
    password:
      algorithm: argon2id
      iterations: 1
      key_length: 32
      salt_length: 16
      memory: 1024
      parallelism: 8

You have entered a password after the 'password:' line. The passwords are saved in the actual backend file only.

Link to post

@MsDarkDiva - If you're on Win10 you might give Visual Studio Code a try for editing config files.  Especially anything yaml.  VS Code is free, easy to setup, and for yaml it does cool things like auto-indent 2 spaces whenever you hit the tab key.  It would have even highlighted the word "password" in your example above as an error.

Link to post
22 hours ago, Sycotix said:

Your backend file config is not correct. It needs to look like this:


  file:
    path: /config/users_database.yml
    password:
      algorithm: argon2id
      iterations: 1
      key_length: 32
      salt_length: 16
      memory: 1024
      parallelism: 8

You have entered a password after the 'password:' line. The passwords are saved in the actual backend file only.

 

I appreciate your assistance and patience Sycotix. I fixed the line as you instructed, which worked. Then I spent then I spent the rest of the day chasing errors (special characters in my passwords, my Gmail needed it's own app password to work and then my user credentials were bad...). All this to say, I finally got Authelia to start! The struggle isn't over, but thank you!

Link to post
9 hours ago, sansoo22 said:

@MsDarkDiva - If you're on Win10 you might give Visual Studio Code a try for editing config files.  Especially anything yaml.  VS Code is free, easy to setup, and for yaml it does cool things like auto-indent 2 spaces whenever you hit the tab key.  It would have even highlighted the word "password" in your example above as an error.

 

THIS! I definitely need something to tell me when I'm making a mistake! Downloading it now. Thanks! 

Link to post
35 minutes ago, MsDarkDiva said:

 

I appreciate your assistance and patience Sycotix. I fixed the line as you instructed, which worked. Then I spent then I spent the rest of the day chasing errors (special characters in my passwords, my Gmail needed it's own app password to work and then my user credentials were bad...). All this to say, I finally got Authelia to start! The struggle isn't over, but thank you!

Haha no problem at all. I know it can be a pain but once you've got the hang of it it'll be worth it. Enjoy 

Link to post

@Sycotix Thank you for the wonderful guides. I got Authelia working with some of my apps. I did find that some apps needed some additional lines not included in your sample configuration. 
 

proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;

I will try and to a pull request later, honestly not sure what those do but they fixed Code Server and Ferdi so far, more to follow as I migrate more containers to Authelia.

Link to post
3 hours ago, thetman said:

@Sycotix Thank you for the wonderful guides. I got Authelia working with some of my apps. I did find that some apps needed some additional lines not included in your sample configuration. 
 


proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;

I will try and to a pull request later, honestly not sure what those do but they fixed Code Server and Ferdi so far, more to follow as I migrate more containers to Authelia.

Hey mate thank you very much for sharing. If you could do a pull request that would be awesome. 

Not too sure what they do either but with the wide array of apps people publish it can be helpful as it doesn't cover everything. 

Link to post
4 hours ago, Sycotix said:

Hey mate thank you very much for sharing. If you could do a pull request that would be awesome. 

Not too sure what they do either but with the wide array of apps people publish it can be helpful as it doesn't cover everything. 

pull request done. Seems it has to do with websockets nginx docs

Link to post

I am having an issue with this image.  I am able to get it up and running but the issue is that when i visit home.myurl.com it redirects me to login page but once I login it does not redirect me back to the app.  The page that it shows is the authenticated page. 

 

image.thumb.png.6f27ef3ebd324001736ea0183eebc2aa.png

 

location /authelia {
internal;
set $upstream_authelia http://192.168.1.17:9094/api/verify;
proxy_pass_request_body off;
proxy_pass $upstream_authelia;    
proxy_set_header Content-Length "";

# Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
client_body_buffer_size 128k;
proxy_set_header Host $host;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr; 
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Uri $request_uri;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 4 32k;

send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
}

location / {
set $upstream_heimdall $forward_scheme://$server:$port;
proxy_pass $upstream_heimdall;

auth_request /authelia;
auth_request_set $target_url https://$http_host$request_uri;
auth_request_set $user $upstream_http_remote_user;
auth_request_set $groups $upstream_http_remote_groups;
proxy_set_header Remote-User $user;
proxy_set_header Remote-Groups $groups;
error_page 401 =302 https://identity.MYSITE.COM/?rd=$target_url;

client_body_buffer_size 128k;

proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

send_timeout 5m;
proxy_read_timeout 360;
proxy_send_timeout 360;
proxy_connect_timeout 360;

proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Uri $request_uri;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 64 256k;

set_real_ip_from 192.168.1.1/16;
real_ip_header X-Forwarded-For;
real_ip_recursive on;

}

 

Log 

time="2021-02-17T10:36:23-05:00" level=debug msg="Mark authentication attempt made by user authelia" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Credentials validation of user authelia is ok" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Required level for the URL https://home.MYSITE.zone/ is 1" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Redirection URL https://home.thecache.zone/ is safe" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Mark authentication attempt made by user authelia" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Credentials validation of user authelia is ok" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Required level for the URL https://home.MYSTIE.zone/ is 1" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Redirection URL https://home.MYSITE.zone/ is safe" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:25-05:00" level=error msg="Scheme of target URL http://home.MYSITE.zone/ must be secure since cookies are only transported over a secure connection for security reasons" method=GET path=/api/verify remote_ip=162.158.62.48 stack="github.com/authelia/authelia/internal/handlers/handler_verify.go:411 VerifyGet.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.5/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.19.0/server.go:2166 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1374

 

I can see that its saying something about the Scheme but i am using an https url.  Any thoughts?

 

time="2021-02-17T11:25:22-05:00" level=error msg="Scheme of target URL http://home.MYWEBSITE.COM/ must be secure since cookies are only transported over a secure connection for security reasons" method=GET path=/api/verify remote_ip=162.158.62.48 stack="github.com/authelia/authelia/internal/handlers/handler_verify.go:411 VerifyGet.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.5/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.19.0/server.go:2166 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1374 goexit"

time="2021-02-17T11:26:24-05:00" level=error msg="Scheme of target URL http://ftp.MYWEBSITE.COM/ must be secure since cookies are only transported over a secure connection for security reasons" method=GET path=/api/verify remote_ip=173.245.52.158 stack="github.com/authelia/authelia/internal/handlers/handler_verify.go:411 VerifyGet.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.5/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.19.0/server.go:2166 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1374

 

Edited by davidjmorin
Link to post
5 hours ago, davidjmorin said:

I am having an issue with this image.  I am able to get it up and running but the issue is that when i visit home.myurl.com it redirects me to login page but once I login it does not redirect me back to the app.  The page that it shows is the authenticated page. 

 

image.thumb.png.6f27ef3ebd324001736ea0183eebc2aa.png

 


location /authelia {
internal;
set $upstream_authelia http://192.168.1.17:9094/api/verify;
proxy_pass_request_body off;
proxy_pass $upstream_authelia;    
proxy_set_header Content-Length "";

# Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
client_body_buffer_size 128k;
proxy_set_header Host $host;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr; 
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Uri $request_uri;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 4 32k;

send_timeout 5m;
proxy_read_timeout 240;
proxy_send_timeout 240;
proxy_connect_timeout 240;
}

location / {
set $upstream_heimdall $forward_scheme://$server:$port;
proxy_pass $upstream_heimdall;

auth_request /authelia;
auth_request_set $target_url https://$http_host$request_uri;
auth_request_set $user $upstream_http_remote_user;
auth_request_set $groups $upstream_http_remote_groups;
proxy_set_header Remote-User $user;
proxy_set_header Remote-Groups $groups;
error_page 401 =302 https://identity.MYSITE.COM/?rd=$target_url;

client_body_buffer_size 128k;

proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

send_timeout 5m;
proxy_read_timeout 360;
proxy_send_timeout 360;
proxy_connect_timeout 360;

proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Accept-Encoding gzip;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Uri $request_uri;
proxy_set_header X-Forwarded-Ssl on;
proxy_redirect  http://  $scheme://;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_cache_bypass $cookie_session;
proxy_no_cache $cookie_session;
proxy_buffers 64 256k;

set_real_ip_from 192.168.1.1/16;
real_ip_header X-Forwarded-For;
real_ip_recursive on;

}

 

Log 


time="2021-02-17T10:36:23-05:00" level=debug msg="Mark authentication attempt made by user authelia" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Credentials validation of user authelia is ok" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Required level for the URL https://home.MYSITE.zone/ is 1" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Redirection URL https://home.thecache.zone/ is safe" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Mark authentication attempt made by user authelia" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Credentials validation of user authelia is ok" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Required level for the URL https://home.MYSTIE.zone/ is 1" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:23-05:00" level=debug msg="Redirection URL https://home.MYSITE.zone/ is safe" method=POST path=/api/firstfactor remote_ip=71.184.125.234
time="2021-02-17T10:36:25-05:00" level=error msg="Scheme of target URL http://home.MYSITE.zone/ must be secure since cookies are only transported over a secure connection for security reasons" method=GET path=/api/verify remote_ip=162.158.62.48 stack="github.com/authelia/authelia/internal/handlers/handler_verify.go:411 VerifyGet.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.5/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.19.0/server.go:2166 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1374

 

I can see that its saying something about the Scheme but i am using an https url.  Any thoughts?

 


time="2021-02-17T11:25:22-05:00" level=error msg="Scheme of target URL http://home.MYWEBSITE.COM/ must be secure since cookies are only transported over a secure connection for security reasons" method=GET path=/api/verify remote_ip=162.158.62.48 stack="github.com/authelia/authelia/internal/handlers/handler_verify.go:411 VerifyGet.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.5/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.19.0/server.go:2166 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1374 goexit"

time="2021-02-17T11:26:24-05:00" level=error msg="Scheme of target URL http://ftp.MYWEBSITE.COM/ must be secure since cookies are only transported over a secure connection for security reasons" method=GET path=/api/verify remote_ip=173.245.52.158 stack="github.com/authelia/authelia/internal/handlers/handler_verify.go:411 VerifyGet.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.5/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.19.0/server.go:2166 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.19.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1374

 

Hate to ask mate, but this question comes up a lot, have you watched my videos covering this? It's mostly a config error in NGINX Proxy Manager (if using) 

Link to post

Hi @Sycotix, great container und great videos btw :) 

 

Everything working fine, except one thing with my Nextcloud. I would need your help on how to bypass or disable API authentication for Nextcloud in NGINX Proxy Manager.

In Authelia log I get errors like this:

 

time="2021-02-23T22:47:04+01:00" level=info msg="Access to https://nextcloud.mydomain.com/ is not authorized to user , sending 401 response" method=GET path=/api/verify remote_ip=XYZ.XYZ.XYZ.XYZ

 

I tried several things in custom locations tab in NGINX Proxy Manager, but no luck yet.

Also tried proxy_intercept_errors off in advanced config.

 

Thanks in advance.

Edited by gizmer
Link to post
19 minutes ago, gizmer said:

Hi @Sycotix, great container und great videos btw :) 

 

Everything working fine, except one thing with my Nextcloud. I would need your help on how to bypass or disable API authentication for Nextcloud in NGINX Proxy Manager.

In Authelia log I get errors like this:

 

time="2021-02-23T22:47:04+01:00" level=info msg="Access to https://nextcloud.mydomain.com/ is not authorized to user , sending 401 response" method=GET path=/api/verify remote_ip=XYZ.XYZ.XYZ.XYZ

 

I tried several things in custom locations tab in NGINX Proxy Manager, but no luck yet.

Also tried proxy_intercept_errors off in advanced config.

 

Thanks in advance.

Hi @gizmerthanks for the feedback, glad to help. 

So yeah with the API stuff I'm going to do a video on that because it comes up a lot. Keep an eye on the YouTube channel and you'll see it come up if subscribed. I'll end up putting it here too

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.