[Support] IBRACORP - All images and files


218 posts in this topic Last Reply

Recommended Posts

  • Replies 217
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

Welcome to IBRACORP Support   = Support Us = Membership   Help support my work by subscribing to our site and our Youtube Channel. It's free with paid options. There are no fe

Thanks, Sycotix, for setting up this template and providing your writeup. This was super helpful to get me up and running behind the LSIO Letsencrypt container.   Just FYI, the section where

Thanks for the feedback and picking that up @kaiguy. You're very welcome. Wanted to help out whatever way I could.    I have amended the doco with the semicolon. I will also add the block/in

Posted Images

On 3/25/2021 at 12:29 PM, akshunj said:

Looks like Ghost 4 is out.  Any plans to upgrade the container?  It appears to be a major upgrade that requires a migration to the new version...  Thanks for a great container!

Latest update to Ghost pushes to v.4.  It will break the container. Please see this thread for how to correct.  You will need to remove the "migrations" and "migrations_lock" tables from your mariadb database.  More here:

https://forum.ghost.org/t/db-error-after-upgrading-to-v4/20921/6

 

And if you're not database saavy (like me), check this out for some step by step:

https://www.tutorialspoint.com/mariadb/mariadb_drop_tables.htm

Link to post

I tried setting up FreeIpa but am having some problems getting it to work with authelia. I followed the youtube guide and it looks like everything is installed ok. I have changed my authelia configuration as mentioned in the guide and I can log in to the freeipa webui. The only thing that I have done is created a new user.

 

But I always get "Invalid Credentials" after tying to log in using authelia.

this is the error message:
 

Quote

time="2021-04-23T06:50:19+02:00" level=debug msg="Mark authentication attempt made by user admin" method=POST path=/api/firstfactor remote_ip=<my_public_ip>
time="2021-04-23T06:50:19+02:00" level=error msg="Error while checking password for user admin: LDAP Result Code 49 \"Invalid Credentials\": " method=POST path=/api/firstfactor remote_ip=83.209.13.231 stack="github.com/authelia/authelia/internal/middlewares/authelia_context.go:64 (*AutheliaCtx).Error\ngithub.com/authelia/authelia/internal/handlers/response.go:112 handleAuthenticationUnauthorized\ngithub.com/authelia/authelia/internal/handlers/handler_firstfactor.go:103 FirstFactorPost.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.11/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.23.0/server.go:2207 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.23.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.23.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1371 goexit"

 

I also have another problem, when creating a new user and setting a password the password expires directly which is by desig after reading the FreeIPA doc. The user is supposed to reset the password on the first login and set a new password. But for some reason I also get Invalid credentials when trying to send the reset mail from authelia.
 

Quote

time="2021-04-23T06:36:26+02:00" level=error msg="LDAP Result Code 49 \"Invalid Credentials\": " method=POST path=/api/reset-password/identity/start remote_ip=<my_public_ip> stack="github.com/authelia/authelia/internal/middlewares/identity_verification.go:25 IdentityVerificationStart.func1\ngithub.com/authelia/authelia/internal/middlewares/authelia_context.go:49 AutheliaMiddleware.func1.1\ngithub.com/fasthttp/router@v1.3.11/router.go:414 (*Router).Handler\ngithub.com/authelia/authelia/internal/middlewares/log_request.go:14 LogRequestMiddleware.func1\ngithub.com/valyala/fasthttp@v1.23.0/server.go:2207 (*Server).serveConn\ngithub.com/valyala/fasthttp@v1.23.0/workerpool.go:223 (*workerPool).workerFunc\ngithub.com/valyala/fasthttp@v1.23.0/workerpool.go:195 (*workerPool).getCh.func1\nruntime/asm_amd64.s:1371 goexit"

 

Is this part correct "admin" method=POST path=/api/firstfactor remote_ip=<my_public_ip>" ? Should the post be sent from my external/public ip ? And could it be the cause of the problems ?

Edited by Cliff
Link to post

I had Authelia set up and running with LDAP (FreeIPA). However after having my server down for last few weeks due to a house move it wont start. I get the error:

level=error msg="invalid configuration key 'authentication_backend.ldap.skip_verify' was replaced by 'authentication_backend.ldap.tls.skip_verify'"

Any suggestions on how to resolve this?

Link to post

I got an error too , little bit different

 

level=error msg="invalid configuration key 'notifier.smtp.disable_verify_cert' was replaced by 'notifier.smtp.tls.skip_verify'"

 

Link to post
7 hours ago, zognic said:

I got an error too , little bit different

 


level=error msg="invalid configuration key 'notifier.smtp.disable_verify_cert' was replaced by 'notifier.smtp.tls.skip_verify'"

 

You need to use latest configuration.yml on my Git or the official Git. Mine has FreeIPA LDAP otherwise either will work. 

Link to post
Posted (edited)

Hi, i'm following IBRACORP's videos on the configuring Authelia, and am hitting an issue similar to that reported by another user in this thread.

Quote

time="2021-05-04T19:57:11-07:00" level=error msg="Error malformed yaml: line 216: did not find expected key"

 

the file stanza starts on line 217

 

  ##Line 216
   file:
     path: /config/users_database.yml
     password:
       algorithm: argon2id
       iterations: 1
       key_length: 32
       salt_length: 16
       memory: 1024
       parallelism: 8

 

and the obfuscated users_database.yml file

cat users_database.yml
users:
  <username>:
    displayname: "<name>"
    password: "$argon2i$v=19$m=1024,t=1,p=<hash>"
    email: <email>
    groups:
      - admins
      - dev

 

Not quite sure whats going wrong. Please let me know if you have any thoughts!

Edited by mmwilson0
Link to post

Wasn't sure where to post this. Ibracorps Discord isn't letting me message there . . . but that's a separate issue.

 

I'm following the Atomic Moves video and got to the part where I'm allocating ports on qbittorrent - 8080 is already in use by sabnbzdvpn so no idea how to proceed. I realise I obviously don't know what 'port allocation' really means or I'd be able to figure it out. Maybe.

 

Can I just use any port number not currently used,  so kinda pick one at random?

Does it matter that a torrent and a usenet container share the same port? I notice that sabnzbdvpn has several other ports . . . I'm really just following the tutorial and jumping through hoops, and generally make little use of torrents, but I don't want to do something dumb now that I'll forget about in a couple of weeks (days if I'm honest) !!

 

I have created a 'custom' docker network if that makes any difference?

 

If any one can also point me at a tutorial or info that explains docker port allocations at a high level then very happy to learn something.

Link to post

@awediohead not sure why discord isn't letting you chat? I'll look into it. 

 

To answer your question, if the port is already in use by different app just use a random one one digit up or down if you like. 

 

It can't be the same one because the other app is using it and unraid won't let you anyway. 

Link to post
On 4/22/2021 at 9:58 PM, Cliff said:

I tried setting up FreeIpa but am having some problems getting it to work with authelia. I followed the youtube guide and it looks like everything is installed ok. I have changed my authelia configuration as mentioned in the guide and I can log in to the freeipa webui. The only thing that I have done is created a new user.

 

Did you resolve this? I am having the same issue. I switched from password to LDAP with FreeIPA. i followed the ibracorp LDAP video and copied over the LDAP configs from the git repo, and commented out the password file configurations.

 

In freeIPA i have basically set it up, created an admin user and a non-admin user (ipausers group), the latter i would like to use to log in to authelia. Do i have to do any configurations in FreeIPA so that this will work?

Link to post
  • 2 weeks later...
On 5/5/2021 at 5:54 AM, mmwilson0 said:

Hi, i'm following IBRACORP's videos on the configuring Authelia, and am hitting an issue similar to that reported by another user in this thread.

 

the file stanza starts on line 217

 


  ##Line 216
   file:
     path: /config/users_database.yml
     password:
       algorithm: argon2id
       iterations: 1
       key_length: 32
       salt_length: 16
       memory: 1024
       parallelism: 8

 

and the obfuscated users_database.yml file


cat users_database.yml
users:
  <username>:
    displayname: "<name>"
    password: "$argon2i$v=19$m=1024,t=1,p=<hash>"
    email: <email>
    groups:
      - admins
      - dev

 

Not quite sure whats going wrong. Please let me know if you have any thoughts!

Same problem as you, did you find any solution?

Link to post
12 hours ago, mmwilson0 said:

Nope ☹️ Ive just powered off the freeipa VM for now. Need to revisit it and try again

Probably something we´ve overlooked :) I´ll let you know if i find a solution, would appreciate if you did the same. Maybe @Sycotix have some time over and takes a look :)

Link to post
  • 3 weeks later...
Posted (edited)

I have some prolems with authelia. Whenever I try to go to my auth.domain.com I get a white screen and no change in my authelia logs. If I go to a domain that I have set to bypass it seems to work and I get some activity in the logs. I have another subdomain with one_factor where I also get a white screen when accessing, however here I get some logs.

 

level=info msg="Access to [REDACTED] (method unknown) is not authorized to user <anonymous>, sending 401 response" method=GET path=/api/verify remote_ip=[REDACTED]

 

 

I haven't been able to replicate it but somethimes I get this error message in my logs

 

error when serving connection "172.18.0.8:9091"<->"172.18.0.1:38846": error when reading request headers: EOF. Buffer size=194, contents: "\x16\x03\x01\x00\xbd\x01\x00\x00\xb9\x03\x03\u0084\xf4<\xb5\xa8\xaaB '\xe1\xf3͔\xb7\xd5\xd8g7z`\r\x05瑫\xd2[\xb3Iҷ\x00\x008\xc0,\xc00\x00\x9f̨̩̪\xc0+\xc0/\x00\x9e\xc0$\xc0(\x00k\xc0#\xc0'\x00g\xc0\n\xc0\x14\x009\xc0\t\xc0\x13\x003\x00\x9d\x00\x9c\x00=\x00<\x005\x00/\x00\xff\x01\x00\x00X\x00\v\x00\x04\x03\x00\x01\x02\x00\n\x00\f\x00\n\x00\x1d\x00\x17\x00\x1e\x00\x19\x00\x18\x00#\x00\x00\x00\x16\x00\x00\x00\x17\x00\x00\x00\r\x000\x00.\x04\x03\x05\x03\x06\x03\b\a\b\b\b\t\b\n\b\v\b\x04\b\x05\b\x06\x04\x01\x05\x01\x06\x01\x03\x03\x02\x03\x03\x01\x02\x01\x03\x02\x02\x02\x04\x02\x05\x02\x06\x02"

 

Could it have to do with the default buffer sizes in "Authelia Portal.conf" or "Protected Endpoint.conf"? It says "Buffer size=194" but both those files have buffers if I read it correctly. PS is there a good reasource to lean more about this as I don't really understand what is going into these files?

 

From my configuration.yml

access_control:
  ## Default policy can either be 'bypass', 'one_factor', 'two_factor' or 'deny'. It is the policy applied to any
  ## resource if there is no policy to be applied to the user.
  default_policy: deny # Always set to deny
  
  rules:
    # Rules applied to everyone
    - domain: [REDACTED]
      policy: bypass

    - domain: [REDACTED]
      policy: bypass

    - domain: [REDACTED]
      policy: one_factor

    - domain: [REDACTED]
      policy: two_factor

 

 

From "Authelia Portal.conf":

client_body_buffer_size 128k;

proxy_buffers 64 256k;

 

From "Protected Endpoint.conf":

client_body_buffer_size 128k;

proxy_buffers 4 32k;

 

The weird thing is that it has been working and now after I have woken up it does not work? Any help is much appreciated and if there is any information I need to provide please let me know.

Edited by JustAnotherGuy1324
Link to post

I've tried setting up Authelia following the deep dive video and I'm having an issue. Ive managed to get to the point where the container starts up with no errors in the log, however when I try to open the web UI I get the following in my browser:

 

image.thumb.png.f5091db04fa5edade6d32ec7b928bffd.png

 

I'm using File notifications and there is absolutely nothing in the notification.txt file. Any ideas?

 

Thanks.

Link to post
1 hour ago, Lumpy_BD said:

I've tried setting up Authelia following the deep dive video and I'm having an issue. Ive managed to get to the point where the container starts up with no errors in the log, however when I try to open the web UI I get the following in my browser:

 

image.thumb.png.f5091db04fa5edade6d32ec7b928bffd.png

 

I'm using File notifications and there is absolutely nothing in the notification.txt file. Any ideas?

 

Thanks.

 

Lumpy_BD I think we might have the same underlying problem. I will look into it again later today as I believe there is something wrong with some of the text-files for nginx. 

Link to post

I am using Authelia together with Nginx Proxy Manager. Both are installed with Docker containers on the same host. I have got the setup working with most of my services, but for some reason when trying to get it to work with VSCode (using linuxserver/code-server) I only get a white/blank screen after login. Anyone have any tip as to what might be wrong? I am using the same endpoint configuration for all the services just changing out the address and port number. I have no trouble with VSCode when not behind Authelia.

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.