from abeorch@friendica.ginestes.es to selfhosted@lemmy.world on 16 Jun 08:00
https://friendica.ginestes.es/objects/0a49108d-136a-3102-ac07-de0035366358
- I’m new to #Authentik - I’ve just spun up a test instance and tried to connect my first application (#Postiz) but I’m kind of stuck.
I’ve installed both Postiz and Authentik using Docker Compose - as provided by the relevant apps.
As far as #Authentik goes it looks like its approving authentication requests (its showing successes in the GUI) but the application just returns to the login screen without progressing.
One thing that I found was that within the configuration of the Application and Provider one URL provided by Authentik is the /application/o/postiz/.well-known/openid-configuration which lists several URLs used by the application - one is /application/o/authorize/ but unlike all the others this returns a 404 error when I try to load it via the browser.
I am struggling to work out if - this URL should 404 should occur and also how to diagnose what the problem is.
I’ve popped messages in their relevant Discord forums but any ideas or input would be greatly appreciated - I’m figuring getting Authentik is going to be key to getting other applications going.
threaded - newest
I moved away from authentik for void-auth: github.com/voidauth/voidauth
Life is so much better…
If you don’t mind me asking, what made you go with VoidAuth vs Authelia or something else entirely?
I’m in a similar boat as OP and while VoidAuth looks very promising I’m put off a little by the young age and size of the project.
I tried literally every mature option and they all were ridiculously complicated or just straight didn’t work for me. Voidauth just works. One container. Does everything you need to offer SSO for your users, and secures apps that don’t use SSO just as easily with proxyauth.
This!
Any particular reason for Authentik? I found it very resource hungry and slow. PocketId on the other hand, is super lightweight and fast
I feel the same, at least for a homelab. It’s very feature rich though.
For that reason I switched to Keycloak. It seems a lot faster.
I have self hosted for years using Authentik and have 50 + services. Postiz has been one of the most challenging to spin up and maintain. The documentation is not up to date, the software is constantly changing and I had to tweak lots to get it to work. Even now, it seems to crash after a few days and haven’t had the chance to investigate. All these posts I set up didn’t go through and now if I turn it back on, it’ll release them all in one go before I can get in to stop it, or have to revert to a fresh install…
The vast majority of services and not like this so don’t get disheartened! Try some other ones first them come back to this when more experienced. I recommend Bento PDF, ConvertX, outline wiki, vikunja and immich (if you have the storage space).
At first, try to stick to software on Authentik’s guides (integrations.goauthentik.io). Once you do a few OIDC and forward proxy services you’ll get the hang of it.
When I get a chance I’ll share my docker compose SSO settings and authentik redirect uri that worked for me with the caveat that the software crashes for some reason.
@brewery A specific question - Does your Authorise URL for Postiz return a 404 when you load it via a browser? Is it /application/o/authorize/ ? because that seems oddly non-specific for a specific application...