authelia: Access to https://traefik.domain.co.nz/ is not authorized to user ,
Good Afternoon all. I have decided to setup Authelia for the first time today and I am having some problems
Whenever I try to visit traefik.domain.co.nz It immediately takes me to a 404 page (The URLchanges to https://login.domain.co.nz/#/?rd=https%3A%2F%2Ftraefik.domain.co.nz%2F ) I do not get a sign in page at all. When I view the logs of authelia I get the following
traefikv2_authelia.1.znyik5rqt1v7@Pi1 | time="2020-09-29T22:49:53-04:00" level=info msg="Logging severity set to debug"
traefikv2_authelia.1.znyik5rqt1v7@Pi1 | time="2020-09-29T22:49:53-04:00" level=debug msg="Storage schema is being checked to verify it is up to date"
traefikv2_authelia.1.znyik5rqt1v7@Pi1 | time="2020-09-29T22:49:53-04:00" level=debug msg="Storage schema is up to date"
traefikv2_authelia.1.znyik5rqt1v7@Pi1 | time="2020-09-29T22:49:53-04:00" level=info msg="Authelia is listening for non-TLS connections on 0.0.0.0:9091"
traefikv2_authelia.1.znyik5rqt1v7@Pi1 | time="2020-09-29T22:50:48-04:00" level=info msg="Access to https://traefik.domain.co.nz/ is not authorized to user , redirecting to https://login.domain.co.nz/#/?rd=https%3A%2F%2Ftraefik.domain.co.nz%2F" method=GET path=/api/verify remote_ip=10.0.0.28
Here are my configs
traefik.yml
version: "3.8"
secrets:
AUTHELIA_JWT_SECRET:
file: "/var/data/config/secrets/authelia_jwt_secret.secret"
AUTHELIA_SESSION_SECRET:
file: "/var/data/config/secrets/authelia_session_secret.secret"
services:
traefik:
image: traefik:latest
ports:
- "80:80"
- "8080:8080" # traefik dashboard
- "443:443"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/data/config/traefikv2:/etc/traefik
networks:
- traefik_public
deploy:
labels:
- "traefik.docker.network=traefik_public"
- "traefik.http.routers.api.rule=Host(`traefik.domain.co.nz`)"
- "traefik.http.routers.api.service=api@internal"
- "traefik.http.services.api.loadbalancer.server.port=9999"
- "traefik.http.routers.api.middlewares=forward-auth@file"
authelia:
image: authelia/authelia
secrets:
- AUTHELIA_JWT_SECRET
- AUTHELIA_SESSION_SECRET
environment:
- TZ=America/New_York
networks:
- traefik_public
ports:
- 9091:9091
volumes:
- /var/data/config/authelia:/config
labels:
- "traefik.enable=true"
- "traefik.http.routers.authelia.entrypoints=https"
- "traefik.http.routers.authelia.rule=Host(`login.domain.co.nz`)"
- "traefik.http.services.authelia.loadbalancer.server.port=9091"
- "traefik.http.routers.authelia.tls=true"
networks:
traefik_public:
external: true
My middleware
middlewares:
forward-auth:
forwardAuth:
address: "http://authelia:9091/api/verify?rd=https://login.domain.co.nz/"
trustForwardHeader: true
authResponseHeaders:
- "Remote-User"
- "Remote-Groups"
Authelia configuration
host: 0.0.0.0
port: 9091
log_level: debug
jwt_secret: xxx
totp:
issuer: authelia.com
period: 30
skew: 1
authentication_backend:
file:
path: /config/users_database.yml
access_control:
default_policy: two_factor
rules:
- domain: "login.domain.co.nz"
policy: bypass
# - domain: "*.domain.co.nz"
# policy: bypass
# networks:
# - 10.0.0.28
- domain: "*.domain.co.nz"
policy: two_factor
session:
name: authelia_session
secret: xxx
expiration: 3600
inactivity: 300
domain: domain.co.nz
regulation:
max_retries: 3
find_time: 120
ban_time: 300
storage:
local:
path: /config/db.sqlite3
notifier:
filesystem:
filename: /config/notification.txt
If I uncomment the network bypass im able to visit the site normally. Does anyone know why it wont let me connect to the login page?
Thanks
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 26 (10 by maintainers)
The solution was to change
to