netbird: Keycloak 17.0.2: Direct device authentication not working
Hello there,
I set up erverything like described in the selfhosting guide with keycloak. I can login to the admin console with keycloak and can see Peers etc.
However, when I try to do a netbird up, it wont connect to the management service.
$ netbird up --management-url https://netbird-api.company.com/
WARN[2022-09-22T00:52:36+02:00] retrying Login to the Management service in 1.104660288s due to error rpc error: code = Unknown desc = context deadline exceeded
- Dashboard is runing under netbird.company.com
- API is running under netbird-api.company.com
I can curl the api from my machin:
$ curl https://netbird-api.compay.com/api/groups
The token isn't valid
About this issue
- Original URL
- State: open
- Created 2 years ago
- Comments: 18 (9 by maintainers)
Hey @pnowy We thought of adding Authentik to docker-compose. But Keycloak should be a good option as well. The alternative was to embed a very simple IdP implemented with Zitadel.
It is not required exposing the dashboard, but you will need to manage the SSL certificates on your own because Letsencrypt validates certs dynamically.
As for the HA availability. No advice in particular, but we planned that for Q1’23. We just refactored the storage interface to be able to embed HA storages.