If you’ve followed any of my self-hosted headscale with Podman series, I wrote up another “bonus” post talking about OIDC configuration with Authelia. Took some trial and error, so I figured I’d document it in the public notebook.
If you’ve followed any of my self-hosted headscale with Podman series, I wrote up another “bonus” post talking about OIDC configuration with Authelia. Took some trial and error, so I figured I’d document it in the public notebook.
Thanks for sharing this. I have been using Authelia to provide forward auth in a Traefik cluster and have not ever really gotten OIDC to work yet. It’s kind of just a little hobby project but I’d like to know how to do it.
The OIDC settings in the Authelia config reference were the most nebulous to me, but they weren’t entirely stumping. The hard part was interpreting whether my errors stemmed from an issue on the client application side or on the Authelia side.
I would imagine you could likely extend the config snippets from my post to work in your situation with a few tweaks. The big lift, the OIDC provider is covered, so I’d be curious to hear what else you have to tweak!
I am doing something similar. I use OIDC for everything possible.
Authelia is quite picky about everything being correctly populated, but if I remember right, the documentation doesn’t do a great job of explaining different variables for someone outside of the security industry (similar with traefik). I found a good tutorial via search that got all of the defaults set up, then playing with the options to my liking and now it is just copy pasting the condiguration per app that I want to enable, generating an key and hashing it.
If you want, I can sanitize my config and share it?
I’ve tried and failed with authelia a few times. Be interested in seeing how others have it configured, if you could link the tutorial you used too that’d be awesome. Maybe I’ll have luck this time
I’d also like that please if you get around to it. It’s been on my backlog for a while now.