Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    mikhail
    @mikhail:mehome.dev
    [m]
    if it finds nothing => default_policy
    James
    @james:authelia.com
    [m]
        - domain:
            - "*.domain.com"
            - "domain.com"
          policy: two_factor
    That rule makes all subsequent rules implicitly ignored
    Yep, first rule that matches a request is applied.
    Just like firewalls
    mikhail
    @mikhail:mehome.dev
    [m]
    Calan0n: for your config: just set the default_policy to two_factor
    access_control:
      default_policy: two_factor
      rules:
        - domain: "*"
          policy: bypass
          networks:
            - 192.168.1.0/24
        - domain: radarr.domain.com
          resources:
            - '^/api([?/].*)?$'
          policy: bypass
        - domain: sabnzbd.domain.com
          resources:
            - '^/api([?/].*)?$'
          policy: bypass
    Calan0n#4708
    @_discord_795033081592414208:t2bot.io
    [m]
    @Mikhail James it works perfect
    how do i make an account in duo.com
    mikhail
    @mikhail:mehome.dev
    [m]
    wtweeku
    @wtweeku:matrix.org
    [m]
    1 reply
    why does it need all of this info?
    wtweeku
    @wtweeku:matrix.org
    [m]
    sick
    jaen
    @jaen:matrix.org
    [m]
    Hi, how hard would it be to get authelia/authelia#2845 (or similar) in? I'm especially interested in the invite-only mode (kind of makes me want to try Authentik, but then I remember it doesn't have as good configurability via config files as Authelia has). My knowledge of go is mostly limited to "it's just C with a garbage collector and CPS, what's the big deal", I've done a fix or two to traefik.
    tweek
    @wtweeku:matrix.org
    [m]
    i managed to get it to work with authelia
    it's awesome
    i wish there something foss like it tho
    1 reply
    Astral#0524
    @_discord_247176974164819968:t2bot.io
    [m]
    Just know duo is optional
    Southpaw1496#1397
    @_discord_349852668812066817:t2bot.io
    [m]

    Hi

    I'm wondering if Authelia would be appropriate for my use-case, or if I should look for something else:

    Basically, I have a few servers on my home network containing things that I might want to access over the internet, but since exposing things on your home network to the internet is a terrible idea, I'm going to use Cloudflare Tunnels to secure them. Tunnels is part of Cloudflare's Zero Trust offering, which also seems to be able to lock webpages behind a login gate for extra security, however, because it's designed for enterprise, it only supports SSO systems. After giving up on Keycloak, I found Authelia and noticed it has OpenID support, however, looking at the documentation it seems that my use-case might not be an intended one. But would it work?

    I have realised that I could forgo Cloudflare's authentication altogether and just use Authelia to secure everything, but would Authelia work with Cloudflare's system as well?

    2 replies
    Astral#0524
    @_discord_247176974164819968:t2bot.io
    [m]
    There's someone here that has that setup
    With CF's auth passing over to Authelia
    Southpaw1496#1397
    @_discord_349852668812066817:t2bot.io
    [m]
    Well, that's a good start then
    tweek
    @wtweeku:matrix.org
    [m]
    someday..
    James
    @james:authelia.com
    [m]
    DUO is one of the more respected ones in the industry though, they do offer a lot of open source projects as part of their security labs research
    Just not the duo backend itself
    In addition most people find Authelia averages 15-35mb of RAM (I see about 20 most days), and an average of 0.01% CPU utilization.
    Ornias#9313
    @_discord_181665085700308993:t2bot.io
    [m]

    Folks, the recent changes of openidc seems to have broken the nextcloud connection I had...

    what are the required changes away from previous setup to... like... not break?

    Maybe we can add it to the docs, so there is a functional basic example for nextcloud-oidc-login setup?

    James
    @james:authelia.com
    [m]
    Maybe supply your config, logs, version, etc. We're not mind readers. As far as the docs I believe the new docs have a nexcloud community doc, which should suffice, otherwise anyone can PR one and/or changes.
    Specifically version you had no issues on and version you had issues on
    2 replies
    tweek
    @wtweeku:matrix.org
    [m]
    1 reply
    this is for bitwarden (vaultwarden)
    it didn't work however
    msg="Access to https://pw.example.com/identity/connect/token (method POST) is not authorized to user <anonymous>, responding with status code 401" method=GET path=/api/verify remote_ip=x
    tweek
    @wtweeku:matrix.org
    [m]
    nice!
    thank you
    that did it
    .opp/pok3/auth/role/.blight#0179
    @_discord_722035298304786508:t2bot.io
    [m]
    hello guys, need some guide here

    after i register my phone with google auth, somehow i notice something

    • otp time expired is different about 5 second or more
    • register device ( with google auth ) is working, but when i enter the code, it says password might be wrong

    and if i check documentation, it seems not well documented about how this setup this authentication method

    has anyone working this out ?
    log
    .opp/pok3/auth/role/.blight#0179
    @_discord_722035298304786508:t2bot.io
    [m]
    oke so i manage using aegis, and it works well, and i dont know why google auth is not working
    James
    @james:authelia.com
    [m]
    What are your TOTP settings?
    .opp/pok3/auth/role/.blight#0179
    @_discord_722035298304786508:t2bot.io
    [m]
    totp:
    issuer: domain.com
    period: 60
    skew: 1
    James
    @james:authelia.com
    [m]
    Google Authenticator must only support a period of 30
    In Google Authenticator does it appear to be 60 or 30s?
    Google Authenticator: 30 seconds only - 6 or 8 digits
    Only thing it lets you customize is the digits to 6 or 8, everything else it silently ignores
    3 replies