starred/authelia-admin
1
0
Fork 0
mirror of https://github.com/asalimonov/authelia-admin.git synced 2026-04-25 22:55:52 +03:00
Code Issues 16 Projects Releases 6 Packages Wiki Activity

[GH-ISSUE #35] Add support of Authelia with PostgreSQL #87

New issue
Closed
opened 2026-02-27 12:33:02 +03:00 by kerem · 9 comments
kerem commented 2026-02-27 12:33:02 +03:00
Owner
Copy link

Originally created by @asalimonov on GitHub (Dec 6, 2025).
Original GitHub issue: https://github.com/asalimonov/authelia-admin/issues/35

The current version supports only Authelia with SQLite.

We are waiting request for it or PR from someone.

Originally created by @asalimonov on GitHub (Dec 6, 2025). Original GitHub issue: https://github.com/asalimonov/authelia-admin/issues/35 The current version supports only Authelia with SQLite. We are waiting request for it or PR from someone.
kerem 2026-02-27 12:33:02 +03:00
kerem commented 2026-03-15 02:23:32 +03:00
Author
Owner
Copy link

@hugosxm commented on GitHub (Dec 6, 2025):

That would be a super usefull feature for people running authelia in HA inside kubernetes with postgres !

<!-- gh-comment-id:3620610156 --> @hugosxm commented on GitHub (Dec 6, 2025): That would be a super usefull feature for people running authelia in HA inside kubernetes with postgres !
kerem commented 2026-03-15 02:23:37 +03:00
Author
Owner
Copy link

@asalimonov commented on GitHub (Dec 6, 2025):

That would be a super usefull feature for people running authelia in HA inside kubernetes with postgres !

Got it. Will try to find some time on the next week. We don't have test stands with Authelia+PostgreSQL. So, it would be good to find someone who can use image(s) from week to month under some load to determine stability.

<!-- gh-comment-id:3620869544 --> @asalimonov commented on GitHub (Dec 6, 2025): > That would be a super usefull feature for people running authelia in HA inside kubernetes with postgres ! Got it. Will try to find some time on the next week. We don't have test stands with Authelia+PostgreSQL. So, it would be good to find someone who can use image(s) from week to month under some load to determine stability.
kerem commented 2026-03-15 02:23:42 +03:00
Author
Owner
Copy link

@joszz commented on GitHub (Jan 5, 2026):

Also interested in this.
I run authelia with a postgresql database here 😊

<!-- gh-comment-id:3712160884 --> @joszz commented on GitHub (Jan 5, 2026): Also interested in this. I run authelia with a postgresql database here 😊
kerem commented 2026-03-15 02:23:47 +03:00
Author
Owner
Copy link

@asalimonov commented on GitHub (Jan 16, 2026):

Sorry guys for the delay.
Adding PosgreSQL means adding of integration tests. I will try to implement something simple and quite reliable for such purpose, for example Testcontainers.

<!-- gh-comment-id:3761990872 --> @asalimonov commented on GitHub (Jan 16, 2026): Sorry guys for the delay. Adding PosgreSQL means adding of integration tests. I will try to implement something simple and quite reliable for such purpose, for example Testcontainers.
kerem commented 2026-03-15 02:23:52 +03:00
Author
Owner
Copy link

@asalimonov commented on GitHub (Feb 8, 2026):

@joszz , @hugosxm, I added support of PostgreSQL and e2e test to avoid regressions.
You can try it with docker image ghcr.io/asalimonov/authelia-admin:v1.0.0.

<!-- gh-comment-id:3867777252 --> @asalimonov commented on GitHub (Feb 8, 2026): @joszz , @hugosxm, I added support of PostgreSQL and e2e test to avoid regressions. You can try it with docker image `ghcr.io/asalimonov/authelia-admin:v1.0.0`.
kerem commented 2026-03-15 02:23:57 +03:00
Author
Owner
Copy link

@joszz commented on GitHub (Feb 8, 2026):

I'm not really sure what's going on but I get a not found response on the root and /auth_admin/ (I use a reverse proxy setup, but tried different approaches in order to reach it).
The docker logs seem to be ok, and it seems to connect to Postgres (I had to change Authelia to not use the unix socket, which I had configured);

listening on http://0.0.0.0:9093
2026-02-08T21:46:26.334Z [DEBUG] [database] Using PostgreSQL database: postgresql:5432/xxx
2026-02-08T21:46:26.350Z [DEBUG] [database] PostgreSQL pool created: postgresql:5432/xxx

When I open a terminal on the container and try to curl http://0.0.0.0:9093/auth_admin/, I get the same response (bit strange that it's not just on the root?). Also tried http://0.0.0.0:9093/
Might be me doing something wrong, but everything seems ok.

<!-- gh-comment-id:3868368859 --> @joszz commented on GitHub (Feb 8, 2026): I'm not really sure what's going on but I get a not found response on the root and /auth_admin/ (I use a reverse proxy setup, but tried different approaches in order to reach it). The docker logs seem to be ok, and it seems to connect to Postgres (I had to change Authelia to not use the unix socket, which I had configured); > listening on http://0.0.0.0:9093 > 2026-02-08T21:46:26.334Z [DEBUG] [database] Using PostgreSQL database: postgresql:5432/xxx > 2026-02-08T21:46:26.350Z [DEBUG] [database] PostgreSQL pool created: postgresql:5432/xxx When I open a terminal on the container and try to curl http://0.0.0.0:9093/auth_admin/, I get the same response (bit strange that it's not just on the root?). Also tried http://0.0.0.0:9093/ Might be me doing something wrong, but everything seems ok.
kerem commented 2026-03-15 02:24:02 +03:00
Author
Owner
Copy link

@asalimonov commented on GitHub (Feb 9, 2026):

@joszz ,
Try /auth-admin/ not /auth_admin/.

Don't forget that the app should be on the same domain as Authelia. So, check value of AAD_AUTHELIA_DOMAIN env variable for authelia-admin container or authelia.domain in config.yml in case of configuration via file.
The repository contains example of deployment with PostgreSQL - https://github.com/asalimonov/authelia-admin/blob/main/docker-compose.test-pg.yml. Use it as a reference.

<!-- gh-comment-id:3869677252 --> @asalimonov commented on GitHub (Feb 9, 2026): @joszz , Try `/auth-admin/` not `/auth_admin/`. Don't forget that the app should be on the same domain as Authelia. So, check value of `AAD_AUTHELIA_DOMAIN` env variable for authelia-admin container or `authelia.domain` in config.yml in case of configuration via file. The repository contains example of deployment with PostgreSQL - https://github.com/asalimonov/authelia-admin/blob/main/docker-compose.test-pg.yml. Use it as a reference.
kerem commented 2026-03-15 02:24:07 +03:00
Author
Owner
Copy link

@joszz commented on GitHub (Feb 9, 2026):

I will have to tinker further. I have many questions such as;

  • You say "Authelia needs to be on the same domain". It is, but the subdomains differ between admin and authelia. I suppose this shouldn't mather. And ideally I would like it this way.
  • AAD_AUTHELIA_DOMAIN is set to the FQDN (domain/subdomain) of authelia
  • I find it strange that the project is not served from root but from /auth-admin/. My proxy can solve this, but I don't see the reason? Unless this has to be under the FQDN of authelia (so meaning the domain AND the subdomain need to be the same) for reasons I don't grasp yet.
  • I mistakenly wrote "auth_admin", I tested with "auth-admin". When I try to access this, the lines beneath are logged. Both accessing it within the container and from my reverse proxy setup (which is a good sign, since the proxy seems not to be the cause, it shouldn't be cause I use that for 30+ other containers which all behave fine).

[500] GET /auth-admin/
Error: Failed to load configuration: EISDIR: illegal operation on a directory, read
at file:///app/build/server/chunks/factory-DLbvOYMG.js:1039:13
at async ensureConfigLoaded (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:335:14)
at async authHandle (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:352:21)
at async fn (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:116:13)
at async paraglideMiddleware (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:311:20)
at async fn (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:116:13)
at async fn (file:///app/build/server/chunks/index-BFPJY4J2.js:5995:16)
at async internal_respond (file:///app/build/server/chunks/index-BFPJY4J2.js:5977:22)
at async Array.ssr (file:///app/build/handler.js:1309:3)

Before when PostgreSQL was not integrated yet I was able to get the dashboard to show. Dunno what changed, or what else I might be doing wrong here.
For sure I can tell that the current implementation is not able to use PostgreSQL through the unix socket. It only works through TCP (but I guess a minor issue, getting it to work as intended is a bigger concern for me atm :))

---EDIT---
So forcing everything on one FQDN (both admin and authelia) and fixing a broken config got me past this error.
I'm now running into an access denied. that's probably something on the authelia side of things.
I'm not too stoked about admin sitting in the same FQDN, since it hinders my ability to secure things better (a bit complicated setup with CF, Traefik etc). Ideally it would have it's own FQDN, so I can make it accessible only within certain networks, and not expose globally, which I do want for authelia (but not for admin).

I'm willing to test things further, but I'm still a bit confused about the intended setup, especially having the requirement to sit on the same FQDN as authelia. I will try a bit more and see where I end up. Any insights in the mean time are appreciated :)

<!-- gh-comment-id:3871716390 --> @joszz commented on GitHub (Feb 9, 2026): I will have to tinker further. I have many questions such as; - You say "Authelia needs to be on the same domain". It is, but the subdomains differ between admin and authelia. I suppose this shouldn't mather. And ideally I would like it this way. - AAD_AUTHELIA_DOMAIN is set to the FQDN (domain/subdomain) of authelia - I find it strange that the project is not served from root but from /auth-admin/. My proxy can solve this, but I don't see the reason? Unless this has to be under the FQDN of authelia (so meaning the domain AND the subdomain need to be the same) for reasons I don't grasp yet. - I mistakenly wrote "auth_admin", I tested with "auth-admin". When I try to access this, the lines beneath are logged. Both accessing it within the container and from my reverse proxy setup (which is a good sign, since the proxy seems not to be the cause, it shouldn't be cause I use that for 30+ other containers which all behave fine). > [500] GET /auth-admin/ > Error: Failed to load configuration: EISDIR: illegal operation on a directory, read > at file:///app/build/server/chunks/factory-DLbvOYMG.js:1039:13 > at async ensureConfigLoaded (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:335:14) > at async authHandle (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:352:21) > at async fn (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:116:13) > at async paraglideMiddleware (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:311:20) > at async fn (file:///app/build/server/chunks/hooks.server-DBO3oAXh.js:116:13) > at async fn (file:///app/build/server/chunks/index-BFPJY4J2.js:5995:16) > at async internal_respond (file:///app/build/server/chunks/index-BFPJY4J2.js:5977:22) > at async Array.ssr (file:///app/build/handler.js:1309:3) Before when PostgreSQL was not integrated yet I was able to get the dashboard to show. Dunno what changed, or what else I might be doing wrong here. For sure I can tell that the current implementation is not able to use PostgreSQL through the unix socket. It only works through TCP (but I guess a minor issue, getting it to work as intended is a bigger concern for me atm :)) ---EDIT--- So forcing everything on one FQDN (both admin and authelia) and fixing a broken config got me past this error. I'm now running into an access denied. that's probably something on the authelia side of things. I'm not too stoked about admin sitting in the same FQDN, since it hinders my ability to secure things better (a bit complicated setup with CF, Traefik etc). Ideally it would have it's own FQDN, so I can make it accessible only within certain networks, and not expose globally, which I do want for authelia (but not for admin). I'm willing to test things further, but I'm still a bit confused about the intended setup, especially having the requirement to sit on the same FQDN as authelia. I will try a bit more and see where I end up. Any insights in the mean time are appreciated :)
kerem commented 2026-03-15 02:24:12 +03:00
Author
Owner
Copy link

@asalimonov commented on GitHub (Feb 9, 2026):

You say "Authelia needs to be on the same domain". It is, but the subdomains differ between admin and authelia. I suppose this shouldn't mather. And ideally I would like it this way.

The same domain is needed to authenticate the user with Authelia cookies. authelia-admin checks this cookies and calls Authelia API to check the cookie and identify the user. Otherwise authelia-admin should be registered as separated OIDC application to follow authentication rules of Authelia.

Error: Failed to load configuration: EISDIR: illegal operation on a directory, read

Looks like the issue is in invalid path to configuration file of authelia-admin. Need to check this on logical error when all configs are env variables. Try to use example config.

For sure I can tell that the current implementation is not able to use PostgreSQL through the unix socket. It only works through TCP (but I guess a minor issue, getting it to work as intended is a bigger concern for me atm :))

Yep, unix sockets was not in a plan.

If you will face some issues - just create an issue for this repository. Would be grateful for feedback.

<!-- gh-comment-id:3873170018 --> @asalimonov commented on GitHub (Feb 9, 2026): >You say "Authelia needs to be on the same domain". It is, but the subdomains differ between admin and authelia. I suppose this shouldn't mather. And ideally I would like it this way. The same domain is needed to authenticate the user with Authelia cookies. authelia-admin checks this cookies and calls Authelia API to check the cookie and identify the user. Otherwise authelia-admin should be registered as separated OIDC application to follow authentication rules of Authelia. >Error: Failed to load configuration: EISDIR: illegal operation on a directory, read Looks like the issue is in invalid path to configuration file of authelia-admin. Need to check this on logical error when all configs are env variables. Try to use example config. >For sure I can tell that the current implementation is not able to use PostgreSQL through the unix socket. It only works through TCP (but I guess a minor issue, getting it to work as intended is a bigger concern for me atm :)) Yep, unix sockets was not in a plan. If you will face some issues - just create an issue for this repository. Would be grateful for feedback.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
fix/new-user-password-not-set
dependabot/npm_and_yarn/svelte-6535ca4039
dependabot/npm_and_yarn/vite-35a443a342
dependabot/npm_and_yarn/tailwind-97bcedbae3
dependabot/npm_and_yarn/types-054763cb3e
dependabot/npm_and_yarn/eslint-plugin-svelte-3.16.0
dependabot/npm_and_yarn/inlang/paraglide-js-2.15.1
dependabot/npm_and_yarn/typescript-eslint-8.57.1
dependabot/npm_and_yarn/yaml-2.8.3
dependabot/npm_and_yarn/sqlite3-6.0.1
dependabot/npm_and_yarn/serve-14.2.6
dependabot/github_actions/docker/metadata-action-6
dependabot/github_actions/docker/setup-buildx-action-4
dependabot/github_actions/docker/login-action-4
dependabot/github_actions/docker/build-push-action-7
feature/postgres
feature/playwright
feature/group-management
feature/i18n
feature/lldap-graphql
feauture/lldap-graphql
docs/license
bug/unhealthy-docker
v1.1.0
v1.0.0
v0.1.0
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

No labels
enhancement
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/authelia-admin#87
No description provided.