starred/authelia-admin
1
0
Fork 0
mirror of https://github.com/asalimonov/authelia-admin.git synced 2026-04-25 14:45:56 +03:00
Code Issues 16 Projects Releases 6 Packages Wiki Activity

[GH-ISSUE #77] qquestion about installation #96

New issue
Closed
opened 2026-02-27 12:33:10 +03:00 by kerem · 1 comment
kerem commented 2026-02-27 12:33:10 +03:00
Owner
Copy link

Originally created by @Kleo08s on GitHub (Feb 23, 2026).
Original GitHub issue: https://github.com/asalimonov/authelia-admin/issues/77

hello! i'm having issues with the installation.
currently i'm using portainer and i made a stack with this docker compose:

networks:
  authelia:
    external: true
    name: authelia

services:
  authelia:
    networks:
      authelia:
        aliases:
          - authelia
    depends_on:
      - lldap
    image: 'docker.io/authelia/authelia:4.39.6'
    container_name: 'authelia'
    restart: unless-stopped
    ports:
      - "9091:9091"
    volumes:
      - 'authelia:/config'
      - 'authelia:/data'
      - '/var/log/authelia:/var/log/authelia'
    environment:
      - TZ=Europe/Rome
      - AUTHELIA_LOG_LEVEL=debug
      - AUTHELIA_LOG_FORMAT=json
      - AUTHELIA_LOG_FILE_PATH=/var/log/authelia/authelia.log
      - AUTHELIA_LOG_KEEP_STDOUT=true
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:9091/api/health"]
      interval: 30s
      timeout: 10s
      retries: 3

  authelia-admin:
    networks:
      authelia:
    depends_on:
      - authelia
    image: 'ghcr.io/asalimonov/authelia-admin:latest'
    ports:
      - "9093:9093"
    container_name: 'authelia-admin'
    restart: no
    volumes:
      - 'authelia:/config'
      - 'authelia:/data'
    environment:
      - TZ=Europe/Rome
      - NODE_TLS_REJECT_UNAUTHORIZED=0
      - AAD_AUTHELIA_MIN_AUTH_LEVEL=1
      - AAD_AUTHELIA_DOMAIN=authadmin.kleo08s.lol
      - TRUSTED_ORIGINS=https://auth.kleo08s.lol
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "https://auth.kleo08s.lol"]
      interval: 30s
      timeout: 10s
      retries: 3

  traefik:
    image: "docker.io/traefik:latest"
    networks:
      authelia:
        aliases:
          - auth.localhost.test
    container_name: "traefik"
    restart: "unless-stopped"
    extra_hosts:
      - "host.docker.internal:host-gateway"
    command:
      - "--configfile=/etc/traefik/traefik.yml"
    ports:
      - "0.0.0.0:443:443"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
      - "./test-configs/traefik:/etc/traefik"
      - "./test-configs/traefik/FileProvider:/FileProvider"
      - "/var/log/traefik:/var/log/traefik"

volumes:
  authelia:
    external: true

also i exposed http://localhost:9091 to auth.example.com using cloudflare tunnels
since i'm dumb if anyone can teach me how to configure correctly this so both auth.example.com and auth.example.com/auth-admin works correctly would mean a lot, thanks :)

Originally created by @Kleo08s on GitHub (Feb 23, 2026). Original GitHub issue: https://github.com/asalimonov/authelia-admin/issues/77 hello! i'm having issues with the installation. currently i'm using portainer and i made a stack with this docker compose: ```yml networks: authelia: external: true name: authelia services: authelia: networks: authelia: aliases: - authelia depends_on: - lldap image: 'docker.io/authelia/authelia:4.39.6' container_name: 'authelia' restart: unless-stopped ports: - "9091:9091" volumes: - 'authelia:/config' - 'authelia:/data' - '/var/log/authelia:/var/log/authelia' environment: - TZ=Europe/Rome - AUTHELIA_LOG_LEVEL=debug - AUTHELIA_LOG_FORMAT=json - AUTHELIA_LOG_FILE_PATH=/var/log/authelia/authelia.log - AUTHELIA_LOG_KEEP_STDOUT=true healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:9091/api/health"] interval: 30s timeout: 10s retries: 3 authelia-admin: networks: authelia: depends_on: - authelia image: 'ghcr.io/asalimonov/authelia-admin:latest' ports: - "9093:9093" container_name: 'authelia-admin' restart: no volumes: - 'authelia:/config' - 'authelia:/data' environment: - TZ=Europe/Rome - NODE_TLS_REJECT_UNAUTHORIZED=0 - AAD_AUTHELIA_MIN_AUTH_LEVEL=1 - AAD_AUTHELIA_DOMAIN=authadmin.kleo08s.lol - TRUSTED_ORIGINS=https://auth.kleo08s.lol healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "https://auth.kleo08s.lol"] interval: 30s timeout: 10s retries: 3 traefik: image: "docker.io/traefik:latest" networks: authelia: aliases: - auth.localhost.test container_name: "traefik" restart: "unless-stopped" extra_hosts: - "host.docker.internal:host-gateway" command: - "--configfile=/etc/traefik/traefik.yml" ports: - "0.0.0.0:443:443" volumes: - "/var/run/docker.sock:/var/run/docker.sock:ro" - "./test-configs/traefik:/etc/traefik" - "./test-configs/traefik/FileProvider:/FileProvider" - "/var/log/traefik:/var/log/traefik" volumes: authelia: external: true ``` also i exposed `http://localhost:9091` to `auth.example.com` using cloudflare tunnels since i'm dumb if anyone can teach me how to configure correctly this so both auth.example.com and auth.example.com/auth-admin works correctly would mean a lot, thanks :)
kerem closed this issue 2026-02-27 12:33:10 +03:00
kerem commented 2026-03-15 02:24:23 +03:00
Author
Owner
Copy link

@asalimonov commented on GitHub (Feb 25, 2026):

Hello,

What I see there:

Problem 1: AAD_AUTHELIA_DOMAIN is wrong

Fix: AAD_AUTHELIA_DOMAIN=auth.kleo08s.lol
Authelia Admin should. be on the same domain as Authelia.

Problem 2: No config.yml volume mount
The authelia-admin container has no config.yml mounted. You mount authelia:/config and authelia:/data (shared with Authelia), but there's no app config file. Without it, the authelia-admin falls back to environment variables only — which is fine, but they're missing all the LLDAP/directory service settings.

Fix: Either create a config.yml and mount it to /opt/authelia-admin/config.yml:ro, or add all required env vars:

  AAD_DIRECTORY_TYPE=lldap-graphql
  AAD_DIRECTORY_LLDAP_GRAPHQL_ENDPOINT=http://lldap:17170/api/graphql
  AAD_DIRECTORY_LLDAP_GRAPHQL_USER=admin
  AAD_DIRECTORY_LLDAP_GRAPHQL_PASSWORD=<lldap_admin_password>
  AAD_DIRECTORY_LLDAP_GRAPHQL_LDAP_HOST=lldap
  AAD_DIRECTORY_LLDAP_GRAPHQL_LDAP_PORT=3890

Problem 3: Both volumes use the same named volume authelia
volumes:
- 'authelia:/config'
- 'authelia:/data'

This mounts the same Docker named volume to both /config and /data, which means /config and /data contain identical content. The Authelia container has the same issue. Use bind mounts to separate host directories.

Problem 4: Healthcheck points to the public URL
Fix: should be the local health endpoint:

  healthcheck:
    test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:9093/auth-admin/health"]

Problem 5: Missing LLDAP service
The docker-compose has no lldap service, but authelia-admin needs an LLDAP backend for the directory service (role checking, user management). LLDAP must be running and configured.

You can use ChatGPT Codex or Claude Code, or Kimi Code, or GitHub Copilot to verify configuration to described documentation.

<!-- gh-comment-id:3957363079 --> @asalimonov commented on GitHub (Feb 25, 2026): Hello, What I see there: **Problem 1:** `AAD_AUTHELIA_DOMAIN` is wrong Fix: `AAD_AUTHELIA_DOMAIN=auth.kleo08s.lol` Authelia Admin should. be on the same domain as Authelia. **Problem 2:** No config.yml volume mount The authelia-admin container has no config.yml mounted. You mount authelia:/config and authelia:/data (shared with Authelia), but there's no app config file. Without it, the authelia-admin falls back to environment variables only — which is fine, but they're missing all the LLDAP/directory service settings. Fix: Either create a config.yml and mount it to /opt/authelia-admin/config.yml:ro, or add all required env vars: ``` AAD_DIRECTORY_TYPE=lldap-graphql AAD_DIRECTORY_LLDAP_GRAPHQL_ENDPOINT=http://lldap:17170/api/graphql AAD_DIRECTORY_LLDAP_GRAPHQL_USER=admin AAD_DIRECTORY_LLDAP_GRAPHQL_PASSWORD=<lldap_admin_password> AAD_DIRECTORY_LLDAP_GRAPHQL_LDAP_HOST=lldap AAD_DIRECTORY_LLDAP_GRAPHQL_LDAP_PORT=3890 ``` **Problem 3:** Both volumes use the same named volume authelia volumes: - 'authelia:/config' - 'authelia:/data' This mounts the same Docker named volume to both /config and /data, which means /config and /data contain identical content. The Authelia container has the same issue. Use bind mounts to separate host directories. **Problem 4**: Healthcheck points to the public URL Fix: should be the local health endpoint: ``` healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:9093/auth-admin/health"] ``` **Problem 5**: Missing LLDAP service The docker-compose has no lldap service, but authelia-admin needs an LLDAP backend for the directory service (role checking, user management). LLDAP must be running and configured. You can use ChatGPT Codex or Claude Code, or Kimi Code, or GitHub Copilot to verify configuration to described documentation.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
fix/new-user-password-not-set
dependabot/npm_and_yarn/svelte-6535ca4039
dependabot/npm_and_yarn/vite-35a443a342
dependabot/npm_and_yarn/tailwind-97bcedbae3
dependabot/npm_and_yarn/types-054763cb3e
dependabot/npm_and_yarn/eslint-plugin-svelte-3.16.0
dependabot/npm_and_yarn/inlang/paraglide-js-2.15.1
dependabot/npm_and_yarn/typescript-eslint-8.57.1
dependabot/npm_and_yarn/yaml-2.8.3
dependabot/npm_and_yarn/sqlite3-6.0.1
dependabot/npm_and_yarn/serve-14.2.6
dependabot/github_actions/docker/metadata-action-6
dependabot/github_actions/docker/setup-buildx-action-4
dependabot/github_actions/docker/login-action-4
dependabot/github_actions/docker/build-push-action-7
feature/postgres
feature/playwright
feature/group-management
feature/i18n
feature/lldap-graphql
feauture/lldap-graphql
docs/license
bug/unhealthy-docker
v1.1.0
v1.0.0
v0.1.0
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
enhancement

   
pull-request

Mirrored from GitHub Pull Request

No labels
enhancement
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/authelia-admin#96
No description provided.