Thanks Christian. Just added nodes to Wazuh and can't stop smiling. Traefik and Authentik are next. Really appreciate your work!
@christianlempa9 ай бұрын
Nice! 👍
@illegalmexicain19 күн бұрын
Crowdsec is also a nice addition
@Dreamshadow19779 ай бұрын
I love how you make building the compose file so simple. So many things I need to learn.
@christianlempa9 ай бұрын
Thank you so much :)
@mykyar91429 ай бұрын
I have no words, except the "Thank You!". Thank You!
@christianlempa9 ай бұрын
🫶😊
@itssoaztek45929 ай бұрын
Have been waiting for a video like this for ages. Christian, you are my hero.
@christianlempa9 ай бұрын
Haha amazing :D Glad you liked it
@killua_1489 ай бұрын
Hi, I don't know if it's just me or not, but I think you should explain what "frontend" and "backend" networks are. Because at the beginning (from you past videos) I thought they were some kind of docker built-in networks (due to having a very specific and standard name), but with time I realized that they are just two network you created. So maybe you should clarify what those networks are and why you use them the way you do. At least for beginners, it's not that obvious.
@utentepassivo7 ай бұрын
I very much agree with this. For beginners like me it can be very confusing
@ImARichard9 ай бұрын
10/10 video! Legitimately has just about everything you would need to hit the ground running on authentik! Ive been using authelia for a while but have been wanting to play around with authentik to take advantage of OAUTH. Thanks for the awesome video!
@christianlempa9 ай бұрын
Haha thank you so much! :)
@somegeek71269 ай бұрын
So cool, I deployed Authentik one week ago and was playing around a little and now you come with this great video. Thanks for the "compose cleaning", I was not very comfortable doing it in the first place.
@christianlempa9 ай бұрын
Thanks 🙏
@Jannick-l1k9 ай бұрын
Christian, danke für deine tollen Videos! Informativ, nützlich und mit viel Enthusiasmus erklärt. Super tolle Arbeit 😊
@christianlempa9 ай бұрын
Vielen lieben Dank! ❤️
@joostul8 ай бұрын
This is the perfect amount of information for me, exactly what I need to get started and fast enough to not skip through things I already know. So good!
@christianlempa8 ай бұрын
Glad it was helpful!
@benji_games_8 ай бұрын
I want to add a comment that I hope you can see as being constructive since you mentioned in a previous video that English is not your first language and that you are sometimes concerned about your pronunciation or word choice. As an American who barely speaks a little bit of a couple of other languages, I have always appreciated when people helped guide me so hopefully I can do that this one time for you. The word realm is pronounced like helm. Thanks for the awesome video!
@apricotcomputers39438 ай бұрын
ok, thank you
@raular55138 ай бұрын
jelm?
@huzzyz6 ай бұрын
Thank you @Christian for another fantastic video. Just a note, if you goto Admin Console -> System -> Settings -> Allow users to change username. Don't have to really create another user and you can just rename the akadmin account to whatever you'd like. Thank you once again!
@Robert655365 ай бұрын
Great tip, thank you!
@SteveArv9 ай бұрын
I love it.... its tea time. You just coined a new phrase for the channel. I have been waiting for you to create an Authentik video for a while now. Great video!
@christianlempa9 ай бұрын
Thanks 😊
@tobifuncoding9 ай бұрын
Hey Christian, wie immer großartig ;) Ich habe Authentik direkt in meinem Homelab in Kubernetes deployed und nutze es global für mein Homelab und habe es auch mit meinem Traefik Ingress Controller verbunden. Einfach nur genial. Aber die Doku von Authentik ist auch echt gut. Mach weiter so. Du hast mir schon in so vielen Fällen mit Deinen Videos geholfen
@christianlempa8 ай бұрын
Vielen Dank! Freut mich dass meine Videos dir helfen 🙏☺️
@Kestrel389 ай бұрын
I really love Authentik. Its great and the only feature I can see it NEEDS is a mobile push MFA feature like Duo & MS Authenticator. I know there's a current workaround with Duo - but if Duo is needed I'd just do all of the auth there instead.
@tuyenhoang5546Ай бұрын
Push MfA is considered insecure nowadays as it may cause user fatigue and just hit approve request spams.
@Kestrel38Ай бұрын
@@tuyenhoang5546 not with number challenge
@mx3389 ай бұрын
This looks great for a homelab, I just doubt it can fully compete with capabilities of the hybrid Active Directory I run at work.
@Voigt_Analytics9 ай бұрын
Ziemlich cool. Danke für das tolle Video! Es fällt allerdings in die Kategorie: "Nice to have". Da (m)ein Home Lab dem ständigen Wandel unterlegen ist, weiß ich nicht, ob das für mich wirklich Sinn macht. Vieles an Software ist allenfalls ein paar Monate oder ein halbes Jahr an laufen, bis ich auf die Idee komme, Systeme wieder neu aufzusetzen, die Software neu einzurichten und dann muss ich trotzdem ein Passwort-Manager haben, der mir die Admin-User abgesichert. Es wird nur zusätzliche Arbeit verursacht durch die doppelte Nutzerverwaltung. Das hat sehr viel mehr Sinn in Unternehmensumgebungen, wo IT-Abteilungen auch von frustrierten Mitarbeitern besetzt sind, denen man im Fall des Falles immer auf die Finger schauen/klopfen muss. Oder um Mitarbeiter zentral zu verwalten, was wiederum durchweg Anwendungen voraussetzt, die die genannten Auth-Provider unterstützt. Und Authentik darf bloß nicht kompromittiert werden oder ausfallen. Dann wird's lustig
@timothypierce46029 ай бұрын
Ay ay apoco si?
@christianlempa9 ай бұрын
Vielen Dank :) vielleicht macht es ja Sinn für System, die du nicht häufig änderst wie z.B. Proxmox?
@Voigt_Analytics9 ай бұрын
@@christianlempa Dieses System muss erst noch erfunden werden 😅 Nein, Proxmox nutze ich nicht. Versuche so stromsparend wie möglich mein Home Lab zu gestalten, daher kommen derzeit nur zwei Raspi‘s 400 und ein MacBook Air 2019 zur Anwendung. Das MBA für etwas performantere Aufgaben. Vielleicht wäre auch das Thema Energiemanagement, Shelly‘s, Grafana und Co was für die nächsten Videos? 😃👍
@Voigt_Analytics8 ай бұрын
@@christianlempa Habe meine Meinung geändert. Die Software ist echt genial. 🤩 Allerdings stehe ich noch vor einigen Problemen mit bestimmten Softwarelösungen.
@igordasunddas33772 ай бұрын
Also ich habe mein NAS das letzte Mal vor 5 Jahren aufgesetzt, um von Ubuntu 20.04 oder 18.04 (weiß ich nicht mehr) auf 22.04 upzugraden. Ich hatte auch gleich neue Boot-Laufwerke und deshalb alles neu gemacht. Aber an sich würde authentik schon Sinn machen - ggf. mit LDAP o.ä.
@vomKuckucksfelsen9 ай бұрын
I´ve been waiting for this soooooo long! Thank you!
@christianlempa9 ай бұрын
You’re welcome ☺️
@PramitBiswas9 ай бұрын
Please do a video with keycloak, if possible.
@sardaukar-yt3 ай бұрын
Thanks ! As usual this helped a lot. Would love to see the follow-up video about extended features like LDAP. Keep up the good work !
@christianlempa3 ай бұрын
Awesome! Thank you
@Wheels359 ай бұрын
absolutely love authentik, glad you are covering it, its such a great product, and gets constant support and updates
@christianlempa9 ай бұрын
It really is!
@elements88xyz9 ай бұрын
Danke. Your videos are always welcomed, and so much to learn on a lot of topics.
@christianlempa9 ай бұрын
Sehr gerne 😉
@vkphoenixfrАй бұрын
It does not work, I'm getting a Redirect error whan trying to login in proxmox login screen. Did not find anything helping in authentik doc
@rfos19785 ай бұрын
How reliable can be Authentik comparing it with paid other services like Okta for example? it would be acceptable for big companies that would invest time in development and management of security tools of this solution is limited to private/small companies? I really like Authentik, I use it for personal purposes but I'm not confident about to suggest it for an Enterprise company.
@Zbhullar4 ай бұрын
Hi what feature is that at 25:53 it looks like some sort of autofill that uses your clipboard history? please tell me what application that is or how i can get that feature! thank you & great tutorial
@christianlempa4 ай бұрын
Thanks, this comes from my password manager 1password
@HeneryH2 ай бұрын
When I try to create my proxy provider (37:57 mark) I get an error saying that "CSRF Failed: CSRF cookie not set." but even in the advanced settings there is no field for that.
@christianlempa2 ай бұрын
Seems to be an issue with the config, maybe lets check on discord if you could share your setup details
@shawndamon30558 ай бұрын
Thanks!
@christianlempa8 ай бұрын
Thanks for your suppoer! :D
@giftcp822 ай бұрын
@Chris it could have been nice if you share a diagram of your docker network and explained it a bit. Or do you have a video to this extent
@christianlempa2 ай бұрын
I've done some videos about VLANs in the past that show a bit of my current network structure: kzbin.info/www/bejne/opnVnaWsi7-hf6ssi=s7xwj3epwcnLqQsE
@giftcp822 ай бұрын
@@christianlempa thanks I will take a look
@Cole987Turner2 ай бұрын
This is the reason for groups Right? So you can create an admin group or user group on every system and just add them in your idp
@truthontech9 ай бұрын
Thanks
@christianlempa9 ай бұрын
Thank you so much for your support 🫶❤️
@Stony54386 ай бұрын
Thankyou for making this video. You've explained it more clearly than most other videos I've seen made. I feel like I'm ready to give authentik another go!
@christianlempa6 ай бұрын
Thank you so much 😊 and good luck!
@dancalmusic9 ай бұрын
Do you think it could be used to provide MFA to a Microsoft Remote Desktop Gateway?
@christianlempa8 ай бұрын
No idea,🤷♂️, I know that authentik enterprise does RDP but not tried it yet
@Paul-xb5mm9 ай бұрын
Hi, did you manage to setup login to Sophos with authentik? I tried using LDAP for a while but unfortunately couldn't do it. Maybe I can learn from your experiences later. :D
@christianlempa9 ай бұрын
Not yet, but I'm currently looking into it! There will be a follow up video at some point :)
@stayupthetree9 ай бұрын
at 5 seconds what is on the screen? an advanced HTOP???
@zer0r00t9 ай бұрын
btop probably
@christianlempa9 ай бұрын
It's called "Bottom"
@user-ib1bz4bh3g5 ай бұрын
Just beware that if you run your Authentik in the VM inside the Proxmox server and you forget your Proxmox root password (because you will not be using it), you might get into trouble when the VM running the Authentik fails.
@crav55874 ай бұрын
This sounds like its coming from personal experience 😂😂
@erwin7573 ай бұрын
Ah yes that would be terrible…
@TracyNorrell2 ай бұрын
That's why I keep my authentic and proxmox passwords written down on a sticky note attached to the monitor attached to my KVM
@devmelyАй бұрын
Just use any secure pssword manager
8 ай бұрын
I don't have any of this homelabs/infrastructures but definitively i'm into them 🤙🏼 Thank you so much for your videos they are so interesting and useful!
@christianlempa8 ай бұрын
Thank you! Glad you enjoy them 😊
@dandogamer4 ай бұрын
Amazing video thank you so much for putting this together, was there a follow up vid?
@christianlempa4 ай бұрын
Thank you buddy! Not yet but I’m working on a follow up
@isaacwassouf4520Ай бұрын
Just what I was searching for, thanks for the great content! One question, in the last example with the nginx container, do you need to re-authenticate with every request?
@christianlempaАй бұрын
No, you can configure the session lifetime in authentik, only if the authentik session expires, you need to re-authenticate
@vasquezmi8 ай бұрын
Hello sir, thinking about your Netbird tutorial have you thought about the advanced installation that allows you to use Authentic as the IdP? I am still continuing that journey as I need to work on alternate ports to use as the one out of the box are already consumed.
@SMAW049 ай бұрын
Great video again Christian.. I Also noticed the cool keyboard on your desk, wanna share which one it is?
@christianlempa9 ай бұрын
Nice :D I'm using a Keychron keyboard, however, I'm not all satisfied with it, ... maybe I'll switch to another one at some point :)
@RedVegas4 ай бұрын
I keep getting a “Not Found” page can’t figure out how to solve it
@matthi178624 күн бұрын
My Not Found was a problem with the Worker. I forgot the Secred Key.
@ekekw9302 күн бұрын
Do I need to run the Authentik instance on the same VM as my Traefik? Or can I use the dynamic config to proxy?
@horstcredible4247Ай бұрын
Cool. How would I integrate this to an already existing web app? I did only find examples of integrating services like Portainer yet in the docs. There would be a protected area behind a subdomain of our top level domain, where customers have to be logged in. At the unprotected toplevel domain pages I need to be able to look up if a user is authenticated, so I could load additional information like wishlist articles and similar data if that's the case. We want to implement SSO, so we could use the same authentication for multiple apps we own. Any hint which part of the docs I could look at for this? Or any articles I could read up?
@Taterxxwardy9 ай бұрын
I was also very confused by their documentation and trial and error with it so far. I've tried Jim's Garage and others but they seem to do things a bit different from what you do, which is more like my server setup as well. Appreciate your insight and guidiance
@christianlempa9 ай бұрын
Thank you :) glad you liked my video more
@alex.prodigy8 ай бұрын
Awesome video , thank you! Btw , when you have docker or docker compose env variables and you want to name your container env variables the same as you want them set in your shell , you don't need to say i.e. MY_SUPER_VAR=$MY_SUPER_VAR ... you can just have - MY_SUPER_VAR and docker will pick up your shell variable with the same name if it's set for example services: test: image: nginx environment: - MY_TEST_VAR instead of services: test: image: nginx environment: - MY_TEST_VAR=$MY_TEST_VAR
@christianlempa8 ай бұрын
Thanks! :D Good tip
@alex.prodigy8 ай бұрын
@@christianlempa it also works with .env file or other env_file
@christianlempa8 ай бұрын
@@alex.prodigy one reason though I might keep using the scheme is interpolation of environment variables, to catch errors or apply default values. which makes it easier for the tutorials and boilerplates.
@alex.prodigy8 ай бұрын
@@christianlempa yep , no worries ... just figured many people don't know that docker compose can pick up env vars without doing MY_ENV_VAR=$MY_ENV_VAR
@simuman9 ай бұрын
Hi Christian, sorry where is the documentation and links, can't find it anywhere in the description or your Github?
@christianlempa9 ай бұрын
Sry, added it to the description
@EricLenehan-xs3yt8 ай бұрын
What is the application you use to write this code? It makes life so much easier to do it the way you do instead of using a terminal.
@christianlempa8 ай бұрын
It's VSCode
@enderlord00759 ай бұрын
Hi there, great video. I recently saw your video on how you set up your vscode, but is there any chance you could share what theme/customizations you are using? I really like the transparent and clean look yours has but I didn't see it in that video.
@christianlempa9 ай бұрын
I'm using my own theme "The Digital Life", hope to give it an update at some point
@shawndamon30558 ай бұрын
Just wondering if you have some tips on how i can add authentik to the home page? the documentation is skinny on the process...... cant say this enough...you make sure informative videos!
@christianlempa8 ай бұрын
You can check my config on github.com/christianlempa/homelab, maybe that's what you're looking for :)
@shawndamon30558 ай бұрын
@@christianlempa I did use your GitHub as a reference ... I think the generation of the authentik key .. it's not very clear on the steps to take
@Seba11PL9 ай бұрын
Nice vid. I thought you would make a video about Zitadel, which you mentioned in a previous video. Authentik seems fine, but Zitadel appears more modern and supports passkeys.
@christianlempa9 ай бұрын
I had a couple of issues with Zitadel, and to me, authentik seems better. Maybe I'll take a look at some point
@vasquezmi8 ай бұрын
I had one more question. What are you using for your IDE in this video for ssh and development of the yaml?
@christianlempa8 ай бұрын
vscode
@emiellr9 ай бұрын
Hey Christian, how did you make your VSCode look that nice? Vid maybe?
@christianlempa9 ай бұрын
I've made a custom theme and added a background, however since I got so many problems with the background plugin, I probably won't use it anymore.
@emiellr9 ай бұрын
@@christianlempaIs it Vibrancy Continued by any chance? Also, any chance you'll make your theme public? looks sweet.
@boosraphael6 ай бұрын
Hello! Danke für all deine Videos und Tutorials, die sehr informativ und verständlich sind! Ich habe eine kurze Frage an dich, ich habe ein OMV NAS und möchte von außen darauf zugreifen, was rätst du mir, um es zu sichern? Danke
@kurt_hansen8 ай бұрын
Is it possible with authentik, to secure for example some services with and some without 2fa?
@The-Cat7 ай бұрын
Good question, if you happen to know the answer please let me know cause it's hard to have my wife deal with 2fa
@kurt_hansen7 ай бұрын
@@The-Cat There is a possibility to configure it in that way, that you don't need 2fa for you local network, but if you access from the internet, 2fa is mandatory
@The-Cat7 ай бұрын
@@kurt_hansen thank you so very much 👍🏾👍🏾💯
@RedVegas4 ай бұрын
Do you use code server or vs code, id love to see a video on your setup there with the custom colors to
@christianlempa4 ай бұрын
I made once a video about my custom vscode theme, maybe that's what you're looking for :)
@RedVegas4 ай бұрын
@@christianlempa indeed it was! I actually ended up finding it shortly after commenting that, love the theme.
@jhmc935 ай бұрын
I get a 505 error when doing this with proxmox open id
@davidszabo68369 ай бұрын
Amazing explanation for this great app! I've already set it up on my Kubernetes cluster and it is working great so far and I'm satisfied with it, but there is some work to be done, and the documentation is patchy in places. I noticed one more drawback which is that it starts up slowly. Perhaps it is due to the fact that it was built with Python (Django?), but not 100% sure. I can live with that.
@christianlempa9 ай бұрын
Great to hear!Thank you :)
@caseystewart31975 ай бұрын
Great Video. I've setup our instance to pull users in from an LDAP source but I then want those user to use a separate Oauth Source to do their SSO authentication. Is that possible or does it make sense. Users can manually select to Connect to the Oauth source but I don't see a way to make this the default setting for those Imported LDAP users.
@GuilhermeMarquesMachado8 ай бұрын
how would you use this with Obsidian's docker container?
@ClayBellBrews4 ай бұрын
Which of your videos has the setup of your networks? (Frontend & Backend)
@christianlempa4 ай бұрын
I’ve covered it in my docker network tutorial, it’s basically just 2 bridge networks that I use for enabling dns resolving
@badtrapify9 ай бұрын
I tried to integrate proxmox. Created an OpenID provider, created an application, using this provider... Set the realm in proxmox, aaand... When i select my authentic realm for login in proxmox the OepnID redirect fails. "remote error: tls: unknown certificate authority" I guess it's something with the self signed authentik cert, but don't know how to avoid it.
@sebasptsch8 ай бұрын
Love your videos, just as I was looking for an authentication platform to use! Viel Dank Christian!
@christianlempa8 ай бұрын
Thank you so much! :)
@StephenPezzuti20 күн бұрын
I see you remove the .env variables frm the docker compose, but you still have a .env file? How does it pick this up if it's not defined in the compose?
@christianlempa18 күн бұрын
Can you explain this in more detail with an example? Would like to follow up with you on Discord
@StephenPezzuti15 күн бұрын
@@christianlempa I was just looking over the docker-compose file as you edit, but it looks like you remove any mapping of the .env from the compose. Then you also edit the .env file. Just confused about how it knows to look at the .env if it's removed from the compose file. Hopefully that makes sense?
@StephenPezzuti15 күн бұрын
@@christianlempa as an example.. at 10:24 you remove the .env lines from the compose, but at 11:09 you're editing the env file. Just wondering if I'm missing something
@74cmonty5 ай бұрын
Could you share your thoughts about Keycloak?
@christianlempa5 ай бұрын
I haven't tried it out yet
@Bl00dyAngel19 ай бұрын
This is just what i was searching for
@christianlempa9 ай бұрын
Glad it helped ;)
@VincentGroenewold9 ай бұрын
Now this is super cool, just was thinking about it. Thanks!
@christianlempa9 ай бұрын
Glad it was helpful!
@JacobLafrance-s6u4 ай бұрын
Hey Christian, are you using Authentik to handle ssh authentication to linux servers? This way a user just needs to upload their public key to their Authentik profile?
@horusofoz2 ай бұрын
Do you think you'll ever do a demo with Caddy as the reverse proxy?
@christianlempa2 ай бұрын
I will never say never but it’s not planned in the near future
@Theborg729 ай бұрын
Hi thats for this can you show how you set up visual studio code to be able to open it so easily against different servers without having to set up an sftp.json
@christianlempa9 ай бұрын
I've recently made a video about it, check it out: kzbin.info/www/bejne/nqbMgpdohtSdjrs&
@tomatony2282 ай бұрын
is there a way not to create all my apps as provides etc., but to make them as .. wildcard in traefik? So every app is automaticly secured
@christianlempa2 ай бұрын
Good question, yes there is but I haven’t tested it yet. But I’ll add it to my todo list
@SamBrownhousehold6 күн бұрын
Can you do a walkthough and review of Zoraxy & linking with Authentik or Authelia? I would love to set my proxy service behind another authentication broker
@christianlempa5 күн бұрын
Unfortunately, I don't have any experience with Zoraxy
@james.houlder9 ай бұрын
Great video! 😊. Also where did you get that hoody! ❤ Also any tips on migrating a docker image to a new vps server. I did it yesterday, but I couldn't access the services as expected post migration. Docker showed everything was running, but I couldn't access the ports?! Thanks!
@christianlempa9 ай бұрын
Thank you! 😊 it was a birthday present from my wife 🫶
@james.houlder9 ай бұрын
@@christianlempaepic 😊
@efimov908 ай бұрын
@christianlempa, is it possible to use authentik with mariadb? How i can see there is ldap provider and mariadb has ldap authentication support. Is there a posibility to use OAuth or only this option is available now?
@nope64179 ай бұрын
Hello and thx for this amazing job. I am working on authentik, but it is not working yet at home, the authentik server and worker say ... "Name or service not known" ideas ?
@nope64179 ай бұрын
found the problem. But there is no middleware for authentik in Traefik ??
@christianlempa9 ай бұрын
Come on our discord :) Maybe we can help
@nope64179 ай бұрын
@@christianlempa ok I am coming ..
@gggkiller8 ай бұрын
You can actually rename the default user, but you have to do so through the Directory interface, it's what I've done in my install. Other than that, great video and thank you!
@christianlempa8 ай бұрын
Thanks for the tip!
@comod2 ай бұрын
Aber was wenn die demo app am ende selbst auch noch mal einen custom email-pass-login hat? Lässt sich der jwt dort "injecten"?
@christianlempa2 ай бұрын
Den fall hab ich noch nicht gehabt, daher kann ich leider dazu nichts sagen
@carlosptf8 ай бұрын
Hi, what is the name of the application you use to manage your ssh connections?
@christianlempa8 ай бұрын
openssh :)
@carlosptf8 ай бұрын
I expressed myself wrong, sorry. I mean the application where your ssh sessions are open. and where you edit text files.
@gautamkrishnar9 ай бұрын
If you already have cloudlfare setup on your domain, it also gives you similar setup. Easy to configure as well.
@egokhanturk9 ай бұрын
I want to use this for Jellyfin but when i use this i can't access my jellyfin server via android or desktop Jellyfin client app. What can i do?
@andersontapetti84209 ай бұрын
Wait: Azure AD marked as no conditional access available? Reallly? And if you use Intune for MDM you can get CA for compliant devices access
@lostinvasion9 ай бұрын
It's listed because Conditional Access is indeed a feature you need to pay for within Entra ID (Azure). It requires a higher license and is not available to you with the base tier
@Danielo5157 ай бұрын
Ibreally want to know more about your way of connecting vscode to remote servers
@dev-akeel9 ай бұрын
I have been here on this channel for a few months now I watch the videos but i don't know what is going on. I feel like lost in space. I came here 2-3 months ago to learn traefik but i neither understand traefik nor any other related technologies, what could be the issue? I am working as fullstack developer (just for more context).
@SEO-0109 ай бұрын
nice work! Can you make a video about zerotier ?
@christianlempa9 ай бұрын
Hm, maybe, but not anywhere soon. I'll add it to my list ;)
@PeterBuffon9 ай бұрын
Strangely i'm getting this weird behavior where i can reach the login page, but when i enter my email and go to put the password, the whole page HTML outputs on the page and idk what to do.
@jorgeeduardotrujillovelazq85038 ай бұрын
Is it possible to know if you have a github repo with these two docker compose files: 1. traefik 2. authentic?
@christianlempa8 ай бұрын
yes, github.com/christianlempa/boilerplates
@ThatNateGuy9 ай бұрын
You did a video on Dockge at one point. Is there a reason you didn't use it in this tutorial? This isn't criticism, I'm genuinely curious. Do you yourself simply not need it or are you just lowering the barrier for entry with Authentik? Great video as always, sir! 🙂
@christianlempa9 ай бұрын
Actually, I'm not using it because I prefer using vscode for managing my containers. I also believe it's better for the tutorials to not rely on too many apps that some people might have, some others don't.
@ThatNateGuy9 ай бұрын
@@christianlempaThat makes sense. Thank you for taking the time!
@demorez59 ай бұрын
OK, so just spent two days setting this up. Having watched your livestream, i think actually in a single user homelab environment authentik has little value and actually adds an additional attack vector, as in addition to the OAuth authentication you still need to keep the traditional login method in place for fallback purposes.
@christianlempa8 ай бұрын
For educational purposes and convenience it’s still amazing
@marcoactis70857 ай бұрын
Hi Christian ! You are great and I have to say a big thanks to you... I just installed Authentik in my lab and setting up all the appliances and servers ... every night 'till 4 o'clock ... :D :D :D . But I have also a question ( or suggestion request for you ) : How did you managed the authentication on each node of a proxmox cluster ? Probably i'm too newbie on this but the right way should be : 1 provider ( with all the keys ) and more applications ( 1 x each node ) ... but is not possible , and is also not possible to have more tha one provider for the same Proxmox datacenter ... ( if i'm not wrong ! ). Do you already have the answer : have you already managed this ? Anyway : many thanks ! A lot !!! bye !
@christianlempa7 ай бұрын
Haha, oh man that sounds like a hard job :D Actually, once I joined the additional node to the cluster it just synced the authentik config, so there was no additional config needed.
@MarcoActis7 ай бұрын
@@christianlempa 👍👍👍
@jorgebaccarcell2 ай бұрын
What I miss from this kind of video is a brief comparison to other solution you may have presented previously. Like, "this solution is an alternative to xxx, and it's advantages are X and Y, and you may prefer xxx because it's simpler ...". Sometimes it's a bit hard to understand if this works with the other solutions or if it substitutes the other...
@christianlempa2 ай бұрын
Good point, I will include such a thing into my new videos ;)
@starkiller26628 ай бұрын
Do I understand correctly that it is now impossible to use this proxy having authentik and nginx on different servers?
@christianlempa8 ай бұрын
Of course you can do that! More about outposts in the follow up video :)
@andoniortiz47748 ай бұрын
De nuevo me sorprendes, gracias por tu dedicación!!!!!
@NetScalerTrainer9 ай бұрын
How does a competitive to guacamole?
@vDereks8 ай бұрын
Great video. I know everyone's needs are different, but I'd love to get a copy of your modified docker compose file.
@christianlempa8 ай бұрын
You can find a good template on my boilerplates repo, check out my GitHub profile ;)
@pesfreak188 ай бұрын
learned a ton in this video. Thanks a lot. Have to try it myself now.
@christianlempa8 ай бұрын
Thank you! Glad it was useful :)
@GreenCinco12Official8 ай бұрын
I've tried doing this but somehow can't get it to work. I'm trying to connect authentik and portainer. After adding a provider and a application I've tried to login to portainer using oauth. I get the portainer error "Failure Unauthorized" and a little "unable to login via oauth". I've also noticed that my user wasn't automatically created in portainer. But even after manually adding it (it states oauth in users) I get the same errors. Any idea?
@matthi178624 күн бұрын
Hey, I have the same error. Have you found a Solution?
@PrimalDashes9 ай бұрын
I still cannot get this working with Portainer. I've followed every single step, but getting Unauthorized when clicking Log in with OAuth. I can't find any solution :(
@agentlytle9 ай бұрын
So i had this issue my fix was to make the user on portainer first the auto create selection does not work.
@PrimalDashes9 ай бұрын
@@agentlytle unfortunately I tried that as well, same error
@mmrk_9 ай бұрын
Great demo as always. Love your videos.
@christianlempa9 ай бұрын
Thanks so much!
@andreassa9 ай бұрын
Personally, I haven’t found anything easier to setup than Caddy + Authelia for my small homelab (plus custom Tailscale domain login). I will give this a go some other time! Thank you
@christianlempa9 ай бұрын
You’re welcome! Let’s us know if you like it
@igordasunddas33772 ай бұрын
This video is awesome! Convinced me to subscribe! Thanks, man!
@christianlempa2 ай бұрын
Thank you! Welcome on board :D
@Heimdall-hb5it8 ай бұрын
Nice video! A comparison against keycloak would be awesome.
@christianlempa8 ай бұрын
Thanks for the idea! Not sure if I will have the time soon to check out another IdP though :(
@dean.kannenberg9 ай бұрын
Awesome Video, thank you. This takes the fear of Auth-Providers from a lot of people. Great solution, well implemented and like always awesome presentation of this lovely peace of tech :)