Authentik Application Setup | Nginx Proxy Manager | (Docker/Compose)

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey what's up guys i originally was using ophthalia for single sign-on and two-factor authentication for some of the services i self-host and came across authentic as you can see from this comparison chart authentic seems to have a lot going for it i especially appreciate the graphic user interface in comparison to editing files manually which can get a bit tedious anyways i looked far and wide on youtube but couldn't find a video demonstrating how to set up an app in authentic once you got it up and running and the documentation can be confusing or not clear enough so in this video i'll be giving you a quick breakdown on how i did it this video assumes you already have docker docker compose nginx proxy manager and authentic all installed and running if not check the source material as well as the youtube videos by awesome open source or dbtech on nginx proxy manager installation and by ibrcorp on authentic installation all linked in the description below first you want to be sure you have dns record set for all your apps microservices at your dns provider that you want to access from the internet especially an entry for authentic you know the service we're working on right now so in cloudflare here's my entry for authentic then you want to set up a proxy host in nginx proxy manager that points your authentic instance if you haven't already and verify you're able to access it successfully by domain name in your browser so for example here's my authentic entry and i'll you see the details there isn't really much that i have going on here just my domain name for authentic that we set up in cloudflare the internal ip address i have it pointing to i have it publicly accessible nothing in custom locations with ssl i have my ssl certificate picked and i turned all these options on and nothing in advance now i like to test out this proxy host in a private or incognito tab just to be sure i'm not pulling up any cached or temporary content nice it works now that we have it loaded let's login and start configuring an application all right once we've logged into authentic you want to go ahead and open up your admin interface from here you want to go into your applications and the first thing we'll do is verify that our outpost is correctly configured now we'll be using the authentic embedded outpost and you want to go ahead and click the edit icon here under actions now in here what you want to verify is the authentic host for me this is line three and for the authentic host what you want is either the proxy host that you entered in nginx proxy manager or the dns record that you entered into cloudflare or whoever your dns provider is but it has to be the fully qualified domain name now you can verify your fully qualified domain name is in fact entered correctly because it will actually have it listed right underneath the name for your embedded host under health inversion you should have a green check mark okay next you want to go ahead and click on providers and click on create here you're presented with several options you can create an ldap provider a oauth2 or openid provider a proxy provider a saml provider or a sample writer for metadata we'll be creating a simple provider and choose the proxy provider click next in new provider in the name field enter a name that will be easily matched to the application that we'll be creating in the next step for the next step you can choose either proxy forward auth single application or forward off the domain level if you choose proxy authentic will act as the reverse proxy itself at which point you would have to set external hosts to your fully qualified domain name for authentic and your internal host would be the internal ip address for the app that you're trying to reach now because we're using nginx proxy manager i will go ahead and choose for auth single application with single application you'll have more granularity and control than you would with domain level we don't need to use authentics built in reverse proxy so for the external host you want to go ahead and put the external fully qualified domain for the internal application that you're trying to reach so i went ahead and entered mine there for token validity you can leave this as is or you can change it to however many hours minutes or seconds you want this token to be valid for me i'll go ahead and leave it as is and for now we don't need to do anything advanced protocol settings go ahead and click finish now you'll have this warning that the provider is not assigned to any application that's because we haven't created yet so go ahead and click on applications under applications we want to go ahead and click on the create button now in create application you want to go ahead and enter a name that will closely associate with the provider so that way they're easy to match so i went ahead and entered the name speed test and for the slug i also entered the name speed test for provider you're going to want to go ahead and click the provider we created earlier and click create now we've created our application if you go back to providers you'll notice that the warning is gone and it says that the application is assigned to the provider now we want to go back to outposts and click the edit button under actions for the embedded outpost and you'll see under applications that the application we just set up is listed go ahead and highlight that and click update and as you can see the embedded outpost has speed tests listed in the providers as you add applications to the embedded outpost their respective providers will be listed here under providers next we want to go back to providers we want to go ahead and click the name of the provider you scroll down under setup you'll notice there are several reverse proxies listed we're using nginx proxy manager so we'll go ahead and click that you'll see the snippet of code what you want to do here is highlight and select all of this and copy next we want to go ahead and go back to nginx proxy manager and find the application that you have a proxy host for and click edit go to the advanced settings tab and paste that code snippet that we just copied from authentic into the custom nginx configuration once you've pasted the snippet of code into your custom nginx configuration you want to scroll down to the proxy pass section and change out the fully qualified domain name that you have for your authentic instance to its internal ip address and port number instead then click save now if we navigate to our app's fully qualified domain name we should be presented with a prompt to log login by authentic hey look at that it worked now let's verify we can actually login and success we successfully authenticated with authentic and our application loaded just fine alright guys if you have any comments or questions leave them down in the comment section below go ahead and hit that like button if you like this video if you didn't go ahead and hit the dislike button and be sure to subscribe if you want to see any more videos i put out once again thanks for watching

Info

Channel: Cooptonian

Views: 22,352

Rating: undefined out of 5

Keywords:

Id: Nh1qiqCYDt4

Channel Id: undefined

Length: 9min 29sec (569 seconds)

Published: Thu Jul 21 2022