Simple Mistakes Setting up Authelia

Recently I went down the path of setting up Authelia after a friend told me about using it and Traefik to effectively allow SSL to be applied to every docker container I have running at home should I want to.

If you want to learn about how to do this as well I highly recommend watching this video https://www.youtube.com/watch?v=u6H-Qwf4nZA the videos that Technotim produces are what I consider the appropriate level of tutorial, where he explains the reasoning behind doing something, the potential problems but also the reasons why he has decided to do something. On top of this, he also provides example documentation files which makes getting everything up and running a lot easier as you can start from a config he created.

Now – for me there were two very simple mistakes I made when trying to configure everything so I’d thought I’d outline them below and just how simple they are to fix.

Hashing your password

Part of the install process is issued the following command to hash your password:

docker run authelia/authelia:latest authelia hash-password “yourpasswordhere”

Seems simple right? Well it is. However the simple mistake that I made was I was issuing the command like this

docker run authelia/authelia:latest authelia hash-password ‘yourpasswordhere’

Using single back ticks tells Authelia you were using a special characters, in my case when I was testing I wasn’t so the hash created did not match, and therefore the password also did not then match since the hash was being changed due to single backticks

So thats simple problem number 1, very easy to fix that one. 

Setting up 2FA the QR Code Does not generate

In Technotim’s video he explains the method of using notification.txt instead of emailing a link to yourself. This allows you to be able to see the email that would be generated by logging into your authelia host and reading the notification.txt file. instead of having to go through all of the hassles of setting up outgoing mail servers.

Seems simple again right? Well it is… there was a simple mistake I was making here that caused this as well.

Many of you setting this stuff up are likely logging in via SSH or using some kind of console session to access everything. In my case I was using SSH to access the host, then opening nano to get the URL required for 2FA setup

The issue I found was nano doesn’t make it very obvious if you’re seeing the end of a line or not – so the URL for setting up 2FA was actually extending beyond the boundary of the terminal session I was using.

I originally thought there may be a mismatch between the URL being generated and what got stored in the database, which is where I found the issue because I could see when using DB Browser for SQL Lite that what I had in the browser bar did’t match what was stored in the DB. I copied the key from the DB into the browser and then everything worked as normal.

Confused as to what was happening I decided to instead use the command tail to read the file instead of opening it with nano. This is as simple as

tail notification.txt

This will just dump the contents straight to the terminal and you can copy and paste it from there, in full length as it will split it over the lines instead of letting the text go beyond the end of a window.


If this thread was helpful for you please consider donating

Bitcoin: 14322nah4Jv6SRheoBN1KS8jemuPVhHc88
Ethereum: 0x7c6e97e80d66bfe74a70d763a0a5617890dc6463
Or via osko in Australia send to donnie@up.me