Self Hosted - Self-hosting your services.

12490 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

No harassment
crossposts from c/Open Source & c/docker & related may be allowed, depending on context
Video Promoting is allowed if is within the topic.
No spamming.
Stay friendly.
Follow the lemmy.ml instance rules.
Tag your post. (Read under)

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.

Cross-posting

[email protected] is allowed!
[email protected] is allowed!
[email protected] is allowed!
[email protected] is allowed if topic has to do with selfhosting.
[email protected] is allowed!

If you see a rule-breaker please DM the mods!

founded 3 years ago

MODERATORS

[email protected]

Hi everyone, (allovertheplace.ca)

submitted 2 weeks ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

Hi everyone,

I'm encountering an issue with my self-hosted setup using Caddy 2.9.1 and Authelia 4.38.19. All domains except auth.laniecarmelo.tech return a 401 Unauthorized error. Journald logs suggest issues with insecure schemes ('') instead of https or wss.

Details:

Setup: Caddy as reverse proxy, Authelia for authentication
Domains: AdGuard Home, Forgejo, LinkAce, MiniFlux, TheLounge, Homepage, Beszel, Glances, Uptime Kuma, Tandoor Recipes, BookStack, Watchtower, Portainer
Logs:
Authelia:
Feb 24 21:01:47 stormux authelia[2932]: level=error msg="Target URL '/' has an insecure scheme '', only 'https' and 'wss' are supported"Caddy:
Feb 24 21:19:41 stormux caddy[48845]: {"msg":"handled request","method":"GET","host":"adguard.laniecarmelo.tech","status":200}

Configurations:

Full Caddyfile and Authelia config: GitHub Gist

Curl Output:

HTTP Request:

$ curl home.laniecarmelo.tech -v< HTTP/1.1 308 Permanent Redirect< Location: https://home.laniecarmelo.tech/

HTTPS Request:

$ curl https://home.laniecarmelo.tech/ -v< HTTP/2 401 < content-type: text/plain; charset=utf-8< server: Caddy401 Unauthorized

Does anyone know what might be causing this? I suspect it could be related to forward_auth or trusted proxies.

Thanks in advance! 🙏

#SelfHosting #CaddyServer #Authelia #ReverseProxy #TechHelp #Linux #HomeLab
@selfhost @selfhosting @selfhosted

top 2 comments

sorted by: hot top controversial new old

[–] [email protected] 2 points 2 weeks ago

Target URL '/' has an insecure scheme '', only 'https' and 'wss' are supported

Have you tried using a supported scheme in the target URL?

[–] [email protected] 0 points 2 weeks ago

@selfhost @selfhosting @selfhosted Got help on #IRC. Trick was to move trusted_proxies out of site blocks and into a global servers block and use uri /api/authz/forward-auth
instead of uri /api/verify.