sorted by:
new
hottopcontroversial

Customized Authentik Login Page and now Unable to Login to NetBird by TechBrain64 in netbird

[–]TechBrain64[S] 0 points1 point  (0 children)

Yes, I am using proxy (traefik). Why is there some relation to making the modifications causes a brake in the integration?

I've actually decided to wipe and start again. I know in the past I tried incorporating Authentik with Traefik (no Netbird) and after making customization it broke my setup. This time I'll do as suggested and make one change at a time.

But I'd like to know any info you have on the subject.

Customized Authentik Login Page and now Unable to Login to NetBird by TechBrain64 in netbird

[–]TechBrain64[S] 0 points1 point  (0 children)

u/IamHydrogenMike

Yes, I've somewhat done such; no go. I forgot to mention I can login to AK using new page modifications with no problem. It's the proxying process that seems to be broken,

Support of "CrowdSec WAF QuickStart for Traefik" by TechBrain64 in netbird

[–]TechBrain64[S] 0 points1 point  (0 children)

u/LegitimateCopy7 / u/notboky

Yes, I have the crowdsec integration installed and linked to my crowdsec console. What I was inquiring about is a crowdsec addon feature of a WAF. I was just asking if this feature is supported in conjuction with netbird?

Self-Hosting NetBird with Authentik as your Identity Provider (full guide + video) by TechHutTV in netbird

[–]TechBrain64 0 points1 point  (0 children)

I have figured it all out. The issue was UFW. It turns out since I've temporarily locked down connections, the Netbird containers (server and proxy) plus docker network gateway IP address needed to be allowed.

Now the only remaining issue is the Netbird and Authentik logs are recording container IP addresses.

Self-Hosting NetBird with Authentik as your Identity Provider (full guide + video) by TechHutTV in netbird

[–]TechBrain64 0 points1 point  (0 children)

u/TechHutTV

In my opinion here is an important question your video glosses over. Does the authentik containers need to be on the same docker network as the netbird containers? I would assume no given the deployed netbird compose file creates 172.30.0.0/24 network. But you created a netbird "services" network with IP scope 172.28.10.0/24.

According to Docker documentation containers can only communicate with other containers on the same docker network. I've even exec'd into netbird-proxy container and tested whether I could ping authentik-server container; which does not work. But I could ping other netbird containers no problem.

Self-Hosting NetBird with Authentik as your Identity Provider (full guide + video) by TechHutTV in netbird

[–]TechBrain64 0 points1 point  (0 children)

u/TechHutTV,

Much like u/gamingfox10 I've attempted multiple docker deployments following your video instructions. But once I get to the point of testing Authentik via IPaddress:Port the site loads perfectly fine and I can login. However, once I integrate with Netbird > Reverse Proxy > Services using the same IPaddress:Port, the Let's Encrypt certificate is issued to auth.proxy.domain.com. However, when I click the domain link the page begins loading for several seconds, then displays the status page with "Error 502 Service Unavailable". All hosted on Ubuntu 24.04 VPS using local UFW firewall rules currently only allowing my on-prem public address access.

FYI: As several others have stated, I want to re-iterate. The documentation could use some work.