trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

website/docs: start troubleshooting page for forward auth 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-06-21 22:26:17 +02:00
parent 29b0eae43f
commit 6a4efaecb0
3 changed files with 78 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
website/docs/troubleshooting/forward_auth/general.mdx Normal file
View File

@ -0,0 +1,62 @@
---
title: General troubleshooting steps
---
import Tabs from "@theme/Tabs";
import TabItem from "@theme/TabItem";
## Set the log level to TRACE
Setting the log level to trace configures the outpost to trace-log all the headers given in forward auth requests.
This is helpful to confirm that certain required Headers are correctly forwarded from the reverse proxy.
### When using the embedded Outpost
Set the authentik log level to `TRACE`:
<Tabs
groupId="platform"
defaultValue="docker-compose"
values={[
{label: 'docker-compose', value: 'docker-compose'},
{label: 'Kubernetes', value: 'kubernetes'},
]}>
<TabItem value="docker-compose">
Add the following block to your `.env` file:
```shell
AUTHENTIK_LOG_LEVEL=trace
```
Afterwards, run `docker-compose up -d`.
</TabItem>
<TabItem value="kubernetes">
Add the following block to your `values.yml` file:
```yaml
authentik:
log_level: trace
```
Afterwards, upgrade helm release.
</TabItem>
</Tabs>
### When using a standard outpost
Edit the outpost settings and set `log_level: trace`. This setting should propagate to the outpost instances within a couple seconds.
## Ensure `/outpost.goauthentik.io` is accessible
Everything under `/outpost.goauthentik.io` should be publicly accessible, as URLs under this path are used for authentication.
To check this, run `curl -v https://app.company/outpost.goauthentik.io/ping`. A correct setup should contain output looking like this:
```
[...]
< HTTP/2 204
[...]
```

6
website/docusaurus.config.js
View File

@ -48,14 +48,16 @@ module.exports = {
}, },
{ {
type: "dropdown", type: "dropdown",
label: `Version ${latestVersion}`, label: `Version: latest`,
position: "right", position: "right",
items: releases.map((release) => { items: releases.map((release) => {
const subdomain = release const subdomain = release
.replace("releases/v", "") .replace("releases/v", "")
.replace(".", "-"); .replace(".", "-");
const label =
"Version: " + release.replace("releases/", "");
return { return {
label: release.replace("releases/", ""), label: label,
href: `https://version-${subdomain}.goauthentik.io`, href: `https://version-${subdomain}.goauthentik.io`,
}; };
}), }),

12
website/sidebars.js
View File

@ -241,6 +241,18 @@ module.exports = {
description: "Troubleshooting various issues", description: "Troubleshooting various issues",
}, },
items: [ items: [
{
type: "category",
label: "Forward auth",
items: ["troubleshooting/forward_auth/general"],
link: {
type: "generated-index",
title: "Forward auth troubleshooting",
slug: "troubleshooting/forward_auth",
description:
"Steps to help debug forward auth setups with various reverse proxies.",
},
},
"troubleshooting/access", "troubleshooting/access",
"troubleshooting/emails", "troubleshooting/emails",
"troubleshooting/login", "troubleshooting/login",