I want to add a comment that I hope you can see as being constructive since you mentioned in a previous video that English is not your first language and that you are sometimes concerned about your pronunciation or word choice. As an American who barely speaks a little bit of a couple of other languages, I have always appreciated when people helped guide me so hopefully I can do that this one time for you. The word realm is pronounced like helm. Thanks for the awesome video!
So cool, I deployed Authentik one week ago and was playing around a little and now you come with this great video. Thanks for the "compose cleaning", I was not very comfortable doing it in the first place.
10/10 video! Legitimately has just about everything you would need to hit the ground running on authentik! Ive been using authelia for a while but have been wanting to play around with authentik to take advantage of OAUTH. Thanks for the awesome video!
This is the perfect amount of information for me, exactly what I need to get started and fast enough to not skip through things I already know. So good!
Thank you @Christian for another fantastic video. Just a note, if you goto Admin Console -> System -> Settings -> Allow users to change username. Don't have to really create another user and you can just rename the akadmin account to whatever you'd like. Thank you once again!
I really love Authentik. Its great and the only feature I can see it NEEDS is a mobile push MFA feature like Duo & MS Authenticator. I know there's a current workaround with Duo - but if Duo is needed I'd just do all of the auth there instead.
Hi, I don't know if it's just me or not, but I think you should explain what "frontend" and "backend" networks are. Because at the beginning (from you past videos) I thought they were some kind of docker built-in networks (due to having a very specific and standard name), but with time I realized that they are just two network you created. So maybe you should clarify what those networks are and why you use them the way you do. At least for beginners, it's not that obvious.
Hey Christian, wie immer großartig ;) Ich habe Authentik direkt in meinem Homelab in Kubernetes deployed und nutze es global für mein Homelab und habe es auch mit meinem Traefik Ingress Controller verbunden. Einfach nur genial. Aber die Doku von Authentik ist auch echt gut. Mach weiter so. Du hast mir schon in so vielen Fällen mit Deinen Videos geholfen
I love it.... its tea time. You just coined a new phrase for the channel. I have been waiting for you to create an Authentik video for a while now. Great video!
Ziemlich cool. Danke für das tolle Video! Es fällt allerdings in die Kategorie: "Nice to have". Da (m)ein Home Lab dem ständigen Wandel unterlegen ist, weiß ich nicht, ob das für mich wirklich Sinn macht. Vieles an Software ist allenfalls ein paar Monate oder ein halbes Jahr an laufen, bis ich auf die Idee komme, Systeme wieder neu aufzusetzen, die Software neu einzurichten und dann muss ich trotzdem ein Passwort-Manager haben, der mir die Admin-User abgesichert. Es wird nur zusätzliche Arbeit verursacht durch die doppelte Nutzerverwaltung. Das hat sehr viel mehr Sinn in Unternehmensumgebungen, wo IT-Abteilungen auch von frustrierten Mitarbeitern besetzt sind, denen man im Fall des Falles immer auf die Finger schauen/klopfen muss. Oder um Mitarbeiter zentral zu verwalten, was wiederum durchweg Anwendungen voraussetzt, die die genannten Auth-Provider unterstützt. Und Authentik darf bloß nicht kompromittiert werden oder ausfallen. Dann wird's lustig
@@christianlempa Dieses System muss erst noch erfunden werden 😅 Nein, Proxmox nutze ich nicht. Versuche so stromsparend wie möglich mein Home Lab zu gestalten, daher kommen derzeit nur zwei Raspi‘s 400 und ein MacBook Air 2019 zur Anwendung. Das MBA für etwas performantere Aufgaben. Vielleicht wäre auch das Thema Energiemanagement, Shelly‘s, Grafana und Co was für die nächsten Videos? 😃👍
@@christianlempa Habe meine Meinung geändert. Die Software ist echt genial. 🤩 Allerdings stehe ich noch vor einigen Problemen mit bestimmten Softwarelösungen.
Also ich habe mein NAS das letzte Mal vor 5 Jahren aufgesetzt, um von Ubuntu 20.04 oder 18.04 (weiß ich nicht mehr) auf 22.04 upzugraden. Ich hatte auch gleich neue Boot-Laufwerke und deshalb alles neu gemacht. Aber an sich würde authentik schon Sinn machen - ggf. mit LDAP o.ä.
I don't have any of this homelabs/infrastructures but definitively i'm into them 🤙🏼 Thank you so much for your videos they are so interesting and useful!
Awesome video , thank you! Btw , when you have docker or docker compose env variables and you want to name your container env variables the same as you want them set in your shell , you don't need to say i.e. MY_SUPER_VAR=$MY_SUPER_VAR ... you can just have - MY_SUPER_VAR and docker will pick up your shell variable with the same name if it's set for example services: test: image: nginx environment: - MY_TEST_VAR instead of services: test: image: nginx environment: - MY_TEST_VAR=$MY_TEST_VAR
@@alex.prodigy one reason though I might keep using the scheme is interpolation of environment variables, to catch errors or apply default values. which makes it easier for the tutorials and boilerplates.
@@christianlempa yep , no worries ... just figured many people don't know that docker compose can pick up env vars without doing MY_ENV_VAR=$MY_ENV_VAR
Thankyou for making this video. You've explained it more clearly than most other videos I've seen made. I feel like I'm ready to give authentik another go!
Personally, I haven’t found anything easier to setup than Caddy + Authelia for my small homelab (plus custom Tailscale domain login). I will give this a go some other time! Thank you
You can actually rename the default user, but you have to do so through the Directory interface, it's what I've done in my install. Other than that, great video and thank you!
Just beware that if you run your Authentik in the VM inside the Proxmox server and you forget your Proxmox root password (because you will not be using it), you might get into trouble when the VM running the Authentik fails.
@@christianlempa So I did it and it was something I should have done long ago. I trusted your gut and replaced my good old nginx with traefik as well. I was a bit hesitant at first, but it is really cool and it gets even more awesome when you figure out how it works. As for authentitk, I still have a couple of apps to configure but those I already took care of are working just great. Thanks a ton Christian! Keep the great stuff up!
Unbelievable, I would not worry about his accent. He speaks multiple languages in some Americans are doing good just to speak English. Well, his accent doesn’t bother me whatsoever and I like the information he provides now and his blog that the detail instructions on how to for us sometimes technically challenge individuals.😂😂😅
Awesome Video, thank you. This takes the fear of Auth-Providers from a lot of people. Great solution, well implemented and like always awesome presentation of this lovely peace of tech :)
How reliable can be Authentik comparing it with paid other services like Okta for example? it would be acceptable for big companies that would invest time in development and management of security tools of this solution is limited to private/small companies? I really like Authentik, I use it for personal purposes but I'm not confident about to suggest it for an Enterprise company.
Long time Okta/Auth0 user here.. Interesting how authentik say Okta doesn't support app proxy, LDAP or enrollment.. A few of the other vendor claims are questionable too... P.S - Great video
This is super useful - I've been trying to determine whether authentik is a good alternative to keycloak and I think the native proxy integration with traefik is invaluable - this was really good, thank you :)
Hi, did you manage to setup login to Sophos with authentik? I tried using LDAP for a while but unfortunately couldn't do it. Maybe I can learn from your experiences later. :D
I was also very confused by their documentation and trial and error with it so far. I've tried Jim's Garage and others but they seem to do things a bit different from what you do, which is more like my server setup as well. Appreciate your insight and guidiance
Nice vid. I thought you would make a video about Zitadel, which you mentioned in a previous video. Authentik seems fine, but Zitadel appears more modern and supports passkeys.
Amazing explanation for this great app! I've already set it up on my Kubernetes cluster and it is working great so far and I'm satisfied with it, but there is some work to be done, and the documentation is patchy in places. I noticed one more drawback which is that it starts up slowly. Perhaps it is due to the fact that it was built with Python (Django?), but not 100% sure. I can live with that.
What I miss from this kind of video is a brief comparison to other solution you may have presented previously. Like, "this solution is an alternative to xxx, and it's advantages are X and Y, and you may prefer xxx because it's simpler ...". Sometimes it's a bit hard to understand if this works with the other solutions or if it substitutes the other...
Cool. How would I integrate this to an already existing web app? I did only find examples of integrating services like Portainer yet in the docs. There would be a protected area behind a subdomain of our top level domain, where customers have to be logged in. At the unprotected toplevel domain pages I need to be able to look up if a user is authenticated, so I could load additional information like wishlist articles and similar data if that's the case. We want to implement SSO, so we could use the same authentication for multiple apps we own. Any hint which part of the docs I could look at for this? Or any articles I could read up?
Hello! Danke für all deine Videos und Tutorials, die sehr informativ und verständlich sind! Ich habe eine kurze Frage an dich, ich habe ein OMV NAS und möchte von außen darauf zugreifen, was rätst du mir, um es zu sichern? Danke
I've done some videos about VLANs in the past that show a bit of my current network structure: ua-cam.com/video/lhrlrvVZnII/v-deo.htmlsi=s7xwj3epwcnLqQsE
Hello sir, thinking about your Netbird tutorial have you thought about the advanced installation that allows you to use Authentic as the IdP? I am still continuing that journey as I need to work on alternate ports to use as the one out of the box are already consumed.
Just what I was searching for, thanks for the great content! One question, in the last example with the nginx container, do you need to re-authenticate with every request?
Great Video. I've setup our instance to pull users in from an LDAP source but I then want those user to use a separate Oauth Source to do their SSO authentication. Is that possible or does it make sense. Users can manually select to Connect to the Oauth source but I don't see a way to make this the default setting for those Imported LDAP users.
I tried to integrate proxmox. Created an OpenID provider, created an application, using this provider... Set the realm in proxmox, aaand... When i select my authentic realm for login in proxmox the OepnID redirect fails. "remote error: tls: unknown certificate authority" I guess it's something with the self signed authentik cert, but don't know how to avoid it.
@@The-Cat There is a possibility to configure it in that way, that you don't need 2fa for you local network, but if you access from the internet, 2fa is mandatory
Hi what feature is that at 25:53 it looks like some sort of autofill that uses your clipboard history? please tell me what application that is or how i can get that feature! thank you & great tutorial
@christianlempa, is it possible to use authentik with mariadb? How i can see there is ldap provider and mariadb has ldap authentication support. Is there a posibility to use OAuth or only this option is available now?
Hi there, great video. I recently saw your video on how you set up your vscode, but is there any chance you could share what theme/customizations you are using? I really like the transparent and clean look yours has but I didn't see it in that video.
Hey Christian, are you using Authentik to handle ssh authentication to linux servers? This way a user just needs to upload their public key to their Authentik profile?
You did a video on Dockge at one point. Is there a reason you didn't use it in this tutorial? This isn't criticism, I'm genuinely curious. Do you yourself simply not need it or are you just lowering the barrier for entry with Authentik? Great video as always, sir! 🙂
Actually, I'm not using it because I prefer using vscode for managing my containers. I also believe it's better for the tutorials to not rely on too many apps that some people might have, some others don't.
Hi thats for this can you show how you set up visual studio code to be able to open it so easily against different servers without having to set up an sftp.json
I love how you make building the compose file so simple. So many things I need to learn.
Thank you so much :)
I have no words, except the "Thank You!". Thank You!
🫶😊
Thanks Christian. Just added nodes to Wazuh and can't stop smiling. Traefik and Authentik are next. Really appreciate your work!
Nice! 👍
I want to add a comment that I hope you can see as being constructive since you mentioned in a previous video that English is not your first language and that you are sometimes concerned about your pronunciation or word choice. As an American who barely speaks a little bit of a couple of other languages, I have always appreciated when people helped guide me so hopefully I can do that this one time for you. The word realm is pronounced like helm. Thanks for the awesome video!
ok, thank you
jelm?
Have been waiting for a video like this for ages. Christian, you are my hero.
Haha amazing :D Glad you liked it
So cool, I deployed Authentik one week ago and was playing around a little and now you come with this great video. Thanks for the "compose cleaning", I was not very comfortable doing it in the first place.
Thanks 🙏
10/10 video! Legitimately has just about everything you would need to hit the ground running on authentik!
Ive been using authelia for a while but have been wanting to play around with authentik to take advantage of OAUTH. Thanks for the awesome video!
Haha thank you so much! :)
This is the perfect amount of information for me, exactly what I need to get started and fast enough to not skip through things I already know. So good!
Glad it was helpful!
Christian, danke für deine tollen Videos!
Informativ, nützlich und mit viel Enthusiasmus erklärt.
Super tolle Arbeit 😊
Vielen lieben Dank! ❤️
Thank you @Christian for another fantastic video. Just a note, if you goto Admin Console -> System -> Settings -> Allow users to change username. Don't have to really create another user and you can just rename the akadmin account to whatever you'd like. Thank you once again!
Great tip, thank you!
I really love Authentik. Its great and the only feature I can see it NEEDS is a mobile push MFA feature like Duo & MS Authenticator. I know there's a current workaround with Duo - but if Duo is needed I'd just do all of the auth there instead.
Push MfA is considered insecure nowadays as it may cause user fatigue and just hit approve request spams.
@@tuyenhoang5546 not with number challenge
Hi, I don't know if it's just me or not, but I think you should explain what "frontend" and "backend" networks are. Because at the beginning (from you past videos) I thought they were some kind of docker built-in networks (due to having a very specific and standard name), but with time I realized that they are just two network you created. So maybe you should clarify what those networks are and why you use them the way you do. At least for beginners, it's not that obvious.
I very much agree with this. For beginners like me it can be very confusing
Hey Christian, wie immer großartig ;)
Ich habe Authentik direkt in meinem Homelab in Kubernetes deployed und nutze es global für mein Homelab und habe es auch mit meinem Traefik Ingress Controller verbunden. Einfach nur genial. Aber die Doku von Authentik ist auch echt gut.
Mach weiter so. Du hast mir schon in so vielen Fällen mit Deinen Videos geholfen
Vielen Dank! Freut mich dass meine Videos dir helfen 🙏☺️
absolutely love authentik, glad you are covering it, its such a great product, and gets constant support and updates
It really is!
I love it.... its tea time. You just coined a new phrase for the channel. I have been waiting for you to create an Authentik video for a while now. Great video!
Thanks 😊
Ziemlich cool. Danke für das tolle Video! Es fällt allerdings in die Kategorie: "Nice to have". Da (m)ein Home Lab dem ständigen Wandel unterlegen ist, weiß ich nicht, ob das für mich wirklich Sinn macht. Vieles an Software ist allenfalls ein paar Monate oder ein halbes Jahr an laufen, bis ich auf die Idee komme, Systeme wieder neu aufzusetzen, die Software neu einzurichten und dann muss ich trotzdem ein Passwort-Manager haben, der mir die Admin-User abgesichert. Es wird nur zusätzliche Arbeit verursacht durch die doppelte Nutzerverwaltung. Das hat sehr viel mehr Sinn in Unternehmensumgebungen, wo IT-Abteilungen auch von frustrierten Mitarbeitern besetzt sind, denen man im Fall des Falles immer auf die Finger schauen/klopfen muss. Oder um Mitarbeiter zentral zu verwalten, was wiederum durchweg Anwendungen voraussetzt, die die genannten Auth-Provider unterstützt. Und Authentik darf bloß nicht kompromittiert werden oder ausfallen. Dann wird's lustig
Ay ay apoco si?
Vielen Dank :) vielleicht macht es ja Sinn für System, die du nicht häufig änderst wie z.B. Proxmox?
@@christianlempa Dieses System muss erst noch erfunden werden 😅 Nein, Proxmox nutze ich nicht. Versuche so stromsparend wie möglich mein Home Lab zu gestalten, daher kommen derzeit nur zwei Raspi‘s 400 und ein MacBook Air 2019 zur Anwendung. Das MBA für etwas performantere Aufgaben. Vielleicht wäre auch das Thema Energiemanagement, Shelly‘s, Grafana und Co was für die nächsten Videos? 😃👍
@@christianlempa Habe meine Meinung geändert. Die Software ist echt genial. 🤩 Allerdings stehe ich noch vor einigen Problemen mit bestimmten Softwarelösungen.
Also ich habe mein NAS das letzte Mal vor 5 Jahren aufgesetzt, um von Ubuntu 20.04 oder 18.04 (weiß ich nicht mehr) auf 22.04 upzugraden. Ich hatte auch gleich neue Boot-Laufwerke und deshalb alles neu gemacht. Aber an sich würde authentik schon Sinn machen - ggf. mit LDAP o.ä.
Thanks ! As usual this helped a lot. Would love to see the follow-up video about extended features like LDAP. Keep up the good work !
Awesome! Thank you
I´ve been waiting for this soooooo long! Thank you!
You’re welcome ☺️
I don't have any of this homelabs/infrastructures but definitively i'm into them 🤙🏼 Thank you so much for your videos they are so interesting and useful!
Thank you! Glad you enjoy them 😊
Awesome video , thank you!
Btw , when you have docker or docker compose env variables and you want to name your container env variables the same as you want them set in your shell , you don't need to say i.e. MY_SUPER_VAR=$MY_SUPER_VAR ... you can just have - MY_SUPER_VAR and docker will pick up your shell variable with the same name if it's set
for example
services:
test:
image: nginx
environment:
- MY_TEST_VAR
instead of
services:
test:
image: nginx
environment:
- MY_TEST_VAR=$MY_TEST_VAR
Thanks! :D Good tip
@@christianlempa it also works with .env file or other env_file
@@alex.prodigy one reason though I might keep using the scheme is interpolation of environment variables, to catch errors or apply default values. which makes it easier for the tutorials and boilerplates.
@@christianlempa yep , no worries ... just figured many people don't know that docker compose can pick up env vars without doing MY_ENV_VAR=$MY_ENV_VAR
Danke. Your videos are always welcomed, and so much to learn on a lot of topics.
Sehr gerne 😉
Thankyou for making this video. You've explained it more clearly than most other videos I've seen made. I feel like I'm ready to give authentik another go!
Thank you so much 😊 and good luck!
It does not work, I'm getting a Redirect error whan trying to login in proxmox login screen. Did not find anything helping in authentik doc
Personally, I haven’t found anything easier to setup than Caddy + Authelia for my small homelab (plus custom Tailscale domain login).
I will give this a go some other time! Thank you
You’re welcome! Let’s us know if you like it
Please do a video with keycloak, if possible.
This is just what i was searching for
Glad it helped ;)
Love your videos, just as I was looking for an authentication platform to use! Viel Dank Christian!
Thank you so much! :)
You can actually rename the default user, but you have to do so through the Directory interface, it's what I've done in my install. Other than that, great video and thank you!
Thanks for the tip!
De nuevo me sorprendes, gracias por tu dedicación!!!!!
Now this is super cool, just was thinking about it. Thanks!
Glad it was helpful!
If you already have cloudlfare setup on your domain, it also gives you similar setup. Easy to configure as well.
Just beware that if you run your Authentik in the VM inside the Proxmox server and you forget your Proxmox root password (because you will not be using it), you might get into trouble when the VM running the Authentik fails.
This sounds like its coming from personal experience 😂😂
Ah yes that would be terrible…
That's why I keep my authentic and proxmox passwords written down on a sticky note attached to the monitor attached to my KVM
Just use any secure pssword manager
I keep getting a “Not Found” page can’t figure out how to solve it
This looks great for a homelab, I just doubt it can fully compete with capabilities of the hybrid Active Directory I run at work.
This video is awesome! Convinced me to subscribe! Thanks, man!
Thank you! Welcome on board :D
Boah! Super Video!! Genau auf den Punkt, vielen Dank !!!!
Sehr gerne! Schön dass es dir gefällt ;)
learned a ton in this video. Thanks a lot. Have to try it myself now.
Thank you! Glad it was useful :)
great as always
Thanks :)
Just Great! FYI: You can remove default admin from authentik after you are admin and logged in.
Good tip! :D
Didn't have a chance to watch yet, but it sounds like just the thing I need, wanted to migrate out of keycloak anyway. Thanks!
Thank you! Hope you will find it useful
@@christianlempa So I did it and it was something I should have done long ago. I trusted your gut and replaced my good old nginx with traefik as well. I was a bit hesitant at first, but it is really cool and it gets even more awesome when you figure out how it works. As for authentitk, I still have a couple of apps to configure but those I already took care of are working just great. Thanks a ton Christian! Keep the great stuff up!
Unbelievable, I would not worry about his accent. He speaks multiple languages in some Americans are doing good just to speak English. Well, his accent doesn’t bother me whatsoever and I like the information he provides now and his blog that the detail instructions on how to for us sometimes technically challenge individuals.😂😂😅
This is a very good tutorial Christan !!!🙂
Glad you think so!
Awesome Video, thank you. This takes the fear of Auth-Providers from a lot of people. Great solution, well implemented and like always awesome presentation of this lovely peace of tech :)
Thanks for watching 🫶
Amazing! I can have a Heimdall like dashboard, and auto login? Fantastic. Thanks for the great video!
Thanks! :D
Great demo as always. Love your videos.
Thanks so much!
I get a 505 error when doing this with proxmox open id
at 5 seconds what is on the screen? an advanced HTOP???
btop probably
It's called "Bottom"
You are the GOAT! Great video.. thanks
How reliable can be Authentik comparing it with paid other services like Okta for example? it would be acceptable for big companies that would invest time in development and management of security tools of this solution is limited to private/small companies? I really like Authentik, I use it for personal purposes but I'm not confident about to suggest it for an Enterprise company.
Long time Okta/Auth0 user here.. Interesting how authentik say Okta doesn't support app proxy, LDAP or enrollment.. A few of the other vendor claims are questionable too... P.S - Great video
This is super useful - I've been trying to determine whether authentik is a good alternative to keycloak and I think the native proxy integration with traefik is invaluable - this was really good, thank you :)
Thank you so much! :D
Hi, did you manage to setup login to Sophos with authentik? I tried using LDAP for a while but unfortunately couldn't do it. Maybe I can learn from your experiences later. :D
Not yet, but I'm currently looking into it! There will be a follow up video at some point :)
Fantastic video as always 👍
Also, thats another service to add to my list...
Thank you so much!
Great video again Christian.. I Also noticed the cool keyboard on your desk, wanna share which one it is?
Nice :D I'm using a Keychron keyboard, however, I'm not all satisfied with it, ... maybe I'll switch to another one at some point :)
Amazing video. Thank you!
Glad you liked it!
Thanks for the demo and info, have a great day
Awesome! Thanks :)
Nice video! A comparison against keycloak would be awesome.
Thanks for the idea! Not sure if I will have the time soon to check out another IdP though :(
Amazing video thank you so much for putting this together, was there a follow up vid?
Thank you buddy! Not yet but I’m working on a follow up
Cool. Thank you, Christian.
Thank you !
I was also very confused by their documentation and trial and error with it so far. I've tried Jim's Garage and others but they seem to do things a bit different from what you do, which is more like my server setup as well. Appreciate your insight and guidiance
Thank you :) glad you liked my video more
Nice vid.
I thought you would make a video about Zitadel, which you mentioned in a previous video. Authentik seems fine, but Zitadel appears more modern and supports passkeys.
I had a couple of issues with Zitadel, and to me, authentik seems better. Maybe I'll take a look at some point
Amazing Chris! Thanks for sharing
Glad you enjoyed it!
Amazing explanation for this great app! I've already set it up on my Kubernetes cluster and it is working great so far and I'm satisfied with it, but there is some work to be done, and the documentation is patchy in places. I noticed one more drawback which is that it starts up slowly. Perhaps it is due to the fact that it was built with Python (Django?), but not 100% sure. I can live with that.
Great to hear!Thank you :)
This is the reason for groups Right?
So you can create an admin group or user group on every system and just add them in your idp
Hi Christian, sorry where is the documentation and links, can't find it anywhere in the description or your Github?
Sry, added it to the description
Nice video! Thank you for this job!
Thanks!
Great video, as always!
Thanks 😊
Great quality video. Thanks!
Thanks!
What I miss from this kind of video is a brief comparison to other solution you may have presented previously. Like, "this solution is an alternative to xxx, and it's advantages are X and Y, and you may prefer xxx because it's simpler ...". Sometimes it's a bit hard to understand if this works with the other solutions or if it substitutes the other...
Good point, I will include such a thing into my new videos ;)
how would you use this with Obsidian's docker container?
WoW! Great Vid... nicely done!
Thank you so much 😊
Super helpful, as always!!
Thank you so much 😊
Great video. I know everyone's needs are different, but I'd love to get a copy of your modified docker compose file.
You can find a good template on my boilerplates repo, check out my GitHub profile ;)
Cool. How would I integrate this to an already existing web app?
I did only find examples of integrating services like Portainer yet in the docs.
There would be a protected area behind a subdomain of our top level domain, where customers have to be logged in.
At the unprotected toplevel domain pages I need to be able to look up if a user is authenticated, so I could load additional information like wishlist articles and similar data if that's the case.
We want to implement SSO, so we could use the same authentication for multiple apps we own.
Any hint which part of the docs I could look at for this?
Or any articles I could read up?
i really should consolidate somehow my 4 docker instances in a single network so i can utilize cool stuff like this
Oh yes :D
Hello!
Danke für all deine Videos und Tutorials, die sehr informativ und verständlich sind!
Ich habe eine kurze Frage an dich, ich habe ein OMV NAS und möchte von außen darauf zugreifen, was rätst du mir, um es zu sichern?
Danke
@Chris it could have been nice if you share a diagram of your docker network and explained it a bit. Or do you have a video to this extent
I've done some videos about VLANs in the past that show a bit of my current network structure: ua-cam.com/video/lhrlrvVZnII/v-deo.htmlsi=s7xwj3epwcnLqQsE
@@christianlempa thanks I will take a look
nice work! Can you make a video about zerotier ?
Hm, maybe, but not anywhere soon. I'll add it to my list ;)
Hello sir, thinking about your Netbird tutorial have you thought about the advanced installation that allows you to use Authentic as the IdP? I am still continuing that journey as I need to work on alternate ports to use as the one out of the box are already consumed.
Just what I was searching for, thanks for the great content! One question, in the last example with the nginx container, do you need to re-authenticate with every request?
No, you can configure the session lifetime in authentik, only if the authentik session expires, you need to re-authenticate
Great Video. I've setup our instance to pull users in from an LDAP source but I then want those user to use a separate Oauth Source to do their SSO authentication. Is that possible or does it make sense. Users can manually select to Connect to the Oauth source but I don't see a way to make this the default setting for those Imported LDAP users.
Ibreally want to know more about your way of connecting vscode to remote servers
I tried to integrate proxmox. Created an OpenID provider, created an application, using this provider... Set the realm in proxmox, aaand... When i select my authentic realm for login in proxmox the OepnID redirect fails. "remote error: tls: unknown certificate authority"
I guess it's something with the self signed authentik cert, but don't know how to avoid it.
I want to use this for Jellyfin but when i use this i can't access my jellyfin server via android or desktop Jellyfin client app. What can i do?
Is it possible with authentik, to secure for example some services with and some without 2fa?
Good question, if you happen to know the answer please let me know cause it's hard to have my wife deal with 2fa
@@The-Cat There is a possibility to configure it in that way, that you don't need 2fa for you local network, but if you access from the internet, 2fa is mandatory
@@kurt_hansen thank you so very much 👍🏾👍🏾💯
Hail Cooptonian!
Hi what feature is that at 25:53 it looks like some sort of autofill that uses your clipboard history? please tell me what application that is or how i can get that feature! thank you & great tutorial
Thanks, this comes from my password manager 1password
Which of your videos has the setup of your networks? (Frontend & Backend)
I’ve covered it in my docker network tutorial, it’s basically just 2 bridge networks that I use for enabling dns resolving
@christianlempa, is it possible to use authentik with mariadb? How i can see there is ldap provider and mariadb has ldap authentication support. Is there a posibility to use OAuth or only this option is available now?
Hi there, great video. I recently saw your video on how you set up your vscode, but is there any chance you could share what theme/customizations you are using? I really like the transparent and clean look yours has but I didn't see it in that video.
I'm using my own theme "The Digital Life", hope to give it an update at some point
Hey, awesome video!
Hey, thanks!
this is awesome. Nice share!
Thank you! Cheers!
I had one more question. What are you using for your IDE in this video for ssh and development of the yaml?
vscode
Could you share your thoughts about Keycloak?
I haven't tried it out yet
Hey Christian, are you using Authentik to handle ssh authentication to linux servers? This way a user just needs to upload their public key to their Authentik profile?
How does a competitive to guacamole?
Do you think it could be used to provide MFA to a Microsoft Remote Desktop Gateway?
No idea,🤷♂️, I know that authentik enterprise does RDP but not tried it yet
You did a video on Dockge at one point. Is there a reason you didn't use it in this tutorial? This isn't criticism, I'm genuinely curious. Do you yourself simply not need it or are you just lowering the barrier for entry with Authentik?
Great video as always, sir! 🙂
Actually, I'm not using it because I prefer using vscode for managing my containers. I also believe it's better for the tutorials to not rely on too many apps that some people might have, some others don't.
@@christianlempaThat makes sense. Thank you for taking the time!
Aber was wenn die demo app am ende selbst auch noch mal einen custom email-pass-login hat? Lässt sich der jwt dort "injecten"?
Den fall hab ich noch nicht gehabt, daher kann ich leider dazu nichts sagen
Hi thats for this
can you show how you set up visual studio code to be able to open it so easily against different servers without having to set up an sftp.json
I've recently made a video about it, check it out: ua-cam.com/video/huiQd2QojXY/v-deo.html&