Selfhosted

selfhosted@lemmy.world

(Group)

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam.
Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.
Don’t duplicate the full text of your blog or git here. Just post the link for folks to click.
Submission headline should match the article title.
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.
Questions? DM the mods!

lemmy

abeorch via Selfhosted

Tuesday, June 16, 2026, 8:00 AM

abeorch
Tuesday, June 16, 2026, 8:00 AM

New to Authentik - Challenges with getting my first application working

!Selfhosted - I'm new to #Authentik - I've just spun up a test instance and tried to connect my first application (#Postiz) but I'm kind of stuck.

I've installed both Postiz and Authentik using Docker Compose - as provided by the relevant apps.

As far as #Authentik goes it looks like its approving authentication requests (its showing successes in the GUI) but the application just returns to the login screen without progressing.

One thing that I found was that within the configuration of the Application and Provider one URL provided by Authentik is the /application/o/postiz/.well-known/openid-configuration which lists several URLs used by the application - one is /application/o/authorize/ but unlike all the others this returns a 404 error when I try to load it via the browser.

I am struggling to work out if - this URL should 404 should occur and also how to diagnose what the problem is.

I've popped messages in their relevant Discord forums but any ideas or input would be greatly appreciated - I'm figuring getting Authentik is going to be key to getting other applications going.

#authentik !Selfhosted

like this

Selfhosted reshared this.

in reply to abeorch

devaly

in reply to abeorch Tuesday, June 16, 2026, 9:25 AM

Any particular reason for Authentik? I found it very resource hungry and slow. PocketId on the other hand, is super lightweight and fast

like this

in reply to devaly

abeorch

in reply to devaly Tuesday, June 16, 2026, 9:33 AM

I really just went for the one that Postiz had suggested and had some template configurations for .. and it seemed to be one of the most used (oh and a friend had suggested it to )

mewtiful likes this.

Selfhosted reshared this.

in reply to devaly

abeorch

in reply to devaly Tuesday, June 16, 2026, 9:35 AM

Is it possible to use PocketID without Https if I am testing it internally ?

Selfhosted reshared this.

in reply to abeorch

devaly

in reply to abeorch Tuesday, June 16, 2026, 9:41 AM

nope, https only. Because pocket id uses web authn which requires encryption

This entry was edited (Tuesday, June 16, 2026, 9:41 AM)

like this

in reply to devaly

abeorch

in reply to devaly Tuesday, June 16, 2026, 9:46 AM

Ah ok .. it looks interesting.. I might need to push on with Authentik in the meantime just till I get more of an idea - It might also prove useful when I need to link to LDAP and Azure AD

like this

saddlebag doesn't like this.

Selfhosted reshared this.

in reply to abeorch

saddlebag

in reply to abeorch Tuesday, June 16, 2026, 11:22 AM

Pocket-id also supports ldap sync pocket-id.org/docs/configurati…

I tried Authentik then moved to Authelia and then to pocket-id. I found the first two unnecessarily complicated for selfhosting unless you want to specifically learn them.

Setting up https is quite straightforward, especially with caddy.

LDAP Integration | Pocket ID Docs

Connect Pocket ID to your LDAP server for user synchronization

^{Pocket ID}

devaly likes this.

in reply to devaly

Lovable Titty

in reply to devaly Wednesday, June 17, 2026, 8:08 AM

I feel the same, at least for a homelab. It's very feature rich though.

For that reason I switched to Keycloak. It seems a lot faster.

in reply to abeorch

dlsolo

in reply to abeorch Tuesday, June 16, 2026, 9:58 AM

I moved away from authentik for void-auth: github.com/voidauth/voidauth

Life is so much better...

GitHub - voidauth/voidauth: Single Sign-On for Your Self-Hosted Universe

Single Sign-On for Your Self-Hosted Universe. Contribute to voidauth/voidauth development by creating an account on GitHub.

^GitHub

like this

in reply to dlsolo

Starfighter

in reply to dlsolo Tuesday, June 16, 2026, 2:28 PM

If you don't mind me asking, what made you go with VoidAuth vs Authelia or something else entirely?

I'm in a similar boat as OP and while VoidAuth looks very promising I'm put off a little by the young age and size of the project.

This entry was edited (Tuesday, June 16, 2026, 2:29 PM)

like this

in reply to Starfighter

CHOPSTEEQ

in reply to Starfighter Tuesday, June 16, 2026, 4:17 PM

I tried literally every mature option and they all were ridiculously complicated or just straight didn’t work for me. Voidauth just works. One container. Does everything you need to offer SSO for your users, and secures apps that don’t use SSO just as easily with proxyauth.

like this

in reply to CHOPSTEEQ

dlsolo

in reply to CHOPSTEEQ Tuesday, June 16, 2026, 11:17 PM

This!

in reply to abeorch

Tolookah

in reply to abeorch Tuesday, June 16, 2026, 10:35 AM

If you are getting the authentik login screen and being redirected, it's either the redirect url not being right or the app itself not being configured for authentik.

Source: my limited knowledge with authentik and other apps.

in reply to abeorch

roofuskit

in reply to abeorch Tuesday, June 16, 2026, 10:52 AM

integrations.goauthentik.io/ap…

youtube.com/playlist?list=PLH7…

Everything you need is there. Authentik is fantastic.

Authentik Setup

Authentik configurations

^{Cooptonian (YouTube)}

like this

brewery doesn't like this.

in reply to abeorch

brewery

in reply to abeorch Tuesday, June 16, 2026, 4:09 PM

I have self hosted for years using Authentik and have 50 + services. Postiz has been one of the most challenging to spin up and maintain. The documentation is not up to date, the software is constantly changing and I had to tweak lots to get it to work. Even now, it seems to crash after a few days and haven't had the chance to investigate. All these posts I set up didn't go through and now if I turn it back on, it'll release them all in one go before I can get in to stop it, or have to revert to a fresh install...

The vast majority of services and not like this so don't get disheartened! Try some other ones first them come back to this when more experienced. I recommend Bento PDF, ConvertX, outline wiki, vikunja and immich (if you have the storage space).

At first, try to stick to software on Authentik's guides (integrations.goauthentik.io/). Once you do a few OIDC and forward proxy services you'll get the hang of it.

When I get a chance I'll share my docker compose SSO settings and authentik redirect uri that worked for me with the caveat that the software crashes for some reason.

Integrations overview | authentik

What is an integration?

^{integrations.goauthentik.io}

like this

in reply to brewery

abeorch

in reply to brewery Tuesday, June 16, 2026, 5:19 PM

Oh cheers. Yeah I think I need to test setting up another app to confirm whether its Authentik or Postiz. The other app I am looking at is an open source core banking system so I think I'll leave that one for a while and as you suggest try something more straight forward.

I'm keen to get Postiz working because I belong to a sailing club and its a time vacuum posting updates all over the place.

I'm interested do you you anything for social listening - I'd like to pull together a few social feeds from Twitter, Instal, Facebook and provide them to the few of us that are working on keeping the club's profile up.

sFencer09 likes this.

Selfhosted reshared this.

in reply to abeorch

abeorch

in reply to abeorch Wednesday, June 17, 2026, 1:40 PM

So .. I'm having a go at Mobilizon - but continuing to feel out of my depth - I may need a responsible adult

Selfhosted reshared this.

in reply to brewery

abeorch

in reply to brewery Wednesday, June 17, 2026, 4:49 PM

A specific question - Does your Authorise URL for Postiz return a 404 when you load it via a browser? Is it /application/o/authorize/ ? because that seems oddly non-specific for a specific application...

Selfhosted reshared this.

in reply to abeorch

abeorch

in reply to abeorch today, 7:43 AM

So an update. It turns out that all the issues were actually to do with Postiz rather than Authentic. - I tried installing a few other apps and linking them to Authentik but I ran into a few issues. Then I took Postiz and tried turning off the Atuthentik authentication and then just getting it to work with native user accounts. This initially didn't work - it turned out that there were a few issues.

1. The startup procedure for Poztiz actually left the backend API service not running properly. I had to run the docker compose, get all the other services running and then stop the postiz container specifically wait a bit more and then restart just that container. That got the API service running.

2. Because I was just running it internally I didn't have SSL certificates configured and was just using http - consequently I had to introduce NOT_SECURED: "true" into the environment section of the Postiz service in the compose file and then repeat the process above. This resolved a silent error in my browser where cookies used to manage the authenticated browser session were discarded because I wasn't using SSL.

So success at least getting Postiz running. I am now going to step back, reconfigure it for Authentic retry.

I am going to guess that these issues might be relevant if you are running Postiz behind a reverse proxy (I'm not sure if this is being done with the docker compose set-up). I possibly also need to look at how much memory and CPU I have on my test VM.

I've posted similar details in Postiz Discord. If anyone else is using #Postiz and would like to exchange notes - please do drop me a mention. Always good to have other people to talk to about these things and share notes.

#Postiz

Selfhosted reshared this.

⇧

abeorch via Selfhosted

abeorch Tuesday, June 16, 2026, 8:00 AM •

abeorch
Tuesday, June 16, 2026, 8:00 AM