Homarr•17mo ago

Authentik OIDC - Internal Server Error

Constantly getting an Internal Server Error on OIDC with Authentik. I've dug through some of the GitHub issues as well as the threads here and can't seem to get past the block. Any help is appreciated!

Symptoms:

Navigating to admin.domain.tld (where Homarr is surfaced through Nginx) worked get with credential auth. Switching to OIDC: Gray screen with "Internal Server Error" no matter the different configurations I've tried.
Logs state "Invalid URL" on both NEXTAUTH_URL and AUTH_OIDC_URI (have tried numerous variations of these)

Redirect URI in Authentik: https://admin.domain.tld/api/auth/callback/oidc (also tried this as auth.)

Current Compose:

homarr:
    container_name: homarr
    image: ghcr.io/ajnart/homarr:0.15.3
    volumes:
      - ${CONTAINER_FOLDER}/homarr/configs:/data/configs
      - ${CONTAINER_FOLDER}/homarr/icons:/app/public/icons
      - ${CONTAINER_FOLDER}/homarr/data:/data
      - ${CONTAINER_FOLDER}/graphics:/app/public/graphics
    ports:
      - '7575:7575'
    environment:
      - AUTH_PROVIDER=oidc
      - BASE_URL="admin.domain.tld"
      - NEXTAUTH_URL="admin.domain.tld"
      - AUTH_OIDC_URI="https://auth.domain.tld/application/o/homarr" # Have also tried admin. here instead of auth.
      - AUTH_OIDC_CLIENT_ID="ID"
      - AUTH_OIDC_CLIENT_SECRET="SECRET"
      - AUTH_OIDC_CLIENT_NAME="AUTHENTIK"
      - AUTH_OIDC_ADMIN_GROUP="authentik Admin"
      - AUTH_OIDC_OWNER_GROUP="authentik Admin" 
      - AUTH_OIDC_AUTO_LOGIN=true
    networks:
      - frontend
    restart: unless-stopped

homarr:
    container_name: homarr
    image: ghcr.io/ajnart/homarr:0.15.3
    volumes:
      - ${CONTAINER_FOLDER}/homarr/configs:/data/configs
      - ${CONTAINER_FOLDER}/homarr/icons:/app/public/icons
      - ${CONTAINER_FOLDER}/homarr/data:/data
      - ${CONTAINER_FOLDER}/graphics:/app/public/graphics
    ports:
      - '7575:7575'
    environment:
      - AUTH_PROVIDER=oidc
      - BASE_URL="admin.domain.tld"
      - NEXTAUTH_URL="admin.domain.tld"
      - AUTH_OIDC_URI="https://auth.domain.tld/application/o/homarr" # Have also tried admin. here instead of auth.
      - AUTH_OIDC_CLIENT_ID="ID"
      - AUTH_OIDC_CLIENT_SECRET="SECRET"
      - AUTH_OIDC_CLIENT_NAME="AUTHENTIK"
      - AUTH_OIDC_ADMIN_GROUP="authentik Admin"
      - AUTH_OIDC_OWNER_GROUP="authentik Admin" 
      - AUTH_OIDC_AUTO_LOGIN=true
    networks:
      - frontend
    restart: unless-stopped

homarr:
    container_name: homarr
    image: ghcr.io/ajnart/homarr:0.15.3
    volumes:
      - ${CONTAINER_FOLDER}/homarr/configs:/data/configs
      - ${CONTAINER_FOLDER}/homarr/icons:/app/public/icons
      - ${CONTAINER_FOLDER}/homarr/data:/data
      - ${CONTAINER_FOLDER}/graphics:/app/public/graphics
    ports:
      - '7575:7575'
    environment:
      - AUTH_PROVIDER=oidc
      - BASE_URL="admin.domain.tld"
      - NEXTAUTH_URL="admin.domain.tld"
      - AUTH_OIDC_URI="https://auth.domain.tld/application/o/homarr" # Have also tried admin. here instead of auth.
      - AUTH_OIDC_CLIENT_ID="ID"
      - AUTH_OIDC_CLIENT_SECRET="SECRET"
      - AUTH_OIDC_CLIENT_NAME="AUTHENTIK"
      - AUTH_OIDC_ADMIN_GROUP="authentik Admin"
      - AUTH_OIDC_OWNER_GROUP="authentik Admin" 
      - AUTH_OIDC_AUTO_LOGIN=true
    networks:
      - frontend
    restart: unless-stopped

homarr:
    container_name: homarr
    image: ghcr.io/ajnart/homarr:0.15.3
    volumes:
      - ${CONTAINER_FOLDER}/homarr/configs:/data/configs
      - ${CONTAINER_FOLDER}/homarr/icons:/app/public/icons
      - ${CONTAINER_FOLDER}/homarr/data:/data
      - ${CONTAINER_FOLDER}/graphics:/app/public/graphics
    ports:
      - '7575:7575'
    environment:
      - AUTH_PROVIDER=oidc
      - BASE_URL="admin.domain.tld"
      - NEXTAUTH_URL="admin.domain.tld"
      - AUTH_OIDC_URI="https://auth.domain.tld/application/o/homarr" # Have also tried admin. here instead of auth.
      - AUTH_OIDC_CLIENT_ID="ID"
      - AUTH_OIDC_CLIENT_SECRET="SECRET"
      - AUTH_OIDC_CLIENT_NAME="AUTHENTIK"
      - AUTH_OIDC_ADMIN_GROUP="authentik Admin"
      - AUTH_OIDC_OWNER_GROUP="authentik Admin" 
      - AUTH_OIDC_AUTO_LOGIN=true
    networks:
      - frontend
    restart: unless-stopped

Example Log Errors:

❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }
❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }

❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }
❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }

❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }
❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }

❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }
❌ Invalid environment variables: { NEXTAUTH_URL: [ 'Invalid url' ], AUTH_OIDC_URI: [ 'Invalid url' ] }

Error: connect ECONNREFUSED IP:36703
    at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1571:16) {
  errno: -111,
  code: 'ECONNREFUSED',
  syscall: 'connect',
  address: 'IP',
  port: 36703
}

Error: connect ECONNREFUSED IP:36703
    at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1571:16) {
  errno: -111,
  code: 'ECONNREFUSED',
  syscall: 'connect',
  address: 'IP',
  port: 36703
}

Error: connect ECONNREFUSED IP:36703
    at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1571:16) {
  errno: -111,
  code: 'ECONNREFUSED',
  syscall: 'connect',
  address: 'IP',
  port: 36703
}

Error: connect ECONNREFUSED IP:36703
    at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1571:16) {
  errno: -111,
  code: 'ECONNREFUSED',
  syscall: 'connect',
  address: 'IP',
  port: 36703
}

Authentik OIDC - Internal Server Error

Similar Threads

Similar Threads

Similar Threads