DerHammerclock Posts - Answer Overflow

DerHammerclock

Explore posts from servers

•Created by DerHammerclock on 9/2/2024 in #💬・get-help

[OIDC] Infinite redirects to homarr

I tried to setup OIDC with homarr with less than optimal success. The docs are sadly also either outdated or flat out wrong in some aspects For example AUTH_PROVIDER has to be oidc without quotation marks. Else homarr will complain that this method does not exist. Given the searched together configuration i found on this discord i have the following env vars defined now:

AUTH_PROVIDER=oidc
AUTH_OIDC_URI=https://auth.hammerclock.net
AUTH_OIDC_ISSUER=https://auth.hammerclock.net/application/o/homarr
AUTH_OIDC_CLIENT_SECRET=xxx
AUTH_OIDC_CLIENT_ID=xxx
AUTH_OIDC_CLIENT_NAME=Authentik
AUTH_OIDC_ADMIN_GROUP=admin
AUTH_OIDC_OWNER_GROUP=admin
NEXTAUTH_URL=https://homarr.hammerclock.net
NEXTAUTH_SECRET=xxx
BASE_URL=https://homarr.hammerclock.net

AUTH_PROVIDER=oidc
AUTH_OIDC_URI=https://auth.hammerclock.net
AUTH_OIDC_ISSUER=https://auth.hammerclock.net/application/o/homarr
AUTH_OIDC_CLIENT_SECRET=xxx
AUTH_OIDC_CLIENT_ID=xxx
AUTH_OIDC_CLIENT_NAME=Authentik
AUTH_OIDC_ADMIN_GROUP=admin
AUTH_OIDC_OWNER_GROUP=admin
NEXTAUTH_URL=https://homarr.hammerclock.net
NEXTAUTH_SECRET=xxx
BASE_URL=https://homarr.hammerclock.net

And the following Nix OCI Container setup:

{config, ...}: {
  age.secrets.homarr.file = ../../secrets/homarr.age; # This is the file containing the env vars

  virtualisation.oci-containers.containers.homarr = {
    image = "ghcr.io/ajnart/homarr:latest";
    ports = [
      "7575:7575"
    ];
    volumes = [
      "/var/run/docker.sock:/var/run/docker.sock"
      "/var/lib/homarr/configs:/app/data/configs"
      "/var/lib/homarr/icons:/app/public/icons"
      "/var/lib/homarr/data:/data"
    ];
    extraOptions = ["--pull=always"];
    environmentFiles = [
      config.age.secrets.homarr.path 
    ];
  };
}

{config, ...}: {
  age.secrets.homarr.file = ../../secrets/homarr.age; # This is the file containing the env vars

  virtualisation.oci-containers.containers.homarr = {
    image = "ghcr.io/ajnart/homarr:latest";
    ports = [
      "7575:7575"
    ];
    volumes = [
      "/var/run/docker.sock:/var/run/docker.sock"
      "/var/lib/homarr/configs:/app/data/configs"
      "/var/lib/homarr/icons:/app/public/icons"
      "/var/lib/homarr/data:/data"
    ];
    extraOptions = ["--pull=always"];
    environmentFiles = [
      config.age.secrets.homarr.path 
    ];
  };
}

If you go on to my site https://homarr.hammerclock.net you will see that it just infinitely redirects to itself. The logs spams the following error:

Sep 02 15:33:26 xenon docker-homarr-start[2179285]: [next-auth][error][SIGNIN_OAUTH_ERROR]
Sep 02 15:33:26 xenon docker-homarr-start[2179285]: https://next-auth.js.org/errors#signin_oauth_error expected 200 OK, got: 404 Not Found {
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   error: {
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:     message: 'expected 200 OK, got: 404 Not Found',
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:     stack: 'OPError: expected 200 OK, got: 404 Not Found\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at processResponse (/app/node_modules/openid-client/lib/helpers/process_response.js:41:11)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at Issuer.discover (/app/node_modules/openid-client/lib/issuer.js:152:20)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async openidClient (/app/node_modules/next-auth/core/lib/oauth/client.js:16:14)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async getAuthorizationUrl (/app/node_modules/next-auth/core/lib/oauth/authorization-url.js:70:18)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async Object.signin (/app/node_modules/next-auth/core/routes/signin.js:38:24)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async AuthHandler (/app/node_modules/next-auth/core/index.js:260:26)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async NextAuthApiHandler (/app/node_modules/next-auth/next/index.js:22:19)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async auth (/app/.next/server/pages/api/auth/[...nextauth].js:143:12)',
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:     name: 'OPError'
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   },
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   providerId: 'oidc',
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   message: 'expected 200 OK, got: 404 Not Found'
Sep 02 15:33:26 xenon docker-homarr-start[2179285]: }

Sep 02 15:33:26 xenon docker-homarr-start[2179285]: [next-auth][error][SIGNIN_OAUTH_ERROR]
Sep 02 15:33:26 xenon docker-homarr-start[2179285]: https://next-auth.js.org/errors#signin_oauth_error expected 200 OK, got: 404 Not Found {
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   error: {
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:     message: 'expected 200 OK, got: 404 Not Found',
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:     stack: 'OPError: expected 200 OK, got: 404 Not Found\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at processResponse (/app/node_modules/openid-client/lib/helpers/process_response.js:41:11)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at Issuer.discover (/app/node_modules/openid-client/lib/issuer.js:152:20)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async openidClient (/app/node_modules/next-auth/core/lib/oauth/client.js:16:14)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async getAuthorizationUrl (/app/node_modules/next-auth/core/lib/oauth/authorization-url.js:70:18)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async Object.signin (/app/node_modules/next-auth/core/routes/signin.js:38:24)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async AuthHandler (/app/node_modules/next-auth/core/index.js:260:26)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async NextAuthApiHandler (/app/node_modules/next-auth/next/index.js:22:19)\n' +
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:       '    at async auth (/app/.next/server/pages/api/auth/[...nextauth].js:143:12)',
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:     name: 'OPError'
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   },
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   providerId: 'oidc',
Sep 02 15:33:26 xenon docker-homarr-start[2179285]:   message: 'expected 200 OK, got: 404 Not Found'
Sep 02 15:33:26 xenon docker-homarr-start[2179285]: }

Also important to note: Homarr does not send a single request to my auth server... i literally stopped my Authentik instance and still had the exact same issue

24 replies

Gaming

Programming