Authelia is a powerful and flexible authentication server that provides secure authentication for your web applications. In this tutorial, we will show you how to install and configure Authelia on nixOS latest.
Before we proceed, let's ensure that you have the following prerequisites:
First, let's install the Authelia binary package from the nixpkgs repository using the following command:
$ sudo nix-env -i authelia
After installation, create the configuration file for Authelia by running the following command:
$ sudo mkdir -p /etc/authelia
$ sudo nano /etc/authelia/configuration.yml
Paste the following configuration into the file:
listen_address: 0.0.0.0:9091
log_level: info
jwt_secret: my-jwt-secret
ldap:
url: ldaps://example.com:636
user_dn: cn=admin,dc=example,dc=com
user_password: my-secret-bind-password
base_dn: 'ou=users,dc=example,dc=com'
filter: (uid={0})
session:
domain: example.com
name: AUTH_SESSION_ID
expiration: 3600s
storage:
mysql:
host: localhost:3306
username: my-mysql-user
password: my-mysql-password
database: authelia
notifiers:
smtp:
enabled: true
host: smtp.example.com:587
from: noreply@example.com
username: smtp-user
password: smtp-password
Note: In this example, we are using LDAP for user authentication, MySQL for storing user data, and SMTP for sending email notifications. You may replace these with your preferred options.
Next, let's create a service for Authelia by running the following command:
$ sudo nano /etc/nixos/configuration.nix
Add the following code to the end of the configuration file:
services.authelia = {
enable = true;
configFile = "/etc/authelia/configuration.yml";
package.enable = true;
};
Save and close the configuration file.
Apply the changes by running the following command:
$ sudo nixos-rebuild switch
This will rebuild and activate the nixOS system with the new Authelia service.
You can test that Authelia is running correctly by opening a web browser and navigating to:
https://auth.example.com:9091
Replace auth.example.com with your domain name.
You should see the Authelia login screen. Enter your LDAP username and password to log in.
Once logged in, you can configure Authelia to work with your web applications.
Congratulations! You have successfully installed Authelia on nixOS Latest.
If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!
Alternatively, for the best virtual desktop, try Shells!
