Authelia script issue YOUR_AUTHELIA_URL #1202

New Issue

OVERLORD · 2026-02-04T23:38:44+03:00

OVERLORD commented

2026-02-04 23:38:44 +03:00

Originally created by @Aareon on GitHub (Jul 1, 2025).

✅ Have you read and understood the above guidelines?

yes

📜 What is the name of the script you are using?

Authelia

📂 What was the exact command used to execute the script?

bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/authelia.sh)"

⚙️ What settings are you using?

Default Settings
Advanced Settings

🖥️ Which Linux distribution are you using?

Debian 12

📝 Provide a clear and concise description of the issue.

After installation and specification of domain name, placeholder text is not replaced with actual URL. See "error" output

🔄 Steps to reproduce the issue.

Install via script, use default settings, set domain name, complete installation

❌ Paste the full error output (if available).

    ___         __  __         ___      
   /   | __  __/ /_/ /_  ___  / (_)___ _
  / /| |/ / / / __/ __ \/ _ \/ / / __ `/
 / ___ / /_/ / /_/ / / /  __/ / / /_/ / 
/_/  |_\__,_/\__/_/ /_/\___/_/_/\__,_/  
                                        
  ⚙️  Using Default Settings on node <redacted node name>
  🖥️  Operating System: debian
  🌟  Version: 12
  📦  Container Type: Unprivileged
  💾  Disk Size: 2 GB
  🧠  CPU Cores: 1
  🛠️  RAM Size: 512 MiB
  🆔  Container ID: 108
  🚀  Creating a Authelia LXC using the above default settings
  
  ✔️   Using local for Template Storage.
  ✔️   Using local-lvm for Container Storage.
  ✔️   Cluster is quorate
  ✔️   LXC Template List Updated
  ✔️   LXC Template 'debian-12-standard_12.7-1_amd64.tar.zst' is ready to use.
  ✔️   LXC Container 108 was successfully created.
  ✔️   Started LXC Container
  ✔️   Customized LXC Container
  ✔️   Set up Container OS
  ✔️   Network Connected: <redacted IP> 
  ✔️   IPv4 Internet Connected
  ✖️   IPv6 Internet Not Connected
  ✔️   GitHub DNS: github.com:(✔️ ) raw.githubusercontent.com:(✔️ ) api.github.com:(✔️ )
  ✔️   Updated Container OS
  ✔️   Install Authelia completed
      Enter your domain (ex. example.com): <redacted domain name>
  ✔️   Authelia Setup completed
  ✔️   Customized Container
  ✔️   Cleaned
  ✔️   Completed Successfully!

  🚀  Authelia setup has been successfully initialized!
  💡   Access it using the following URL:
    🌐  https://YOUR_AUTHELIA_URL

🖼️ Additional context (optional).

No response

Originally created by @Aareon on GitHub (Jul 1, 2025). ### ✅ Have you read and understood the above guidelines? yes ### 📜 What is the name of the script you are using? Authelia ### 📂 What was the exact command used to execute the script? bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/authelia.sh)" ### ⚙️ What settings are you using? - [x] Default Settings - [ ] Advanced Settings ### 🖥️ Which Linux distribution are you using? Debian 12 ### 📝 Provide a clear and concise description of the issue. After installation and specification of domain name, placeholder text is not replaced with actual URL. See "error" output ### 🔄 Steps to reproduce the issue. Install via script, use default settings, set domain name, complete installation ### ❌ Paste the full error output (if available). ``` ___ __ __ ___ / | __ __/ /_/ /_ ___ / (_)___ _ / /| |/ / / / __/ __ \/ _ \/ / / __ `/ / ___ / /_/ / /_/ / / / __/ / / /_/ / /_/ |_\__,_/\__/_/ /_/\___/_/_/\__,_/ ⚙️ Using Default Settings on node <redacted node name> 🖥️ Operating System: debian 🌟 Version: 12 📦 Container Type: Unprivileged 💾 Disk Size: 2 GB 🧠 CPU Cores: 1 🛠️ RAM Size: 512 MiB 🆔 Container ID: 108 🚀 Creating a Authelia LXC using the above default settings ✔️ Using local for Template Storage. ✔️ Using local-lvm for Container Storage. ✔️ Cluster is quorate ✔️ LXC Template List Updated ✔️ LXC Template 'debian-12-standard_12.7-1_amd64.tar.zst' is ready to use. ✔️ LXC Container 108 was successfully created. ✔️ Started LXC Container ✔️ Customized LXC Container ✔️ Set up Container OS ✔️ Network Connected: <redacted IP> ✔️ IPv4 Internet Connected ✖️ IPv6 Internet Not Connected ✔️ GitHub DNS: github.com:(✔️ ) raw.githubusercontent.com:(✔️ ) api.github.com:(✔️ ) ✔️ Updated Container OS ✔️ Install Authelia completed Enter your domain (ex. example.com): <redacted domain name> ✔️ Authelia Setup completed ✔️ Customized Container ✔️ Cleaned ✔️ Completed Successfully! 🚀 Authelia setup has been successfully initialized! 💡 Access it using the following URL: 🌐 https://YOUR_AUTHELIA_URL ``` ### 🖼️ Additional context (optional). _No response_

OVERLORD added the bug label 2026-02-04 23:38:44 +03:00

OVERLORD closed this issue

2026-02-04 23:38:46 +03:00

OVERLORD commented

2026-02-04 23:38:54 +03:00

@MickLesk commented on GitHub (Jul 1, 2025):

Thats not an Issue, this part of Message are from the ct.sh, that dont have access to install.sh, so we output an static text for every user

@MickLesk commented on GitHub (Jul 1, 2025): Thats not an Issue, this part of Message are from the ct.sh, that dont have access to install.sh, so we output an static text for every user

OVERLORD commented

2026-02-04 23:38:57 +03:00

@tremor021 commented on GitHub (Jul 1, 2025):

Authelia must use HTTPS/reverse proxy so YOUR_AUTHELIA_URL is what you entered as your domain in the installation step.

Authelia URL will be https://auth.YOURDOMAIN, f.ex https://auth.example.com

@tremor021 commented on GitHub (Jul 1, 2025): Authelia must use HTTPS/reverse proxy so YOUR_AUTHELIA_URL is what you entered as your domain in the installation step. Authelia URL will be `https://auth.YOURDOMAIN`, f.ex `https://auth.example.com`

OVERLORD commented

2026-02-04 23:39:01 +03:00

@Aareon commented on GitHub (Jul 1, 2025):

Thanks team, I was able to get Traefik to point to it with some fiddling. For anyone in the future questioning how to get it working, here's my authelia config for traefik

root@traefik:~# cat /etc/traefik/conf.d/authelia.yml 
# Traefik Dynamic Configuration for Authelia
# Save this as: /etc/traefik/conf.d/authelia.yml

http:
  # Routers
  routers:
    # HTTP to HTTPS redirect
    authelia-http:
      rule: "Host(`auth.<your_domain.tld>`)"
      entryPoints:
        - "web"
      middlewares:
        - "redirect-to-https"
      service: "authelia-service"

    # Main HTTPS router
    authelia-https:
      rule: "Host(`auth.<your_domain.tld>`)"
      entryPoints:
        - "websecure"
      middlewares:
        - "authelia-headers"
      service: "authelia-service"
      tls:
        certResolver: "letsencrypt"

  # Services
  services:
    authelia-service:
      loadBalancer:
        servers:
          - url: "http://<your_node_ip>:9091"
        passHostHeader: true

  # Middlewares
  middlewares:
    # HTTPS redirect
    redirect-to-https:
      redirectScheme:
        scheme: "https"
        permanent: true

    # Authelia specific headers
    authelia-headers:
      headers:
        customRequestHeaders:
          X-Real-IP: ""
          X-Forwarded-For: ""
          X-Forwarded-Proto: "https"
          X-Forwarded-Host: "auth.<your_domain.tld>"
        customResponseHeaders:
          X-Frame-Options: "SAMEORIGIN"
          X-Content-Type-Options: "nosniff"
          Referrer-Policy: "same-origin"
          X-XSS-Protection: "1; mode=block"

As well as a sample config for a service to require authelia auth

root@traefik:~# cat /etc/traefik/conf.d/linkwarden.yml 
# Traefik Dynamic Configuration for Linkwarden with Authelia
# Save this as: /etc/traefik/conf.d/linkwarden.yml

http:
  # Routers
  routers:
    # HTTP to HTTPS redirect
    linkwarden-http:
      rule: "Host(`links.<your_domain.tld>`)"
      entryPoints:
        - "web"
      middlewares:
        - "redirect-to-https"
      service: "linkwarden-service"

    # Main HTTPS router with Authelia protection
    linkwarden-https:
      rule: "Host(`links.<your_domain.tld>`)"
      entryPoints:
        - "websecure"
      middlewares:
        - "authelia-auth"
        - "linkwarden-headers"
      service: "linkwarden-service"
      tls:
        certResolver: "letsencrypt"

  # Services
  services:
    linkwarden-service:
      loadBalancer:
        servers:
          - url: "http://<linkwarden_IP>:3000"
        passHostHeader: true

  # Middlewares
  middlewares:
    # HTTPS redirect
    redirect-to-https:
      redirectScheme:
        scheme: "https"
        permanent: true

    # Authelia authentication
    authelia-auth:
      forwardAuth:
        address: "http://<authelia_IP>:9091/api/verify?rd=https://auth.<your_domain.tld>"
        trustForwardHeader: true
        authResponseHeaders:
          - "Remote-User"
          - "Remote-Groups"
          - "Remote-Name"
          - "Remote-Email"

    # Linkwarden specific headers
    linkwarden-headers:
      headers:
        customRequestHeaders:
          X-Real-IP: ""
          X-Forwarded-For: ""
          X-Forwarded-Proto: "https"
        customResponseHeaders:
          X-Frame-Options: "SAMEORIGIN"
          X-Content-Type-Options: "nosniff"
          Referrer-Policy: "same-origin"

It'd be really nice if the helper-script included a Next steps link to some documentation. I'm not sure if such a thing exists.

@Aareon commented on GitHub (Jul 1, 2025): Thanks team, I was able to get Traefik to point to it with some fiddling. For anyone in the future questioning how to get it working, here's my authelia config for traefik ``` root@traefik:~# cat /etc/traefik/conf.d/authelia.yml # Traefik Dynamic Configuration for Authelia # Save this as: /etc/traefik/conf.d/authelia.yml http: # Routers routers: # HTTP to HTTPS redirect authelia-http: rule: "Host(`auth.<your_domain.tld>`)" entryPoints: - "web" middlewares: - "redirect-to-https" service: "authelia-service" # Main HTTPS router authelia-https: rule: "Host(`auth.<your_domain.tld>`)" entryPoints: - "websecure" middlewares: - "authelia-headers" service: "authelia-service" tls: certResolver: "letsencrypt" # Services services: authelia-service: loadBalancer: servers: - url: "http://<your_node_ip>:9091" passHostHeader: true # Middlewares middlewares: # HTTPS redirect redirect-to-https: redirectScheme: scheme: "https" permanent: true # Authelia specific headers authelia-headers: headers: customRequestHeaders: X-Real-IP: "" X-Forwarded-For: "" X-Forwarded-Proto: "https" X-Forwarded-Host: "auth.<your_domain.tld>" customResponseHeaders: X-Frame-Options: "SAMEORIGIN" X-Content-Type-Options: "nosniff" Referrer-Policy: "same-origin" X-XSS-Protection: "1; mode=block" ``` As well as a sample config for a service to require authelia auth ``` root@traefik:~# cat /etc/traefik/conf.d/linkwarden.yml # Traefik Dynamic Configuration for Linkwarden with Authelia # Save this as: /etc/traefik/conf.d/linkwarden.yml http: # Routers routers: # HTTP to HTTPS redirect linkwarden-http: rule: "Host(`links.<your_domain.tld>`)" entryPoints: - "web" middlewares: - "redirect-to-https" service: "linkwarden-service" # Main HTTPS router with Authelia protection linkwarden-https: rule: "Host(`links.<your_domain.tld>`)" entryPoints: - "websecure" middlewares: - "authelia-auth" - "linkwarden-headers" service: "linkwarden-service" tls: certResolver: "letsencrypt" # Services services: linkwarden-service: loadBalancer: servers: - url: "http://<linkwarden_IP>:3000" passHostHeader: true # Middlewares middlewares: # HTTPS redirect redirect-to-https: redirectScheme: scheme: "https" permanent: true # Authelia authentication authelia-auth: forwardAuth: address: "http://<authelia_IP>:9091/api/verify?rd=https://auth.<your_domain.tld>" trustForwardHeader: true authResponseHeaders: - "Remote-User" - "Remote-Groups" - "Remote-Name" - "Remote-Email" # Linkwarden specific headers linkwarden-headers: headers: customRequestHeaders: X-Real-IP: "" X-Forwarded-For: "" X-Forwarded-Proto: "https" customResponseHeaders: X-Frame-Options: "SAMEORIGIN" X-Content-Type-Options: "nosniff" Referrer-Policy: "same-origin" ``` It'd be really nice if the helper-script included a `Next steps` link to some documentation. I'm not sure if such a thing exists.

OVERLORD commented

2026-02-04 23:39:05 +03:00

@Aareon commented on GitHub (Jul 1, 2025):

On the last point, I wouldn't mind contributing to such a thing for the services that I use.

@Aareon commented on GitHub (Jul 1, 2025): On the last point, I wouldn't mind contributing to such a thing for the services that I use.

OVERLORD commented

2026-02-04 23:39:09 +03:00

@Cosquilla commented on GitHub (Nov 9, 2025):

Thank you so much for posting your configuration example.
All the tutorials and guides I found on the internet are about implementation in docker with labels.
Finally with your help I got traefik and authelia running in my Proxmox environment (as LXC like with the community scripts).

@Cosquilla commented on GitHub (Nov 9, 2025): Thank you so much for posting your configuration example. All the tutorials and guides I found on the internet are about implementation in docker with labels. Finally with your help I got traefik and authelia running in my Proxmox environment (as LXC like with the community scripts).

OVERLORD referenced this issue

2026-02-05 05:20:49 +03:00

[PR #1211] [CLOSED] Implement overridable URL for scripts #2929

OVERLORD referenced this issue

2026-02-05 05:21:20 +03:00

[PR #1230] [CLOSED] Implement overridable URL for scripts #2939

OVERLORD referenced this issue

2026-02-05 05:21:47 +03:00

[PR #1251] [MERGED] [overrideable url] Initial changes to ct scripts to use environment variable #2949

OVERLORD referenced this issue

2026-02-05 05:21:48 +03:00

[PR #1252] [MERGED] [overrideable url] Remaining changes to ct scripts to use environment variable #2950