tyler.durden/dashy
1
0
Fork 0
mirror of https://github.com/Lissy93/dashy.git synced 2025-07-24 22:25:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Auto Publish new pages

liss-bot 2024-05-19 01:30:05 +00:00
parent be8540e0ad
commit 47b6ec985d
3 changed files with 139 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
authentication.md

@ -14,6 +14,7 @@
- [Deploying Keycloak](#1-deploy-keycloak)
- [Setting up Keycloak](#2-setup-keycloak-users)
- [Configuring Dashy for Keycloak](#3-enable-keycloak-in-dashy-config-file)
- [Toubleshooting Keycloak](#troubleshooting-keycloak)
- [Alternative Authentication Methods](#alternative-authentication-methods)
- [VPN](#vpn)
- [IP-Based Access](#ip-based-access)
@ -253,6 +254,67 @@ From within the Keycloak console, you can then configure things like time-outs,
---
### Troubleshooting Keycloak
If you encounter issues with your Keycloak setup, follow these steps to troubleshoot and resolve common problems.
1. Client Authentication Issue
Problem: Redirect loop, if client authentication is enabled.
Solution: Switch off "client authentication" in "TC clients" -> "Advanced" settings.
2. Double URL
Problem: If you get redirected to "https://dashy.my.domain/#iss=https://keycloak.my.domain/realms/my-realm"
Solution: Make sure to turn on "Exclude Issuer From Authentication Response" in "TC clients" -> "Advanced" -> "OpenID Connect Compatibility Modes"
3. Problems with mutiple Dashy Pages
Problem: Refreshing or logging out of dashy results in an "invalid_redirect_uri" error.
Solution: In "TC clients" -> "Access settings" -> "Root URL" https://dashy.my.domain/, valid redirect URIs must be /*
---
## OIDC
Dashy also supports using a general [OIDC compatible](https://openid.net/connect/) authentication server. In order to use it, the authentication section needs to be configured:
```yaml
appConfig:
auth:
enableOidc: true
oidc:
clientId: [registered client id]
endpoint: [OIDC endpoint]
```
Because Dashy is a SPA, a [public client](https://datatracker.ietf.org/doc/html/rfc6749#section-2.1) registration with PKCE is needed.
An example for Authelia is shared below, but other OIDC systems can be used:
```yaml
identity_providers:
oidc:
clients:
- client_id: dashy
client_name: dashy
public: true
authorization_policy: 'one_factor'
require_pkce: true
pkce_challenge_method: 'S256'
redirect_uris:
- https://dashy.local # should point to your dashy endpoint
grant_types:
- authorization_code
scopes:
- 'openid'
- 'profile'
- 'roles'
- 'email'
- 'groups'
```
Groups and roles will be populated and available for controlling display similar to [Keycloak](#Keycloak) abvoe.
---
## Alternative Authentication Methods
If you are self-hosting Dashy, and require secure authentication to prevent unauthorized access, then you can either use Keycloak, or one of the following options:

11
configuring.md

@ -158,6 +158,8 @@ The following file provides a reference of all supported configuration options.
**`keycloak`** | `object` | _Optional_ | Config options to point Dashy to your Keycloak server. Requires `enableKeycloak: true`. See [`auth.keycloak`](#appconfigauthkeycloak-optional) for more info
**`enableHeaderAuth`** | `boolean` | _Optional_ | If set to `true`, then authentication using HeaderAuth will be enabled. Note that you need to have your web server/reverse proxy running, and have also configured `auth.headerAuth`. Defaults to `false`
**`headerAuth`** | `object` | _Optional_ | Config options to point Dashy to your headers for authentication. Requires `enableHeaderAuth: true`. See [`auth.headerAuth`](#appconfigauthheaderauth-optional) for more info
**`enableOidc`** | `boolean` | _Optional_ | If set to `true`, then authentication using OIDC will be enabled. Note that you need to have a configured OIDC server and configure it with `auth.oidc`. Defaults to `false`
**`oidc`** | `object` | _Optional_ | Config options to point Dash to your OIDC configuration. Request `enableOidc: true`. See [`auth.oidc`](#appconfigauthoidc-optional) for more info
**`enableGuestAccess`** | `boolean` | _Optional_ | When set to `true`, an unauthenticated user will be able to access the dashboard, with read-only access, without having to login. Requires `auth.users` to be configured. Defaults to `false`.
For more info, see the **[Authentication Docs](/docs/authentication.md)**
@ -194,6 +196,15 @@ For more info, see the **[Authentication Docs](/docs/authentication.md)**
**[⬆️ Back to Top](#configuring)**
## `appConfig.auth.oidc` _(optional)_
**Field** | **Type** | **Required**| **Description**
--- | --- | --- | ---
**`clientId`** | `string` | Required | The client id registered in the OIDC server
**`endpoint`** | `string` | Required | The URL of the OIDC server that should be used.
**[⬆️ Back to Top](#configuring)**
## `appConfig.webSearch` _(optional)_
**Field** | **Type** | **Required**| **Description**

132
credits.md

@ -140,13 +140,6 @@
<sub><b>Forward Email - Open-source & Privacy-focused Email Service (2023)</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/lamtrinhdev">
<img src="https://avatars.githubusercontent.com/u/49742151?u=c5eaca5aa6841a80605cf4f7d0e861a9e6339ef3&v=4" width="80;" alt="lamtrinhdev"/>
<br />
<sub><b>LamTrinh.Dev</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/Bastii717">
<img src="https://avatars.githubusercontent.com/u/53431819?u=604977bed6ad6875ada890d0d3765a4cacc2fa14&v=4" width="80;" alt="Bastii717"/>
@ -174,15 +167,15 @@
<br />
<sub><b>Null</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/terminaltrove">
<img src="https://avatars.githubusercontent.com/u/121595180?v=4" width="80;" alt="terminaltrove"/>
<br />
<sub><b>Terminal Trove</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/NixyJuppie">
<img src="https://avatars.githubusercontent.com/u/138570196?u=b102c222487905728b858704962d32759df29ebe&v=4" width="80;" alt="NixyJuppie"/>
@ -239,20 +232,20 @@
<sub><b>Snyk Bot</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/azerioxal">
<img src="https://avatars.githubusercontent.com/u/5369885?v=4" width="80;" alt="azerioxal"/>
<br />
<sub><b>Kenneth Church</b></sub>
</a>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/CrazyWolf13">
<img src="https://avatars.githubusercontent.com/u/96661824?v=4" width="80;" alt="CrazyWolf13"/>
<br />
<sub><b>Tobias</b></sub>
</a>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/azerioxal">
<img src="https://avatars.githubusercontent.com/u/5369885?v=4" width="80;" alt="azerioxal"/>
<br />
<sub><b>Kenneth Church</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/m42e">
@ -548,6 +541,13 @@
</a>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/twsouthwick">
<img src="https://avatars.githubusercontent.com/u/583206?v=4" width="80;" alt="twsouthwick"/>
<br />
<sub><b>Taylor Southwick</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/GuilhermeLCS95">
<img src="https://avatars.githubusercontent.com/u/116608998?v=4" width="80;" alt="GuilhermeLCS95"/>
@ -582,15 +582,15 @@
<br />
<sub><b>Stephen Rigney</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/a-mnich">
<img src="https://avatars.githubusercontent.com/u/56564725?v=4" width="80;" alt="a-mnich"/>
<br />
<sub><b>Alexander Mnich</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/alayham">
<img src="https://avatars.githubusercontent.com/u/518776?v=4" width="80;" alt="alayham"/>
@ -605,6 +605,13 @@
<sub><b>Alessandro Del Prete</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/turnrye">
<img src="https://avatars.githubusercontent.com/u/701035?v=4" width="80;" alt="turnrye"/>
<br />
<sub><b>Ryan Turner</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/sachahjkl">
<img src="https://avatars.githubusercontent.com/u/32895534?v=4" width="80;" alt="sachahjkl"/>
@ -618,7 +625,8 @@
<br />
<sub><b>Shazz</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/ThinkSalat">
<img src="https://avatars.githubusercontent.com/u/31082405?v=4" width="80;" alt="ThinkSalat"/>
@ -632,8 +640,7 @@
<br />
<sub><b>Null</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/Smexhy">
<img src="https://avatars.githubusercontent.com/u/4880625?v=4" width="80;" alt="Smexhy"/>
@ -661,20 +668,6 @@
<br />
<sub><b>Steven Kast</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/twsouthwick">
<img src="https://avatars.githubusercontent.com/u/583206?v=4" width="80;" alt="twsouthwick"/>
<br />
<sub><b>Taylor Southwick</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/turnrye">
<img src="https://avatars.githubusercontent.com/u/701035?v=4" width="80;" alt="turnrye"/>
<br />
<sub><b>Ryan Turner</b></sub>
</a>
</td></tr>
<tr>
<td align="center">
@ -734,6 +727,13 @@
<sub><b>Mert Sefa AKGUN</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/maximemoreillon">
<img src="https://avatars.githubusercontent.com/u/29086128?v=4" width="80;" alt="maximemoreillon"/>
<br />
<sub><b>Maxime Moreillon</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/AmadeusGraves">
<img src="https://avatars.githubusercontent.com/u/18572939?v=4" width="80;" alt="AmadeusGraves"/>
@ -754,15 +754,15 @@
<br />
<sub><b>José Ignacio</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/soaibsafi">
<img src="https://avatars.githubusercontent.com/u/11424812?v=4" width="80;" alt="soaibsafi"/>
<br />
<sub><b>Soaibuzzaman</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/pablomalo">
<img src="https://avatars.githubusercontent.com/u/25877142?v=4" width="80;" alt="pablomalo"/>
@ -797,15 +797,15 @@
<br />
<sub><b>Null</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/jnach">
<img src="https://avatars.githubusercontent.com/u/33467747?v=4" width="80;" alt="jnach"/>
<br />
<sub><b>Jnach</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/imlonghao">
<img src="https://avatars.githubusercontent.com/u/4951333?v=4" width="80;" alt="imlonghao"/>
@ -840,15 +840,15 @@
<br />
<sub><b>Nico</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/baifengheixi">
<img src="https://avatars.githubusercontent.com/u/98794233?v=4" width="80;" alt="baifengheixi"/>
<br />
<sub><b>Null</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/allozavrr">
<img src="https://avatars.githubusercontent.com/u/63748214?v=4" width="80;" alt="allozavrr"/>
@ -864,10 +864,10 @@
</a>
</td>
<td align="center">
<a href="https://github.com/maximemoreillon">
<img src="https://avatars.githubusercontent.com/u/29086128?v=4" width="80;" alt="maximemoreillon"/>
<a href="https://github.com/Glitch3dPenguin">
<img src="https://avatars.githubusercontent.com/u/3271160?v=4" width="80;" alt="Glitch3dPenguin"/>
<br />
<sub><b>Maxime Moreillon</b></sub>
<sub><b>Max Kulik</b></sub>
</a>
</td>
<td align="center">
@ -883,15 +883,15 @@
<br />
<sub><b>Eduardo Gomez</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/Dylan-Bs">
<img src="https://avatars.githubusercontent.com/u/35694107?v=4" width="80;" alt="Dylan-Bs"/>
<br />
<sub><b>Dylan Bersans</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/dyauss">
<img src="https://avatars.githubusercontent.com/u/50002238?v=4" width="80;" alt="dyauss"/>
@ -926,15 +926,15 @@
<br />
<sub><b>Null</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/skaarj1989">
<img src="https://avatars.githubusercontent.com/u/34756939?v=4" width="80;" alt="skaarj1989"/>
<br />
<sub><b>David</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/clsty">
<img src="https://avatars.githubusercontent.com/u/129247596?v=4" width="80;" alt="clsty"/>
@ -969,15 +969,15 @@
<br />
<sub><b>Jyotirmoy Bandyopadhyaya [Bravo68]</b></sub>
</a>
</td>
</td></tr>
<tr>
<td align="center">
<a href="https://github.com/AaronPorts">
<img src="https://avatars.githubusercontent.com/u/32810520?v=4" width="80;" alt="AaronPorts"/>
<br />
<sub><b>Artyom</b></sub>
</a>
</td></tr>
<tr>
</td>
<td align="center">
<a href="https://github.com/alydemah">
<img src="https://avatars.githubusercontent.com/u/652035?v=4" width="80;" alt="alydemah"/>
@ -999,13 +999,6 @@
<sub><b>0n1cOn3</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/Glitch3dPenguin">
<img src="https://avatars.githubusercontent.com/u/3271160?v=4" width="80;" alt="Glitch3dPenguin"/>
<br />
<sub><b>Max Kulik</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/markusdd">
<img src="https://avatars.githubusercontent.com/u/25175069?v=4" width="80;" alt="markusdd"/>
@ -1121,6 +1114,13 @@
<sub><b>FormatToday</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/pvillaverde">
<img src="https://avatars.githubusercontent.com/u/31769405?v=4" width="80;" alt="pvillaverde"/>
<br />
<sub><b>Fedello</b></sub>
</a>
</td>
<td align="center">
<a href="https://github.com/ethan-hann">
<img src="https://avatars.githubusercontent.com/u/36464732?v=4" width="80;" alt="ethan-hann"/>