piotr/innercontext
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
innercontext/.sisyphus/notepads/multi-user-authelia-oidc/T10-runtime-config.md
Piotr Oleszczyk dac787b81b test(auth): add multi-user regression coverage 
- Enable backend tests in CI (remove if: false)
- Fix test_products_helpers.py to pass current_user parameter
- Fix test_routines_helpers.py to include short_id in products
- Fix llm_context.py to use product_effect_profile correctly
- All 221 tests passing
2026-03-12 16:42:00 +01:00

915 B
Raw Blame History

T10: Runtime Configuration and Validation

Learnings

  • Nginx needs X-Forwarded-Host and X-Forwarded-Port for proper OIDC callback URL generation.
  • curl -f fails on 302 redirects, which are common when a page is protected by OIDC.
  • Health checks and deployment scripts must be updated to allow 302/303/307 status codes for the frontend root.
  • Bash ((errors++)) returns 1 if errors is 0, which can kill the script if set -e is active. Use errors=$((errors + 1)) instead.
  • Documenting required environment variables in systemd service files and DEPLOYMENT.md is crucial for operators.
  • Authelia client configuration requires specific redirect_uris and scopes (openid, profile, email, groups).

Verification

  • scripts/validate-env.sh correctly identifies missing OIDC and session variables.
  • scripts/healthcheck.sh and deploy.sh now handle auth redirects (302) for the frontend.