User Tools

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
services:alist [2025/03/19 09:33] willyservices:alist [2025/03/19 10:40] (current) willy
Line 48: Line 48:
 INFO[2025-03-19 09:34:53] init logrus...                                INFO[2025-03-19 09:34:53] init logrus...                               
 INFO[2025-03-19 09:34:53] Successfully created the admin user and the initial password is: oierjfeD  INFO[2025-03-19 09:34:53] Successfully created the admin user and the initial password is: oierjfeD 
-INFO[2025-03-19 09:34:53] Admin user's username: admin                 +INFO[2025-03-19 09:34:53] Admin user s username: admin                 
 INFO[2025-03-19 09:34:53] The password can only be output at the first startup, and then stored as a hash value, which cannot be reversed  INFO[2025-03-19 09:34:53] The password can only be output at the first startup, and then stored as a hash value, which cannot be reversed 
 INFO[2025-03-19 09:34:53] You can reset the password with a random string by running [alist admin random]  INFO[2025-03-19 09:34:53] You can reset the password with a random string by running [alist admin random] 
Line 172: Line 172:
   * Root folder path is the shared path on local storage   * Root folder path is the shared path on local storage
   * Make sure to edit the mkdir folder permissions to something sane like 775 or 770 or even 750.   * Make sure to edit the mkdir folder permissions to something sane like 775 or 770 or even 750.
- 
  
 === Sharing files === === Sharing files ===
  
 You can add a guest user, one is available but disabled by default, or you can create **meta** links with specific sharing password. See [[https://alist.nn.ci/guide/advanced/meta.html|here]] for more details. You can add a guest user, one is available but disabled by default, or you can create **meta** links with specific sharing password. See [[https://alist.nn.ci/guide/advanced/meta.html|here]] for more details.
 +
 +=== Indexing ===
 +
 +AList support indexing with many different backends. The easiest one is to enable indexing inside the SQLite database.
 +
 +According to [[https://alist.nn.ci/guide/advanced/search.html|this]] page, there are some caveats and in general it can lead to a fairly big SQLite database file, while MySQL has issues. At the same time, my usage is limited, so i don't want to spin up a dedicated indexing external service.
 +
 +In other words, i leave indexing to **none**. YMMV.
  
 === WebDAV === === WebDAV ===
Line 193: Line 200:
 === SSO === === SSO ===
  
-Authelia link...+**Note:** so far i failed at setting up Authelia in AList. The following notes are as far as i got, but currently there seems to be no communication between Authelia and AList itself. 
 + 
 +If you have setup your SSO backend, like i describe in [[selfhost:sso|this]] page, go to //management// -> //settings// -> //Single Sign ON// to enable the link to your Authelia. 
 + 
 +The official documentation [[https://alist.nn.ci/guide/advanced/sso.html#sso-full-fill-demo|here]] is very detailed, hoping you can read Chinese (i cannot)... Otherwise, follow the indications below. 
 + 
 +Authelia configuration section, to be added to /home/authelia/configuration.yml: 
 +<code> 
 +    clients: 
 +      - client_id: '<< generate a custom client id, see below >>' 
 +        client_secret: '<< generate a custom client secret, see below, the digest goes here >>' 
 +        client_name: 'alist' 
 +        public: false 
 +        authorization_policy: 'one_factor' 
 +        redirect_uris: 
 +          - https://drive.mydomain.com/api/auth/sso_callback\?method=sso_get_token 
 +          - https://drive.mydomain.com/api/auth/sso_callback\?method=get_sso_id 
 +        scopes: 
 +          - 'openid' 
 +          - 'profile' 
 +          - 'email' 
 +        userinfo_signed_response_alg: 'none' 
 +</code> 
 + 
 +To generate a ClientID: 
 +<code bash> 
 +authelia crypto rand --length 72 --charset rfc3986 
 +</code> 
 + 
 +To generate a Client Secret: 
 +<code bash> 
 +authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986 
 +</code> 
 +Please note **both** the digest and the password itself! 
 + 
 +In AList use the following information: 
 +  * Platform: OIDC 
 +  * Client ID: use the one generated above 
 +  * Client secret: use the one generated above, the password, not the digest 
 +  * Sso oidc username key: preferred_username 
 +  * Sso organization name: user 
 +  * Sso application name: user 
 +  * Sso extra scopes: openid email profile 
 +  * SSO endpoint name: https://login.mydomain.com/.well-known/openid-configuration 
 +  * SSO auto register: create AList users from SSO users 
 +  * SSO default permission: a sum of all the extra permissionsUse 768 for WebDAV access and editing. 
  
  

This website uses technical cookies only. No information is shared with anybody or used in any way but provide the website in your browser.

More information