LubeLogger

LubeLogger is an aSelf-Hosted, Open-Source, Unconventionally-Named Vehicle Maintenance Records and Fuel Mileage Tracker for your cars and vehicles.

Create a standard user to host the LubeLogger installation, then create a folder under /data/lubelogger to store the needed persistent data:

useradd -d /data/daemons/lubelogger -m lubelogger 
mkdir /data/lubelogger
chown lubelogger:lubelogger /data/lubelogger

Now, create the following docker-compose.yml as user lubelogger:

docker-compose.yml

Choose an available port, of course!

Now pull it:

podman compose pull

Unfortunately, while it is possible to disable authentication, it will not work with SSO, so you cannot disable authentication and then have a simple SSO layer on top of it. This is quite annoying.

Enabling LubeLogget authentication is a bit of a mess. First of all, it starts with authentication disabled. As stated here you need to go to settings and enable authentication in order to create a root user and setup a password. At this point, you can setup your SSO.

To setup the SSO, you need to setup the following environments in your docker compose:

MailConfig__EmailServer="" <- Email SMTP settings used only for configuring multiple users(to send their registration token and forgot password tokens)
MailConfig__EmailFrom="" <- Same as above.
MailConfig__Port=587 <- Same as above.
MailConfig__Username="" <- Same as above.
MailConfig__Password="" <- Same as above.
OpenIDConfig__Name=Name of the OpenID Connect Provider
OpenIDConfig__ClientId=Client Id to Authenticate with the Provider
OpenIDConfig__ClientSecret=Client Secret to Authenticate with the Provider
OpenIDConfig__AuthURL=Authorization URL to the Provider's Login Page
OpenIDConfig__TokenURL=URL to retrieve user JWT from the Provider
OpenIDConfig__RedirectURL=https://<yourlubeloggerdomain.com>/Login/RemoteAuth(must be HTTPS)
OpenIDConfig__Scope=The scope for retrieving the user's email claim(usually it's just 'email')
OpenIDConfig__ValidateState=true/false(default: false) - whether LubeLogger should validate state.
OpenIDConfig__UsePKCE=true/false(default: false) - whether LubeLogger should use PKCE

The examples provided in the above docker compose should be adapted to your setup, but are designed to work with Authelia.

I suggest you also setup email notification by creating a dedicated email address for LubeLogger to send out emails.

Running LubeLogger behind NGINX is easy, but it cannot be hosted (at the moment, see here) on a sub-path, so a sub-domain it must be. I assume you will host it under https://lubelogger.mydomain.com:

lubelogger.conf

server {
        server_name lubelogger.mydomain.com;
        listen 443 ssl; 
        listen 8443 ssl; 

        access_log /var/log/nginx/lubelogger.mydomain.com_access_log main;
        error_log /var/log/nginx/lubelogger.mydomain.com_error_log info;

         location / {
                proxy_pass http://127.0.0.1:8485;
                client_max_body_size               50000M;
                proxy_set_header Host              $http_host;
                proxy_set_header X-Real-IP         $remote_addr;
                proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
                proxy_set_header   Upgrade    $http_upgrade;
                proxy_set_header   Connection "upgrade";
    }
}

To start it, and set it up on boot, as usual follow my indications Using Containers on Gentoo, so link the user-containers init script:

ln -s /etc/init.d/user-containers /etc/init.d/user-containers.lubelogger

and create the following config file:

/etc/conf.d/user-containers.lubelogger

USER=grist
DESCRIPTION="Track your can maintenance"

Add the service to the default runlevel and start it now:

rc-update add user-containers.lubelogger default
rc-service user-containers.lubelogger start