User Tools

LubeLogger

LubeLogger is an aSelf-Hosted, Open-Source, Unconventionally-Named Vehicle Maintenance Records and Fuel Mileage Tracker for your cars and vehicles. In other words, you can use it to track expenditures, taxes and maintenance done (with costs) of you vehicles.

Installation

Create a standard user to host the LubeLogger installation, then create a folder under /data/lubelogger to store the needed persistent data:

useradd -d /data/daemons/lubelogger -m lubelogger 
mkdir /data/lubelogger
chown lubelogger:lubelogger /data/lubelogger

Now, create the following docker-compose.yml as user lubelogger:

docker-compose.yml
---
version: "3.4"

services:
  app:
    image: ghcr.io/hargata/lubelogger:latest
    build: .
    environment:
      - LC_ALL=it_IT.UTF-8 # this will affect how numbers, currencies, and dates are formatted.
      - LANG=it_IT.UTF-8   # Same as above. 
#      - EnableAuth=false  # See authentication below
    volumes:
      - /data/lubelogger/config:/App/config
      - /data/lubelogger/data:/App/data
      - /data/lubelogger/translations:/App/wwwroot/translations
      - /data/lubelogger/documents:/App/wwwroot/documents
      - /data/lubelogger/images:/App/wwwroot/images
      - /data/lubelogger/temp:/App/wwwroot/temp
      - /data/lubelogger/log:/App/log
      - /data/lubelogger/keys:/root/.aspnet/DataProtection-Keys
    ports:
      - 8485:8080

    networks:
      - lubelogger-net

networks:
  lubelogger-net: {}

Choose an available port, of course!

Now pull it:

podman compose pull

Authentication

Authentication with LubeLogger took a bit to figure out. First of all, it's pretty unconventional in a few respects:

  • Authentication is disabled by default, but once you mess with it, it can be managed only from web settings and the environment setting seems to be unresponsive
  • It does not support forwarded headers or similar proxy based stuff
  • It support OIDC (Authelia…) SSO type authentication but it still requires you to setup local authentication first
  • It does allow multiple users, but only via email registration with tokens, you cannot add users from the admin control panel. This is probably the weirdest choice.

You have different options:

  • disable LubeLogger auth and use your own proxy-based authentication, but you lose additional users
  • enable internal LubeLogger auth, and disable your proxy autnehtication, but you need to create users
  • enable LubeLogger authentication with your OIDC SSO (es Authelia), but you still need to create your LubeLogger root account and you will not be able to use your proxy authentication, not even via the SSO itself.

In general enabling LubeLogger authentication is a bit of a mess. First of all, it starts with authentication disabled. As stated here you need to go to settings and enable authentication in order to create a root user and setup a password. Also note that to add users you must setup an email provider and have LubeLogger send out a token to the new user email address. Very annoying.

Instead, if you want to enable SSO, you need to setup the following environments in your docker compose:

MailConfig__EmailServer="" <- Email SMTP settings used only for configuring multiple users(to send their registration token and forgot password tokens)
MailConfig__EmailFrom="" <- Same as above.
MailConfig__Port=587 <- Same as above.
MailConfig__Username="" <- Same as above.
MailConfig__Password="" <- Same as above.
OpenIDConfig__Name=Authelia
OpenIDConfig__ClientId=lube
OpenIDConfig__ClientSecret=client-secret-string
OpenIDConfig__AuthURL=Authorization URL to the Provider's Login Page
OpenIDConfig__TokenURL=URL to retrieve user JWT from the Provider
OpenIDConfig__RedirectURL=https://lubelogger.mydomain.com/Login/RemoteAuth
OpenIDConfig__Scope="openid email"
OpenIDConfig__ValidateState=true/false(default: false) - whether LubeLogger should validate state.
OpenIDConfig__UsePKCE=true/false(default: false) - whether LubeLogger should use PKCE

My specific Authelia client setting is:

      - client_id: 'lube'
        client_name: 'LubeLogger'
        client_secret: 'client-secret-string'
        public: false
        authorization_policy: 'one_factor'
        pre_configured_consent_duration: 1M
        scopes:
          - openid
          - email
          - profile
        grant_types:
          - 'authorization_code'
        redirect_uris:
          - https://lubelogger.mydomain.com/Login/RemoteAuth
        userinfo_signed_response_alg: none
        token_endpoint_auth_method: 'client_secret_post'

I suggest you also setup email notification by creating a dedicated email address for LubeLogger to send out emails or you will not be able to add users.

I choose to fully disable LubeLogger authentication and go with proxy authentication since i only need one user account no matter who is actually logged in.

Reverse Proxy

Running LubeLogger behind NGINX is easy, but it cannot be hosted (at the moment, see here) on a sub-path, so a sub-domain it must be. I assume you will host it under https://lubelogger.mydomain.com:

lubelogger.conf
server {
        server_name lubelogger.mydomain.com;
        listen 443 ssl; 
        listen 8443 ssl; 

        access_log /var/log/nginx/lubelogger.mydomain.com_access_log main;
        error_log /var/log/nginx/lubelogger.mydomain.com_error_log info;
        
        # The following line enables proxy auth with SSO, uncomment to use LubeLogger auth
        include "com.mydomain/authelia_location.conf";


         location / {
                # The following two lines enables proxy auth with SSO, uncomment to use LubeLogger auth
                include "com.mydomain.com/authelia_proxy.conf";
                include "com.mydomain.com/authelia_authrequest.conf";
                
                proxy_pass http://127.0.0.1:8485;
                client_max_body_size               50000M;
                
# The following lines are all commented to use NGINX SSO authentication and NOT LubeLogger
# authentication. IF you want to use LubeLogger authentication, uncomment them.
#                proxy_set_header Host              $http_host;
#                proxy_set_header X-Real-IP         $remote_addr;
#                proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
#                proxy_set_header X-Forwarded-Proto $scheme;

                proxy_set_header   Upgrade    $http_upgrade;
                proxy_set_header   Connection "upgrade";
    }
}

Running

To start it, and set it up on boot, as usual follow my indications Using Containers on Gentoo, so link the user-containers init script:

ln -s /etc/init.d/user-containers /etc/init.d/user-containers.lubelogger

and create the following config file:

/etc/conf.d/user-containers.lubelogger
USER=grist
DESCRIPTION="Track your can maintenance"

Add the service to the default runlevel and start it now:

rc-update add user-containers.lubelogger default
rc-service user-containers.lubelogger start

This website uses cookies. By using the website, you agree with storing cookies on your computer. Also, you acknowledge that you have read and understand our Privacy Policy. If you do not agree, please leave the website.

More information