BookStack icon indicating copy to clipboard operation
BookStack copied to clipboard
verified publisher icon BookStackApp

oidc login page not appearing

Open bpaldan opened this issue 3 months ago • 8 comments

Attempted Debugging

  • [x] I have read the debugging page

Searched GitHub Issues

  • [x] I have searched GitHub for the issue.

Describe the Scenario

Hi,

I set the following in .env:

SERVICE_NAME_BOOKSTACK=bookstack SERVICE_NAME_MARIADB=mariadb SERVICE_FQDN_BOOKSTACK={bookstack.example.com} SERVICE_FQDN_BOOKSTACK_80={bookstack.example.com} SERVICE_PASSWORD_APPKEY={exampleappkey} SERVICE_PASSWORD_MYSQL={examplexpasswordmysql} SERVICE_PASSWORD_MYSQLROOT={examplepasswordmysqlroot} SERVICE_URL_BOOKSTACK=https://{bookstack.example.com} SERVICE_URL_BOOKSTACK_80=https://{bookstack.example.com} SERVICE_USER_MYSQL={exampleusermysql} APP_KEY=${SERVICE_PASSWORD_APPKEY} APP_URL=${SERVICE_URL_BOOKSTACK} DB_PASSWORD=${SERVICE_PASSWORD_MYSQL} DB_USERNAME=${SERVICE_USER_MYSQL} MYSQL_PASSWORD=${SERVICE_PASSWORD_MYSQL} MYSQL_ROOT_PASSWORD=${SERVICE_PASSWORD_MYSQLROOT} MYSQL_USER=${SERVICE_USER_MYSQL} AUTH_AUTO_INITIATE=false AUTH_METHOD=oidc GITHUB_APP_ID= GITHUB_APP_SECRET= MAIL_DRIVER=smtp MAIL_ENCRYPTION=tls MAIL_FROM= MAIL_FROM_NAME=BookStack MAIL_HOST= MAIL_PASSWORD= MAIL_PORT=587 MAIL_USERNAME= MYSQL_DATABASE=bookstackapp OIDC_CLIENT_ID={exampleClientID} OIDC_CLIENT_SECRET={exampleclientsecret} OIDC_DISPLAY_NAME_CLAIMS=name OIDC_END_SESSION_ENDPOINT=true OIDC_ISSUER={https://{bookstack.example.com/application/o/bookstack/}} OIDC_ISSUER_DISCOVER=true OIDC_NAME=authentik QUEUE_CONNECTION= TZ=Europe/Berlin

But the "Log in with SSO (authentik)" message does not appear, instead the default login screen comes up when I attempt to log in.

What am I overlooking? Thank you

Exact BookStack Version

v25.07.3

Log Content

Hosting Environment

LSIO Docker with mariadb

This is the login screen:

Image

bpaldan avatar Oct 12 '25 13:10 bpaldan

Hi @bpaldan, Where and how exactly are you defining these variables? If in a file passed to the container via a volume, please let me know your volume mappings.

Also, if settings these via the environment of the container, then changes typically won't take affect until the container is re-created. A restart of an existing container is not enough.

ssddanbrown avatar Oct 13 '25 11:10 ssddanbrown

Hello ssddanbrown!

I really like your program and thank you for your help. I use an orchestrator called coolify. I installed BookStack through the coolify web interface, using the default settings. It installs the following image: lscr.io/linuxserver/bookstack:latest. In this case, it is only worth modifying the .env file via the web interface, because otherwise it will reset to its default settings when restarted.

The following image shows the mapping:

Image

The permissions:

Image Image

Thank you,

p

bpaldan avatar Oct 13 '25 15:10 bpaldan

So you're just editing that ".env" file shown in your last screenshot? Did you create that file? It's not clear if that's actually passed to the container, in the right place, at all. Is that file used by coolify?

ssddanbrown avatar Oct 13 '25 17:10 ssddanbrown

Coolify creates the .env file, which can be edited via the web interface. It can also be edited manually, but then the changes will be lost when BookStack Docker is restarted. The .env file is in place and, as far as I can tell, everything except oidc is being passed. Only the "Log in with SSO (authentication)" tab does not appear.

Could it be that something is not included in the docker installation mode? What is still missing is the storage/logs/laravel.log file. I cannot find the "storage" folder either.

I am using the LinuxServer.io docker setup. Should I try the other one?

Thank you,

p

bpaldan avatar Oct 14 '25 11:10 bpaldan

The Linuxserver image should be fine, many instance would be using that with OIDC, and OIDC doesn't really need anything special in regards to environment/dependencies.

Within Coolify, for the project, does the "environment variables" section show the AUTH_METHOD variable? Are you following some specific guidance in regards to that .env file usage in coolify? If so, can you link it?

ssddanbrown avatar Oct 14 '25 13:10 ssddanbrown

I will insert the environment variables page:

Image

I followed the instructions below regarding the use of the .env file:

https://coolify.io/docs/knowledge-base/docker/compose Regarding the use of the .env file, there are no special rules in this regard. It must contain a few variables (FQDN, URL, USER, etc.). There are no special rules regarding the use of the .env file in this regard. It must contain a few variables (FQDN, URL, USER, etc.).

In the first post, I copied the contents of the .env file. I can also include it in the image, but anonymization is more difficult for me. Basically, what I did was to copy the variables from here into the web interface: https://integrations.goauthentik.io/documentation/bookstack/

The volume mappings:

Image

Thank you very much.

p

bpaldan avatar Oct 15 '25 15:10 bpaldan

I followed the instructions below regarding the use of the .env file: https://coolify.io/docs/knowledge-base/docker/compose

I could be missing something but I'm not seeing anything about a .env file on that page?

When I get some time I'll try to spin up a coolify instance myself to have an explore so I can understand things better.

ssddanbrown avatar Oct 15 '25 21:10 ssddanbrown

OK Dan, thanks.

It does not explicitly mention the .env file, the interesting part is the "Defining environment variables" section. You define the environment variables in the docker-compose.yml file, and these are added to the .env file (coolify copies them) during deployment. If you manually enter the environment variables into the .env file, they will disappear upon redeployment, but if you only restart the BookStack the .env file is not overwritten.

For each project there is a folder under /data/coolify/services/ UUID (generated by Coolify on creation) containing the docker-compose.yml file. Here, for example, is my own

Image

and next to it the .env file (also my own).

Image

Excerpt from the docs: Key behaviors: Required variables (${VAR:?}) appear first in the environment variables list and show a red border when empty Required with defaults (${VAR:?default}) are prefilled with the default value but remain editable Optional variables (${VAR:-default}) use standard Docker Compose behavior If a required variable is not set during deployment: Coolify will highlight the missing variable in the UI The deployment will be prevented until all required variables are provided Clear error messages guide users to fix the configuration This validation happens before container creation, preventing partial deployments and runtime failures.

Everything else (volumes, containers) is located under the /var/lib/docker/containers/UUID and /var/lib/docker/columes/UUID.

Thank you for checking out coolify, but BookStack is perfectly usable as it is, I just don't understand what I'm looking at, which is frustrating. The authentik+traefik combo is still usable at the moment, except that now you have to authenticate twice (once with forwardauth with traefik and then separately with BookStack).

Thank you,

p

bpaldan avatar Oct 15 '25 22:10 bpaldan