SVI/ProxmoxVE
1
0
Fork 0
mirror of https://github.com/community-scripts/ProxmoxVE.git synced 2026-03-31 06:34:17 -04:00
Code Issues 2.6k Packages Projects Releases 10 Wiki Activity

Tinyauth Failed to Login #2066

New Issue
Closed
opened 2025-11-20 05:22:45 -05:00 by saavagebueno · 12 comments
saavagebueno commented 2025-11-20 05:22:45 -05:00
Owner
Copy Link

Originally created by @abigpizzapie on GitHub (Oct 11, 2025).

Originally assigned to: @tremor021 on GitHub.

Have you read and understood the above guidelines?

yes

📜 What is the name of the script you are using?

Alpine-Tinyauth

📂 What was the exact command used to execute the script?

bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/alpine-tinyauth.sh)"

⚙️ What settings are you using?

  • Default Settings
  • Advanced Settings

🖥️ Which Linux distribution are you using?

Alpine

📈 Which Proxmox version are you on?

pve-manager/9.0.10/deb1ca707ec72a89 (running kernel: 6.14.11-3-pve)

📝 Provide a clear and concise description of the issue.

Tinyauth installed within an Alpine LXC container will install and run allowing access via both IP Address and configured AppURL.

However the default login details supplied in the credentials.txt file do not work to login to Tinyauth and manually adding a user:hash to the .env file or running the Create User CLI command do not allow login from the application.

Running ./Tinyauth directly in console returns FTL ../../home/runner/work/tinyauth/tinyauth/cmd/root.go:109 > Invalid config error="Key: 'Config.AppURL' Error:Field validation for 'AppURL' failed on the 'required' tag"

🔄 Steps to reproduce the issue.

  1. Install Tinyauth from Community Scripts.
  2. cat /opt/tinyauth/credentials.txt
  3. Navigate to https://tinyauth.own.domain.com
  4. Enter details and login - Failed to login box.
Image

Paste the full error output (if available).

Output of /var/log/messages
Oct 11 17:09:40 alpine-tinyauth syslog.info syslogd started: BusyBox v1.37.0
Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 391, tty '': '/sbin/openrc default'
Oct 11 17:09:40 alpine-tinyauth cron.info crond[412]: crond (busybox 1.37.0) started, log level 8
Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 419, tty '': '/sbin/getty 38400 console'
Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 420, tty '/dev/tty1': '/sbin/getty 38400 tty1'
Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 421, tty '/dev/tty2': '/sbin/getty 38400 tty2'
Oct 11 17:10:19 alpine-tinyauth auth.info passwd: password for root changed by root
Oct 11 17:10:24 alpine-tinyauth daemon.info init: reloading /etc/inittab
Oct 11 17:10:25 alpine-tinyauth daemon.info init: starting pid 733, tty '/dev/tty1': '/sbin/agetty --autologin root --noclear tty1 38400 linux'
Oct 11 17:10:25 alpine-tinyauth daemon.info init: process '/sbin/getty 38400 tty1' (pid 420) exited. Scheduling for restart.
Oct 11 17:10:25 alpine-tinyauth user.notice : Error reading login.defs: Configuration file not found
Oct 11 17:10:25 alpine-tinyauth auth.info login[734]: root login on 'tty1'
Oct 11 17:15:00 alpine-tinyauth cron.info crond[412]: USER root pid 742 cmd run-parts /etc/periodic/15min
Oct 11 17:30:00 alpine-tinyauth cron.info crond[412]: USER root pid 743 cmd run-parts /etc/periodic/15min

🖼️ Additional context (optional).

No response

Originally created by @abigpizzapie on GitHub (Oct 11, 2025). Originally assigned to: @tremor021 on GitHub. ### ✅ Have you read and understood the above guidelines? yes ### 📜 What is the name of the script you are using? Alpine-Tinyauth ### 📂 What was the exact command used to execute the script? bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/alpine-tinyauth.sh)" ### ⚙️ What settings are you using? - [x] Default Settings - [ ] Advanced Settings ### 🖥️ Which Linux distribution are you using? Alpine ### 📈 Which Proxmox version are you on? pve-manager/9.0.10/deb1ca707ec72a89 (running kernel: 6.14.11-3-pve) ### 📝 Provide a clear and concise description of the issue. Tinyauth installed within an Alpine LXC container will install and run allowing access via both IP Address and configured AppURL. However the default login details supplied in the credentials.txt file do not work to login to Tinyauth and manually adding a user:hash to the .env file or running the Create User CLI command do not allow login from the application. Running `./Tinyauth` directly in console returns `FTL ../../home/runner/work/tinyauth/tinyauth/cmd/root.go:109 > Invalid config error="Key: 'Config.AppURL' Error:Field validation for 'AppURL' failed on the 'required' tag"` ### 🔄 Steps to reproduce the issue. 1. Install Tinyauth from Community Scripts. 2. cat `/opt/tinyauth/credentials.txt` 3. Navigate to https://tinyauth.own.domain.com 4. Enter details and login - Failed to login box. <img width="2796" height="1390" alt="Image" src="https://github.com/user-attachments/assets/50fc5ce4-0c6a-461d-8ada-676b3ac0ae6b" /> ### ❌ Paste the full error output (if available). Output of /var/log/messages Oct 11 17:09:40 alpine-tinyauth syslog.info syslogd started: BusyBox v1.37.0 Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 391, tty '': '/sbin/openrc default' Oct 11 17:09:40 alpine-tinyauth cron.info crond[412]: crond (busybox 1.37.0) started, log level 8 Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 419, tty '': '/sbin/getty 38400 console' Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 420, tty '/dev/tty1': '/sbin/getty 38400 tty1' Oct 11 17:09:40 alpine-tinyauth daemon.info init: starting pid 421, tty '/dev/tty2': '/sbin/getty 38400 tty2' Oct 11 17:10:19 alpine-tinyauth auth.info passwd: password for root changed by root Oct 11 17:10:24 alpine-tinyauth daemon.info init: reloading /etc/inittab Oct 11 17:10:25 alpine-tinyauth daemon.info init: starting pid 733, tty '/dev/tty1': '/sbin/agetty --autologin root --noclear tty1 38400 linux' Oct 11 17:10:25 alpine-tinyauth daemon.info init: process '/sbin/getty 38400 tty1' (pid 420) exited. Scheduling for restart. Oct 11 17:10:25 alpine-tinyauth user.notice : Error reading login.defs: Configuration file not found Oct 11 17:10:25 alpine-tinyauth auth.info login[734]: root login on 'tty1' Oct 11 17:15:00 alpine-tinyauth cron.info crond[412]: USER root pid 742 cmd run-parts /etc/periodic/15min Oct 11 17:30:00 alpine-tinyauth cron.info crond[412]: USER root pid 743 cmd run-parts /etc/periodic/15min ### 🖼️ Additional context (optional). _No response_
saavagebueno added the bug label 2025-11-20 05:22:45 -05:00
saavagebueno commented 2025-11-20 05:22:46 -05:00
Author
Owner
Copy Link

@MickLesk commented on GitHub (Oct 11, 2025):

@tremor021

@MickLesk commented on GitHub (Oct 11, 2025): @tremor021
saavagebueno commented 2025-11-20 05:22:46 -05:00
Author
Owner
Copy Link

@tremor021 commented on GitHub (Oct 11, 2025):

@steveiliop56

@tremor021 commented on GitHub (Oct 11, 2025): @steveiliop56
saavagebueno commented 2025-11-20 05:22:46 -05:00
Author
Owner
Copy Link

@steveiliop56 commented on GitHub (Oct 11, 2025):

@tremor021 are versions handled in any way with community scripts? Because apart from this issue, it seems like Tinyauth was automatically bumped to v4 without following the migration procedure. As for this specific install, @abigpizzapie what's the output of journalctl -eu tinyauth?

@steveiliop56 commented on GitHub (Oct 11, 2025): @tremor021 are versions handled in any way with community scripts? Because apart from this issue, it seems like Tinyauth was automatically bumped to v4 without following the migration procedure. As for this specific install, @abigpizzapie what's the output of `journalctl -eu tinyauth`?
saavagebueno commented 2025-11-20 05:22:46 -05:00
Author
Owner
Copy Link

@tremor021 commented on GitHub (Oct 11, 2025):

@steveiliop56 the only thing i added is DATABASE_PATH env var because it throws a error if started without it. Everything else i think is the same as you wrote it.

I assume both install and update scripts will need to be revisited

@tremor021 commented on GitHub (Oct 11, 2025): @steveiliop56 the only thing i added is DATABASE_PATH env var because it throws a error if started without it. Everything else i think is the same as you wrote it. I assume both install and update scripts will need to be revisited
saavagebueno commented 2025-11-20 05:22:47 -05:00
Author
Owner
Copy Link

@steveiliop56 commented on GitHub (Oct 11, 2025):

@tremor021 if I have some free time I will make a pull request that doesn't "yolo" Tinyauth versions. Probably a separate issue though.

@steveiliop56 commented on GitHub (Oct 11, 2025): @tremor021 if I have some free time I will make a pull request that doesn't "yolo" Tinyauth versions. Probably a separate issue though.
saavagebueno commented 2025-11-20 05:22:47 -05:00
Author
Owner
Copy Link

@abigpizzapie commented on GitHub (Oct 11, 2025):

@steveiliop56 This is the output of journalctl -eu tinyauth

~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
~
-- No entries --

@abigpizzapie commented on GitHub (Oct 11, 2025): @steveiliop56 This is the output of `journalctl -eu tinyauth` ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ -- No entries --
saavagebueno commented 2025-11-20 05:22:47 -05:00
Author
Owner
Copy Link

@steveiliop56 commented on GitHub (Oct 12, 2025):

Alright what about service tinyauth status.

@steveiliop56 commented on GitHub (Oct 12, 2025): Alright what about `service tinyauth status`.
saavagebueno commented 2025-11-20 05:22:47 -05:00
Author
Owner
Copy Link

@sepl2604 commented on GitHub (Oct 12, 2025):

I currently have the same issue, tried to setup tinyauth yesterday for the first time. Not sure if one could call this the fix, but with some hints coming from some AI chatting, I ended up with wrapping the USERS value in single quotes like this

USERS='tinyauth:$$2y$$05$$0FFMPsAlaFw2ScOLJXJiDu9.xq9zPHHYA3oxxgrBvvRz.i.zkhAkq'

Now I can login without any issues with the default creds.

Image
@sepl2604 commented on GitHub (Oct 12, 2025): I currently have the same issue, tried to setup tinyauth yesterday for the first time. Not sure if one could call this the fix, but with some hints coming from some AI chatting, I ended up with wrapping the USERS value in single quotes like this `USERS='tinyauth:$$2y$$05$$0FFMPsAlaFw2ScOLJXJiDu9.xq9zPHHYA3oxxgrBvvRz.i.zkhAkq'` Now I can login without any issues with the default creds. <img width="816" height="442" alt="Image" src="https://github.com/user-attachments/assets/a1899331-372a-4f71-b07e-d9e26111e551" />
saavagebueno commented 2025-11-20 05:22:47 -05:00
Author
Owner
Copy Link

@steveiliop56 commented on GitHub (Oct 12, 2025):

I am guessing that the issue is here f0fa24e1a5/install/alpine-tinyauth-install.sh (L51) In docker environment variables, we have to escape the dollar sign with double dollar sings, so $$. But $$ translates to the PID of the process in bash which of course breaks the bcrypt hash. @tremor021 we can either replace the sed command with s/\$/\\$/g which will escape the bcrypt hash with a backslash or enclose it in quotes.

@steveiliop56 commented on GitHub (Oct 12, 2025): I am guessing that the issue is here https://github.com/community-scripts/ProxmoxVE/blob/f0fa24e1a5d0e7ab24b5f698069e7e38601f1704/install/alpine-tinyauth-install.sh#L51 In docker environment variables, we have to escape the dollar sign with double dollar sings, so `$$`. But `$$` translates to the PID of the process in bash which of course breaks the bcrypt hash. @tremor021 we can either replace the sed command with `s/\$/\\$/g` which will escape the bcrypt hash with a backslash or enclose it in quotes.
saavagebueno commented 2025-11-20 05:22:47 -05:00
Author
Owner
Copy Link

@tremor021 commented on GitHub (Oct 12, 2025):

w/e is fine with me, as long the result is good :)

@tremor021 commented on GitHub (Oct 12, 2025): w/e is fine with me, as long the result is good :)
saavagebueno commented 2025-11-20 05:22:48 -05:00
Author
Owner
Copy Link

@abigpizzapie commented on GitHub (Oct 12, 2025):

Just tested myself what @sepl2604 did to get it to work, just adding the single quotes to either end of the users string didn't fix the issue for me.
However adding the quotes, removing one of the $ signs and rehashing the password in BCrypt and pasting it into the .env fixed the issue.

I've also tested adding a whole new user following the above and it now works as expected.

@abigpizzapie commented on GitHub (Oct 12, 2025): Just tested myself what @sepl2604 did to get it to work, just adding the single quotes to either end of the users string didn't fix the issue for me. However adding the quotes, removing one of the $ signs and rehashing the password in BCrypt and pasting it into the .env fixed the issue. I've also tested adding a whole new user following the above and it now works as expected.
saavagebueno commented 2025-11-20 05:22:48 -05:00
Author
Owner
Copy Link

@steveiliop56 commented on GitHub (Oct 12, 2025):

@tremor021 this patch should work:

diff --git a/install/alpine-tinyauth-install.sh b/install/alpine-tinyauth-install.sh
index 94520506..6242b9d9 100644
--- a/install/alpine-tinyauth-install.sh
+++ b/install/alpine-tinyauth-install.sh
@@ -39,17 +39,13 @@ msg_ok "Installed Tinyauth"
 read -p "${TAB3}Enter your Tinyauth subdomain (e.g. https://tinyauth.example.com): " app_url
 
 msg_info "Creating Tinyauth Service"
-SECRET=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32)
 
 cat <<EOF >/opt/tinyauth/.env
 DATABASE_PATH=/opt/tinyauth/database.db
-SECRET=${SECRET}
-USERS=${USER}
+USERS='${USER}'
 APP_URL=${app_url}
 EOF
 
-sed -i -e 's/\$/\$\$/g' /opt/tinyauth/.env
-
 cat <<'EOF' >/etc/init.d/tinyauth
 #!/sbin/openrc-run
 description="Tinyauth Service"
@steveiliop56 commented on GitHub (Oct 12, 2025): @tremor021 this patch should work: ```patch diff --git a/install/alpine-tinyauth-install.sh b/install/alpine-tinyauth-install.sh index 94520506..6242b9d9 100644 --- a/install/alpine-tinyauth-install.sh +++ b/install/alpine-tinyauth-install.sh @@ -39,17 +39,13 @@ msg_ok "Installed Tinyauth" read -p "${TAB3}Enter your Tinyauth subdomain (e.g. https://tinyauth.example.com): " app_url msg_info "Creating Tinyauth Service" -SECRET=$(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32) cat <<EOF >/opt/tinyauth/.env DATABASE_PATH=/opt/tinyauth/database.db -SECRET=${SECRET} -USERS=${USER} +USERS='${USER}' APP_URL=${app_url} EOF -sed -i -e 's/\$/\$\$/g' /opt/tinyauth/.env - cat <<'EOF' >/etc/init.d/tinyauth #!/sbin/openrc-run description="Tinyauth Service" ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🛑 Failure to comply with the guidelines
breaking change
bug
bug
bugfix
deferred
delete script
dependencies
enhancement
external
feature
github
help wanted
Implemented in VED waiting push to Main
in project pipeline
invalid
investigation
json
maintenance
new script
new script
nice to have
not a script issue
not planned
organization
pull-request
Mirrored from GitHub Pull Request
 question
refactor
rename script
security
update script
website
wontdo
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
saavagebueno
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: SVI/ProxmoxVE#2066
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?