The podman integration was pretty janky because it relied on running a
pod and the NixOS integration with pods are essentially non-existent.
This led to issues with the port being improperly forwarded when
partially restarted.
Now instead I use a flake dedicated to running authentik. This allows me
to specify some of the config in the module directly and some in
secrets, which is really nice. I've additionally added some changes to
the listen address so that the service isn't exposed over public IP
addresses.
This includes a new paradigm for using a pgpass file, which is great, as
well as sorting out how to properly do a bash script shebang in a
service file.
I'm going to spin up some dev resources to see if I can figure out how
to compile the latest. In the mean time, this is doing what I want and
is going to get deployed.
I kept hitting errors like:
Something went wrong. Here's the specific error message we encountered: Operation failed after 3 attempts: 400 {"type":"error","error":{"type":"invalid_request_error","message":"\"claude-opus-4-20250514\" is not supported on this API. Please use the Messages API instead."}}
I believe from https://github.com/danny-avila/LibreChat/discussions/7554
that I may need to update the version of librechat I'm running.
With these changes I have librechat running and being properly
reverse-proxied and I can login via SSO. I was not able to get a
reasonable response yet from Claude.
