Using the binary

For setups that do not require Docker, the Tinyauth binary provides a lightweight alternative. This approach is ideal for LXC containers or machines where Docker is unnecessary but Tinyauth is still required to protect services.

Downloading the Binary

The binary can be downloaded from the latest GitHub release. Builds are available for both arm64 and amd64 Linux machines. Renaming the binary to tinyauth is recommended for consistency throughout this guide. Ensure the binary is executable:

chmod +x tinyauth

Configuration

Configuration can be achieved using either CLI flags or environment variables (recommended). To use environment variables, download the example .env file from GitHub:

curl -o .env https://raw.githubusercontent.com/steveiliop56/tinyauth/refs/heads/main/.env.example

Note

It is recommended to use a tag when downloading the example .env file to ensure you are using the latest stable version and not a development one. For example:

curl -o .env https://raw.githubusercontent.com/steveiliop56/tinyauth/refs/tags/v5.0.0/.env.example

Will download the example .env file for the v5.0.0 tag.

Edit the .env file to replace template values with actual values or remove unnecessary ones. Alternatively, CLI flags can be used for configuration, though this method is less recommended due to potential complexity and shell parsing issues. Always use quotes (') to ensure values are passed correctly.

A complete list of environment variables and CLI flags is available on the configuration page.

Running

Once configured, start Tinyauth. For environment variable-based setups, export the variables in the shell:

export $(grep -v '^#' .env | xargs -d '\n')

Note

To unset the environment variables for security purposes, use: unset $(grep -v '^#' .env | sed -E 's/(.*)=.*/\1/' | xargs).

Start the Tinyauth server:

./tinyauth

For CLI flag-based setups, pass the flags directly:

./tinyauth --appurl=https://tinyauth.example.com

Running as a systemd Service

To enable Tinyauth to start automatically on boot, create a systemd service. First, create the service file:

/etc/systemd/system/tinyauth.service

[Unit]
Description=Tinyauth service
After=network.target

[Service]
EnvironmentFile=/some/path/.env
ExecStart=/some/path/tinyauth
Restart=on-failure

[Install]
WantedBy=multi-user.target

Note

Replace the paths in the service file with the actual locations of the environment and binary files.

Note

For CLI flag-based setups, remove the EnvironmentFile line and append the flags to the ExecStart line, e.g., ExecStart=/some/path/tinyauth --appurl=https://tinyauth.example.com.

Reload the systemd daemon:

sudo systemctl daemon-reload

Enable and start the service:

sudo systemctl enable --now tinyauth

Logs can be viewed with:

sudo journalctl -efu tinyauth

Tinyauth will now start automatically on boot.