linuxserver/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2026-02-09 14:34:14 +09:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

feat: 💩 proxy pass the full authelia auth request subpath

Browse Source 
Signed-off-by: GitHub <noreply@github.com>
This commit is contained in:
Eric Nemchik
2025-03-25 21:28:54 +00:00
committed by GitHub
parent 15a3bc9d2c
commit 8caf2a1841
2 changed files with 1 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
root/defaults/nginx/authelia-location.conf.sample
View File

@@ -1,7 +1,6 @@
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample ## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia # Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf # Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
# Make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource ## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource
auth_request /authelia/api/authz/auth-request; auth_request /authelia/api/authz/auth-request;

18
root/defaults/nginx/authelia-server.conf.sample
View File

@@ -1,17 +1,6 @@
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample ## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia # Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf # Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
# Make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
# location for authelia subfolder requests
location ^~ /authelia {
auth_request off; # requests to this subfolder must be accessible without authentication
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_authelia authelia;
proxy_pass http://$upstream_authelia:9091;
}
# location for authelia auth requests # location for authelia auth requests
location = /authelia/api/authz/auth-request { location = /authelia/api/authz/auth-request {
@@ -20,7 +9,7 @@ location = /authelia/api/authz/auth-request {
include /config/nginx/proxy.conf; include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf; include /config/nginx/resolver.conf;
set $upstream_authelia authelia; set $upstream_authelia authelia;
proxy_pass http://$upstream_authelia:9091; proxy_pass http://$upstream_authelia:9091/api/authz/auth-request;
## Include the Set-Cookie header if present ## Include the Set-Cookie header if present
auth_request_set $set_cookie $upstream_http_set_cookie; auth_request_set $set_cookie $upstream_http_set_cookie;
@@ -44,11 +33,6 @@ location @authelia_proxy_signin {
## Translate the Location response header from the auth subrequest into a variable ## Translate the Location response header from the auth subrequest into a variable
auth_request_set $signin_url $upstream_http_location; auth_request_set $signin_url $upstream_http_location;
if ($signin_url = '') {
## Set the $signin_url variable
set $signin_url https://$http_host/authelia/?rd=$target_url;
}
## Redirect to login ## Redirect to login
return 302 $signin_url; return 302 $signin_url;
} }