mirror of
https://github.com/linuxserver/docker-swag.git
synced 2026-03-03 17:03:35 +09:00
Compare commits
6 Commits
4.1.1-ls38
...
4.1.1-ls39
| Author | SHA1 | Date | |
|---|---|---|---|
|
0e55f7b67e | ||
|
|
b52e35e494 | ||
|
|
ef2a5f2077 | ||
|
0c910b9a7b | ||
|
|
9ab0f727d0 | ||
|
0d952bcee1 |
1
.gitignore
vendored
1
.gitignore
vendored
@@ -1 +1,2 @@
|
||||
.idea
|
||||
.jenkins-external
|
||||
|
||||
@@ -22,8 +22,8 @@ azure-mgmt-dns 8.2.0 python
|
||||
backports-tarfile 1.2.0 python
|
||||
bash 5.2.37-r0 apk
|
||||
beautifulsoup4 4.13.4 python
|
||||
boto3 1.38.36 python
|
||||
botocore 1.38.36 python
|
||||
boto3 1.38.46 python
|
||||
botocore 1.38.46 python
|
||||
brotli-libs 1.1.0-r2 apk
|
||||
bs4 0.0.2 python
|
||||
busybox 1.37.0-r12 apk
|
||||
@@ -78,7 +78,7 @@ certbot-dns-standalone 1.2.1 python
|
||||
certbot-dns-transip 0.5.2 python
|
||||
certbot-dns-vultr 1.1.0 python
|
||||
certbot-plugin-gandi 1.5.0 python
|
||||
certifi 2025.4.26 python
|
||||
certifi 2025.6.15 python
|
||||
cffi 1.17.1 python
|
||||
charset-normalizer 3.4.2 python
|
||||
cli UNKNOWN binary
|
||||
@@ -120,8 +120,8 @@ gnupg-keyboxd 2.4.7-r0 apk
|
||||
gnupg-utils 2.4.7-r0 apk
|
||||
gnupg-wks-client 2.4.7-r0 apk
|
||||
gnutls 3.8.8-r0 apk
|
||||
google-api-core 2.25.0 python
|
||||
google-api-python-client 2.172.0 python
|
||||
google-api-core 2.25.1 python
|
||||
google-api-python-client 2.174.0 python
|
||||
google-auth 2.40.3 python
|
||||
google-auth-httplib2 0.2.0 python
|
||||
googleapis-common-protos 1.70.0 python
|
||||
@@ -217,7 +217,7 @@ libzip 1.11.2-r0 apk
|
||||
linux-pam 1.6.1-r1 apk
|
||||
logrotate 3.21.0-r1 apk
|
||||
loopialib 0.2.0 python
|
||||
lxml 5.4.0 python
|
||||
lxml 6.0.0 python
|
||||
lz4-libs 1.10.0-r0 apk
|
||||
markupsafe 3.0.2 python
|
||||
memcached 1.6.32-r0 apk
|
||||
@@ -363,7 +363,7 @@ typing-extensions 4.14.0 python
|
||||
tzdata 2025b-r0 apk
|
||||
unixodbc 2.3.12-r0 apk
|
||||
uritemplate 4.2.0 python
|
||||
urllib3 2.4.0 python
|
||||
urllib3 2.5.0 python
|
||||
utmps-libs 0.1.2.3-r2 apk
|
||||
wheel 0.45.1 python (+1 duplicate)
|
||||
whois 5.5.23-r0 apk
|
||||
|
||||
9
root/defaults/nginx/tinyauth-location.conf.sample
Normal file
9
root/defaults/nginx/tinyauth-location.conf.sample
Normal file
@@ -0,0 +1,9 @@
|
||||
## Version 2025/06/08 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-location.conf.sample
|
||||
# Make sure that your tinyauth container is in the same user defined bridge network and is named tinyauth
|
||||
# Rename /config/nginx/proxy-confs/tinyauth.subdomain.conf.sample to /config/nginx/proxy-confs/tinyauth.subdomain.conf
|
||||
|
||||
## Send a subrequest to tinyauth to verify if the user is authenticated and has permission to access the resource
|
||||
auth_request /tinyauth;
|
||||
|
||||
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
|
||||
error_page 401 = @tinyauth_login;
|
||||
35
root/defaults/nginx/tinyauth-server.conf.sample
Normal file
35
root/defaults/nginx/tinyauth-server.conf.sample
Normal file
@@ -0,0 +1,35 @@
|
||||
## Version 2025/06/08 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-server.conf.sample
|
||||
# Make sure that your tinyauth container is in the same user defined bridge network and is named tinyauth
|
||||
# Rename /config/nginx/proxy-confs/tinyauth.subdomain.conf.sample to /config/nginx/proxy-confs/tinyauth.subdomain.conf
|
||||
|
||||
# location for tinyauth auth requests
|
||||
location /tinyauth {
|
||||
internal;
|
||||
|
||||
include /config/nginx/proxy.conf;
|
||||
include /config/nginx/resolver.conf;
|
||||
set $upstream_tinyauth tinyauth;
|
||||
proxy_pass http://$upstream_tinyauth:3000/api/auth/nginx;
|
||||
|
||||
proxy_set_header x-forwarded-proto $scheme;
|
||||
proxy_set_header x-forwarded-host $http_host;
|
||||
proxy_set_header x-forwarded-uri $request_uri;
|
||||
}
|
||||
|
||||
# virtual location for tinyauth 401 redirects
|
||||
location @tinyauth_login {
|
||||
internal;
|
||||
|
||||
## Set the $target_url variable based on the original request
|
||||
set_escape_uri $target_url $scheme://$http_host$request_uri;
|
||||
|
||||
## Set the $signin_url variable
|
||||
set $domain $host;
|
||||
if ($host ~* "^[^.]+\.([^.]+\..+)$") {
|
||||
set $domain $1;
|
||||
}
|
||||
set $signin_url https://tinyauth.$domain/login?redirect_uri=$target_url;
|
||||
|
||||
## Redirect to login
|
||||
return 302 $signin_url;
|
||||
}
|
||||
@@ -22,6 +22,14 @@ if [[ ! -f /config/nginx/authentik-server.conf ]]; then
|
||||
cp /defaults/nginx/authentik-server.conf.sample /config/nginx/authentik-server.conf
|
||||
fi
|
||||
|
||||
# copy tinyauth config files if they don't exist
|
||||
if [[ ! -f /config/nginx/tinyauth-location.conf ]]; then
|
||||
cp /defaults/nginx/tinyauth-location.conf.sample /config/nginx/tinyauth-location.conf
|
||||
fi
|
||||
if [[ ! -f /config/nginx/tinyauth-server.conf ]]; then
|
||||
cp /defaults/nginx/tinyauth-server.conf.sample /config/nginx/tinyauth-server.conf
|
||||
fi
|
||||
|
||||
# copy old ldap config file to new location
|
||||
if [[ -f /config/nginx/ldap.conf ]] && [[ ! -f /config/nginx/ldap-server.conf ]]; then
|
||||
cp /config/nginx/ldap.conf /config/nginx/ldap-server.conf
|
||||
|
||||
Reference in New Issue
Block a user