Compare commits

...

10 Commits

Author SHA1 Message Date
Eric Nemchik a2509cc44e Update Nginx configuration to use $is_request_port and $request_port for improved compatibility
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2026-07-18 13:42:25 -05:00
Eric Nemchik a393925f44 Update dates in files to version 2026/07/18
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2026-07-18 12:30:42 -05:00
Eric Nemchik 69afc4de58 Update Nginx configuration to replace $http_host with $host:$server_port for better compatibility
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2026-07-18 12:28:50 -05:00
LinuxServer-CI bc02502e97 Bot Updating Package Versions 2026-07-18 05:32:40 +00:00
LinuxServer-CI 2c22ce9573 Bot Updating Package Versions 2026-07-15 18:14:31 +00:00
Eric Nemchik 0a34712336 Merge pull request #594 from jonathanmajh/patch-1
Update tinyauth-location.conf.sample for Forward Auth
2026-07-11 21:48:18 -05:00
Eric Nemchik 4e7e4f7fee Merge branch 'master' into patch-1 2026-07-11 21:07:22 -05:00
Jonathan Ma e39c6487f7 Update root/defaults/nginx/tinyauth-location.conf.sample
Co-authored-by: Eric Nemchik <eric@nemchik.com>
2026-07-11 12:58:10 -04:00
Jonathan Ma 6b1745980a Merge branch 'master' into patch-1 2026-04-23 08:56:57 -04:00
Jonathan Ma 3ffa4aaa77 Update tinyauth-location.conf.sample for Forward Auth
Updated version information and added headers for Forward Auth in the tinyauth NGINX configuration.
2025-12-17 15:28:03 -05:00
6 changed files with 69 additions and 55 deletions
+41 -41
View File
@@ -1,13 +1,13 @@
NAME VERSION TYPE
Simple Launcher 1.1.0.14 binary (+5 duplicates)
acl-libs 2.3.2-r1 apk
acme 5.6.0 python
acme 5.7.0 python
alpine-baselayout 3.7.0-r0 apk
alpine-baselayout-data 3.7.0-r0 apk
alpine-keys 2.5-r0 apk
alpine-release 3.22.5-r0 apk
annotated-types 0.7.0 python
anyio 4.14.1 python
anyio 4.14.2 python
aom-libs 3.12.1-r0 apk
apache2-utils 2.4.68-r0 apk
apk-tools 2.14.10-r0 apk
@@ -23,29 +23,29 @@ azure-mgmt-dns 9.0.0 python
backports-tarfile 1.2.0 python
bash 5.2.37-r0 apk
beautifulsoup4 4.15.0 python
boto3 1.43.46 python
botocore 1.43.46 python
boto3 1.43.51 python
botocore 1.43.51 python
brotli-libs 1.1.0-r2 apk
bs4 0.0.2 python
busybox 1.37.0-r20 apk
busybox-binsh 1.37.0-r20 apk
c-ares 1.34.6-r0 apk
c-ares 1.34.8-r0 apk
c-client 2007f-r15 apk
ca-certificates 20260611-r0 apk
ca-certificates-bundle 20260611-r0 apk
catatonit 0.2.1-r0 apk
certbot 5.6.0 python
certbot 5.7.0 python
certbot-dns-acmedns 0.1.0 python
certbot-dns-aliyun 2.0.0 python
certbot-dns-azure 1.5.0 python
certbot-dns-bunny 3.0.0 python
certbot-dns-cloudflare 5.6.0 python
certbot-dns-cloudflare 5.7.0 python
certbot-dns-cpanel 0.4.0 python
certbot-dns-desec 1.3.2 python
certbot-dns-digitalocean 5.6.0 python
certbot-dns-digitalocean 5.7.0 python
certbot-dns-directadmin 1.0.15 python
certbot-dns-dnsimple 5.6.0 python
certbot-dns-dnsmadeeasy 5.6.0 python
certbot-dns-dnsimple 5.7.0 python
certbot-dns-dnsmadeeasy 5.7.0 python
certbot-dns-dnspod 0.1.0 python
certbot-dns-do 0.31.0 python
certbot-dns-domeneshop 0.2.9 python
@@ -53,29 +53,29 @@ certbot-dns-dreamhost 1.0 python
certbot-dns-duckdns 1.8.0 python
certbot-dns-dynudns 0.0.6 python
certbot-dns-freedns 0.2.0 python
certbot-dns-gehirn 5.6.0 python
certbot-dns-gehirn 5.7.0 python
certbot-dns-glesys 2.1.0 python
certbot-dns-godaddy 2.8.0 python
certbot-dns-google 5.6.0 python
certbot-dns-google 5.7.0 python
certbot-dns-he 1.0.0 python
certbot-dns-hetzner 4.0.0 python
certbot-dns-hetzner-cloud 1.0.5 python
certbot-dns-infomaniak 0.2.4 python
certbot-dns-inwx 3.0.3 python
certbot-dns-ionos 2024.11.9 python
certbot-dns-linode 5.6.0 python
certbot-dns-linode 5.7.0 python
certbot-dns-loopia 1.0.1 python
certbot-dns-luadns 5.6.0 python
certbot-dns-luadns 5.7.0 python
certbot-dns-mijn-host 0.0.9 python
certbot-dns-namecheap 1.0.0 python
certbot-dns-netcup 2.0.3 python
certbot-dns-njalla 2.0.2 python
certbot-dns-nsone 5.6.0 python
certbot-dns-ovh 5.6.0 python
certbot-dns-nsone 5.7.0 python
certbot-dns-ovh 5.7.0 python
certbot-dns-porkbun 0.11.0 python
certbot-dns-rfc2136 5.6.0 python
certbot-dns-route53 5.6.0 python
certbot-dns-sakuracloud 5.6.0 python
certbot-dns-rfc2136 5.7.0 python
certbot-dns-route53 5.7.0 python
certbot-dns-sakuracloud 5.7.0 python
certbot-dns-standalone 1.2.1 python
certbot-dns-transip 0.5.2 python
certbot-dns-vultr 1.1.0 python
@@ -87,7 +87,7 @@ cli UNKNOWN binary
cli-32 UNKNOWN binary
cli-64 UNKNOWN binary
cli-arm64 UNKNOWN binary
cloudflare 5.4.0 python
cloudflare 5.5.0 python
composer 2.10.2 binary
configargparse 1.7 python
configobj 5.0.8 python
@@ -105,7 +105,7 @@ domeneshop 0.4.4 python
fail2ban 1.1.0 python
fail2ban 1.1.0-r3 apk
fail2ban-pyc 1.1.0-r3 apk
filelock 3.29.7 python
filelock 3.30.3 python
findutils 4.10.0-r0 apk
fontconfig 2.15.0-r3 apk
freetype 2.13.3-r0 apk
@@ -124,7 +124,7 @@ gnupg-wks-client 2.4.9-r0 apk
gnutls 3.8.13-r0 apk
google-api-core 2.30.3 python
google-api-python-client 2.198.0 python
google-auth 2.55.2 python
google-auth 2.56.0 python
google-auth-httplib2 0.4.0 python
googleapis-common-protos 1.75.0 python
gpg 2.4.9-r0 apk
@@ -240,25 +240,25 @@ ncurses-terminfo-base 6.5_p20250503-r0 apk
netcat-openbsd 1.229.1-r0 apk
nettle 3.10.2-r0 apk
nghttp2-libs 1.69.0-r0 apk
nginx 1.28.3-r4 apk
nginx-mod-devel-kit 1.28.3-r4 apk
nginx-mod-http-brotli 1.28.3-r4 apk
nginx-mod-http-dav-ext 1.28.3-r4 apk
nginx-mod-http-echo 1.28.3-r4 apk
nginx-mod-http-fancyindex 1.28.3-r4 apk
nginx-mod-http-geoip2 1.28.3-r4 apk
nginx-mod-http-headers-more 1.28.3-r4 apk
nginx-mod-http-image-filter 1.28.3-r4 apk
nginx-mod-http-perl 1.28.3-r4 apk
nginx-mod-http-redis2 1.28.3-r4 apk
nginx-mod-http-set-misc 1.28.3-r4 apk
nginx-mod-http-upload-progress 1.28.3-r4 apk
nginx-mod-http-xslt-filter 1.28.3-r4 apk
nginx-mod-mail 1.28.3-r4 apk
nginx-mod-rtmp 1.28.3-r4 apk
nginx-mod-stream 1.28.3-r4 apk
nginx-mod-stream-geoip2 1.28.3-r4 apk
nginx-vim 1.28.3-r4 apk
nginx 1.28.3-r5 apk
nginx-mod-devel-kit 1.28.3-r5 apk
nginx-mod-http-brotli 1.28.3-r5 apk
nginx-mod-http-dav-ext 1.28.3-r5 apk
nginx-mod-http-echo 1.28.3-r5 apk
nginx-mod-http-fancyindex 1.28.3-r5 apk
nginx-mod-http-geoip2 1.28.3-r5 apk
nginx-mod-http-headers-more 1.28.3-r5 apk
nginx-mod-http-image-filter 1.28.3-r5 apk
nginx-mod-http-perl 1.28.3-r5 apk
nginx-mod-http-redis2 1.28.3-r5 apk
nginx-mod-http-set-misc 1.28.3-r5 apk
nginx-mod-http-upload-progress 1.28.3-r5 apk
nginx-mod-http-xslt-filter 1.28.3-r5 apk
nginx-mod-mail 1.28.3-r5 apk
nginx-mod-rtmp 1.28.3-r5 apk
nginx-mod-stream 1.28.3-r5 apk
nginx-mod-stream-geoip2 1.28.3-r5 apk
nginx-vim 1.28.3-r5 apk
npth 1.8-r0 apk
oniguruma 6.9.10-r0 apk
openssl 3.5.7-r0 apk
@@ -1,4 +1,4 @@
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
@@ -28,7 +28,7 @@ location @authelia_proxy_signin {
add_header Set-Cookie $set_cookie;
## Set the $target_url variable based on the original request
set_escape_uri $target_url $scheme://$http_host$request_uri;
set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri;
## Translate the Location response header from the auth subrequest into a variable
auth_request_set $signin_url $upstream_http_location;
@@ -1,4 +1,4 @@
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
# Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf
@@ -38,10 +38,10 @@ location @goauthentik_proxy_signin {
add_header Set-Cookie $set_cookie;
## Set the $target_url variable based on the original request
set_escape_uri $target_url $scheme://$http_host$request_uri;
set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri;
## Set the $signin_url variable
set $signin_url https://$http_host/outpost.goauthentik.io/start?rd=$target_url;
set $signin_url https://$host$is_request_port$request_port/outpost.goauthentik.io/start?rd=$target_url;
## Redirect to login
return 302 $signin_url;
+4 -4
View File
@@ -1,4 +1,4 @@
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample
# Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
@@ -21,11 +21,11 @@ proxy_no_cache $cookie_session;
# Proxy Header Settings
proxy_set_header Connection $connection_upgrade;
proxy_set_header Early-Data $ssl_early_data;
proxy_set_header Host $host;
proxy_set_header Host $host$is_request_port$request_port;
proxy_set_header Proxy "";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Host $host$is_request_port$request_port;
proxy_set_header X-Forwarded-Method $request_method;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
@@ -33,5 +33,5 @@ proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Uri $request_uri;
proxy_set_header X-Original-Method $request_method;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
proxy_set_header X-Original-URL $scheme://$host$is_request_port$request_port$request_uri;
proxy_set_header X-Real-IP $remote_addr;
@@ -1,4 +1,4 @@
## Version 2025/06/08 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-location.conf.sample
## Version 2025/12/17 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-location.conf.sample
# Make sure that your tinyauth container is in the same user defined bridge network and is named tinyauth
# Rename /config/nginx/proxy-confs/tinyauth.subdomain.conf.sample to /config/nginx/proxy-confs/tinyauth.subdomain.conf
@@ -7,3 +7,17 @@ auth_request /tinyauth;
## If the subreqest returns 200 pass to the backend, if the subrequest returns 401 redirect to the portal
error_page 401 = @tinyauth_login;
## Translate the user information response headers from the auth subrequest into variables
auth_request_set $email $upstream_http_remote_email;
auth_request_set $groups $upstream_http_remote_groups;
auth_request_set $name $upstream_http_remote_name;
auth_request_set $user $upstream_http_remote_user;
## Inject the user information into the request made to the actual upstream
proxy_set_header Remote-Email $email;
proxy_set_header Remote-Groups $groups;
proxy_set_header Remote-Name $name;
proxy_set_header Remote-User $user;
## Can be extended with more custom headers https://tinyauth.app/docs/reference/headers#nginxnginx-proxy-manager
@@ -1,4 +1,4 @@
## Version 2025/06/08 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-server.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-server.conf.sample
# Make sure that your tinyauth container is in the same user defined bridge network and is named tinyauth
# Rename /config/nginx/proxy-confs/tinyauth.subdomain.conf.sample to /config/nginx/proxy-confs/tinyauth.subdomain.conf
@@ -12,7 +12,7 @@ location /tinyauth {
proxy_pass http://$upstream_tinyauth:3000/api/auth/nginx;
proxy_set_header x-forwarded-proto $scheme;
proxy_set_header x-forwarded-host $http_host;
proxy_set_header x-forwarded-host $host$is_request_port$request_port;
proxy_set_header x-forwarded-uri $request_uri;
}
@@ -21,8 +21,8 @@ location @tinyauth_login {
internal;
## Set the $target_url variable based on the original request
set_escape_uri $target_url $scheme://$http_host$request_uri;
set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri;
## Set the $signin_url variable
set $domain $host;
if ($host ~* "^[^.]+\.([^.]+\..+)$") {