linuxserver/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2025-10-31 21:17:42 +09:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
Files
c0adf4fd0a2b47c3844cc25c3a9a3d233f550f6d
docker-swag/root/defaults/nginx/authelia-server.conf.sample
Eric Nemchik a9391d07ee another authelia auth endpoint adjustment 
Signed-off-by: Eric Nemchik <eric@nemchik.com>
2024-03-16 12:34:59 -05:00

73 lines
2.6 KiB
Plaintext
Raw Blame History

## Version 2024/03/16 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
# For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined
# For authelia 4.38 and above, make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
# location for authelia subfolder requests
location ^~ /authelia {
auth_request off; # requests to this subfolder must be accessible without authentication
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_authelia authelia;
proxy_pass http://$upstream_authelia:9091;
}
# location for authelia 4.37 and below auth requests
location = /authelia/api/verify {
internal;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_authelia authelia;
proxy_pass http://$upstream_authelia:9091;
## Include the Set-Cookie header if present
auth_request_set $set_cookie $upstream_http_set_cookie;
add_header Set-Cookie $set_cookie;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
# location for authelia 4.38 and above auth requests
location = /authelia/api/authz/auth-request {
internal;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_authelia authelia;
proxy_pass http://$upstream_authelia:9091;
## Include the Set-Cookie header if present
auth_request_set $set_cookie $upstream_http_set_cookie;
add_header Set-Cookie $set_cookie;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
# virtual location for authelia 401 redirects
location @authelia_proxy_signin {
internal;
## Include the Set-Cookie header if present
auth_request_set $set_cookie $upstream_http_set_cookie;
add_header Set-Cookie $set_cookie;
## Set the $target_url variable based on the original request
set_escape_uri $target_url $scheme://$http_host$request_uri;
## Translate the Location response header from the auth subrequest into a variable
auth_request_set $signin_url $upstream_http_location;
if ($signin_url = '') {
## Set the $signin_url variable
set $signin_url https://$http_host/authelia/?rd=$target_url;
}
## Redirect to login
return 302 $signin_url;
}
Reference in New Issue View Git Blame Copy Permalink