Merge pull request #467 from linuxserver/authelia-auth-endpoints

another authelia auth endpoint adjustment
This commit is contained in:
aptalca 2024-03-17 16:24:55 -04:00 committed by GitHub
commit 13ede8ea87
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 22 additions and 3 deletions

View File

@ -1,4 +1,4 @@
## Version 2024/03/14 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample ## Version 2024/03/16 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia # Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf # Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
# For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined # For authelia 4.37 and below, make sure that the authelia configuration.yml has 'path: "authelia"' defined
@ -7,14 +7,32 @@
# location for authelia subfolder requests # location for authelia subfolder requests
location ^~ /authelia { location ^~ /authelia {
auth_request off; # requests to this subfolder must be accessible without authentication auth_request off; # requests to this subfolder must be accessible without authentication
include /config/nginx/proxy.conf; include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf; include /config/nginx/resolver.conf;
set $upstream_authelia authelia; set $upstream_authelia authelia;
proxy_pass http://$upstream_authelia:9091; proxy_pass http://$upstream_authelia:9091;
} }
# location for authelia auth requests # location for authelia 4.37 and below auth requests
location ~ /authelia/api/(authz/auth-request|verify) { location = /authelia/api/verify {
internal;
include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf;
set $upstream_authelia authelia;
proxy_pass http://$upstream_authelia:9091;
## Include the Set-Cookie header if present
auth_request_set $set_cookie $upstream_http_set_cookie;
add_header Set-Cookie $set_cookie;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
# location for authelia 4.38 and above auth requests
location = /authelia/api/authz/auth-request {
internal; internal;
include /config/nginx/proxy.conf; include /config/nginx/proxy.conf;

View File

@ -5,6 +5,7 @@
# location for authentik subfolder requests # location for authentik subfolder requests
location ^~ /outpost.goauthentik.io { location ^~ /outpost.goauthentik.io {
auth_request off; # requests to this subfolder must be accessible without authentication auth_request off; # requests to this subfolder must be accessible without authentication
include /config/nginx/proxy.conf; include /config/nginx/proxy.conf;
include /config/nginx/resolver.conf; include /config/nginx/resolver.conf;
set $upstream_authentik authentik-server; set $upstream_authentik authentik-server;