Update root/defaults/nginx/authentik-server.conf

Co-authored-by: Eric Nemchik <eric@nemchik.com>
Update authentik-location.conf
2024-10-01 01:35:49 -04:00 · 2023-02-02 10:33:15 -05:00 · 2023-02-02 10:32:51 -05:00
2 changed files with 21 additions and 19 deletions
--- a/root/defaults/nginx/authentik-location.conf
+++ b/root/defaults/nginx/authentik-location.conf
@ -1,23 +1,23 @@
 ## Version 2022/08/20 
 # Make sure that your authentik container is in the same user defined bridge network and is named authentik-server

-        ##############################
-        # authentik-specific config
-        ##############################
-        auth_request     /outpost.goauthentik.io/auth/nginx;
-        error_page       401 = @goauthentik_proxy_signin;
-        auth_request_set $auth_cookie $upstream_http_set_cookie;
-        add_header       Set-Cookie $auth_cookie;
+##############################
+# authentik-specific config
+##############################
+auth_request     /outpost.goauthentik.io/auth/nginx;
+error_page       401 = @goauthentik_proxy_signin;
+auth_request_set $auth_cookie $upstream_http_set_cookie;
+add_header       Set-Cookie $auth_cookie;

-        # translate headers from the outposts back to the actual upstream
-        auth_request_set $authentik_username $upstream_http_x_authentik_username;
-        auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
-        auth_request_set $authentik_email $upstream_http_x_authentik_email;
-        auth_request_set $authentik_name $upstream_http_x_authentik_name;
-        auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
+# translate headers from the outposts back to the actual upstream
+auth_request_set $authentik_username $upstream_http_x_authentik_username;
+auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
+auth_request_set $authentik_email $upstream_http_x_authentik_email;
+auth_request_set $authentik_name $upstream_http_x_authentik_name;
+auth_request_set $authentik_uid $upstream_http_x_authentik_uid;

-        proxy_set_header X-authentik-username $authentik_username;
-        proxy_set_header X-authentik-groups $authentik_groups;
-        proxy_set_header X-authentik-email $authentik_email;
-        proxy_set_header X-authentik-name $authentik_name;
-        proxy_set_header X-authentik-uid $authentik_uid;
+proxy_set_header X-authentik-username $authentik_username;
+proxy_set_header X-authentik-groups $authentik_groups;
+proxy_set_header X-authentik-email $authentik_email;
+proxy_set_header X-authentik-name $authentik_name;
+proxy_set_header X-authentik-uid $authentik_uid;
--- a/root/defaults/nginx/authentik-server.conf
+++ b/root/defaults/nginx/authentik-server.conf
@ -3,7 +3,9 @@

    # all requests to /outpost.goauthentik.io must be accessible without authentication
    location /outpost.goauthentik.io {
-        proxy_pass              http://authentik-server:9000/outpost.goauthentik.io;
+        include /config/nginx/resolver.conf;
+        set $upstream_authentik authentik-server;
+        proxy_pass              http://$upstream_authentik:9000/outpost.goauthentik.io;
        # ensure the host of this vserver matches your external URL you've configured
        # in authentik
        proxy_set_header        Host $host;
Author	SHA1	Message	Date
driz	c137a66726	Update root/defaults/nginx/authentik-server.conf Co-authored-by: Eric Nemchik <eric@nemchik.com>	2023-02-02 10:33:15 -05:00
driz	7be5f1caec	Update authentik-location.conf	2023-02-02 10:32:51 -05:00