fossilfranv/nginx_docker-swag
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

authentik_location.conf file

Browse Source 
This is the /location for authentik.
This commit is contained in:
bokkoman 2022-06-08 15:35:47 +02:00 committed by GitHub
parent 016dc18007
commit 89e3042521
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
root/defaults/authentik_location.conf Normal file
View File

@ -0,0 +1,24 @@
# all requests to /outpost.goauthentik.io must be accessible without authentication. Change proxy_pass if needed. This is the default container name.
location /outpost.goauthentik.io {
proxy_pass http://authentik_server_1:9000/outpost.goauthentik.io;
# ensure the host of this vserver matches your external URL you've configured
# in authentik
proxy_set_header Host $host;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
add_header Set-Cookie $auth_cookie;
auth_request_set $auth_cookie $upstream_http_set_cookie;
# required for POST requests to work
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
# Special location for when the /auth endpoint returns a 401,
# redirect to the /start URL which initiates SSO
location @goauthentik_proxy_signin {
internal;
add_header Set-Cookie $auth_cookie;
# return 302 /outpost.goauthentik.io/start?rd=$request_uri;
# For domain level, use the below error_page to redirect to your authentik server with the full redirect path. Change your domain to the subdomain for authentik.
return 302 https://authentik.domain.com/outpost.goauthentik.io/start?rd=$scheme://$http_host$request_uri;
}