Skip to content

Commit 8caf2a1

Browse files
nemchiknemchik
authored
feat: 💩 proxy pass the full authelia auth request subpath
Signed-off-by: GitHub <[email protected]>
1 parent 15a3bc9 commit 8caf2a1

File tree

2 files changed

+1
-18
lines changed

2 files changed

+1
-18
lines changed

root/defaults/nginx/authelia-location.conf.sample

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-location.conf.sample
22
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
33
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
4-
# Make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
54

65
## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource
76
auth_request /authelia/api/authz/auth-request;

root/defaults/nginx/authelia-server.conf.sample

Lines changed: 1 addition & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,6 @@
11
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
22
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
33
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf
4-
# Make sure that the authelia configuration.yml has 'address: "tcp://:9091/authelia"' defined
5-
6-
# location for authelia subfolder requests
7-
location ^~ /authelia {
8-
auth_request off; # requests to this subfolder must be accessible without authentication
9-
10-
include /config/nginx/proxy.conf;
11-
include /config/nginx/resolver.conf;
12-
set $upstream_authelia authelia;
13-
proxy_pass http://$upstream_authelia:9091;
14-
}
154

165
# location for authelia auth requests
176
location = /authelia/api/authz/auth-request {
@@ -20,7 +9,7 @@ location = /authelia/api/authz/auth-request {
209
include /config/nginx/proxy.conf;
2110
include /config/nginx/resolver.conf;
2211
set $upstream_authelia authelia;
23-
proxy_pass http://$upstream_authelia:9091;
12+
proxy_pass http://$upstream_authelia:9091/api/authz/auth-request;
2413

2514
## Include the Set-Cookie header if present
2615
auth_request_set $set_cookie $upstream_http_set_cookie;
@@ -44,11 +33,6 @@ location @authelia_proxy_signin {
4433
## Translate the Location response header from the auth subrequest into a variable
4534
auth_request_set $signin_url $upstream_http_location;
4635

47-
if ($signin_url = '') {
48-
## Set the $signin_url variable
49-
set $signin_url https://$http_host/authelia/?rd=$target_url;
50-
}
51-
5236
## Redirect to login
5337
return 302 $signin_url;
5438
}

0 commit comments

Comments
 (0)