techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity

docs: update caddy example (#3566)

Browse Source
This commit is contained in:
James Elliott 2022-06-21 21:27:48 +10:00 committed by GitHub
parent b102ebb6bb
commit 095ebae7a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
docs/content/en/integration/proxies/caddy.md
View File

@ -173,52 +173,33 @@ auth.example.com {
# Protected Endpoint. # Protected Endpoint.
nextcloud.example.com { nextcloud.example.com {
route { reverse_proxy authelia:9091 {
reverse_proxy authelia:9091 { ## This import needs to be included if you're relying on a trusted proxies configuration.
## This import needs to be included if you're relying on a trusted proxies configuration. import trusted_proxy_list
import trusted_proxy_list
method GET method GET
rewrite "/api/verify?rd=https://auth.example.com/" rewrite "/api/verify?rd=https://auth.example.com/"
header_up X-Forwarded-Method {method} header_up X-Forwarded-Method {method}
header_up X-Forwarded-Uri {uri} header_up X-Forwarded-Uri {uri}
## If the auth request: ## If the auth request:
## 1. Responds with a status code IN the 200-299 range. ## 1. Responds with a status code IN the 200-299 range.
## Then: ## Then:
## 1. Proxy the request to the backend. ## 1. Proxy the request to the backend.
## 2. Copy the relevant headers from the auth request and provide them to the backend. ## 2. Copy the relevant headers from the auth request and provide them to the backend.
@good status 2xx @good status 2xx
handle_response @good { handle_response @good {
request_header { request_header Remote-User {http.reverse_proxy.header.Remote-User}
Remote-User {http.reverse_proxy.header.Remote-User} request_header Remote-Groups {http.reverse_proxy.header.Remote-Groups}
Remote-Groups {http.reverse_proxy.header.Remote-Groups} request_header Remote-Name {http.reverse_proxy.header.Remote-Name}
Remote-Name {http.reverse_proxy.header.Remote-Name} request_header Remote-Email {http.reverse_proxy.header.Remote-Email}
Remote-Email {http.reverse_proxy.header.Remote-Email}
}
}
## If the auth request:
## 1. Responds with a status code NOT IN the 200-299 range.
## Then:
## 1. Respond with the status code of the auth request.
## 1. Copy the response except for several headers.
@denied {
status 1xx 3xx 4xx 5xx
}
handle_response @denied {
copy_response
copy_response_headers {
exclude Connection Keep-Alive Te Trailers Transfer-Encoding Upgrade
}
}
} }
}
reverse_proxy nextcloud:80 { reverse_proxy nextcloud:80 {
## This import needs to be included if you're relying on a trusted proxies configuration. ## This import needs to be included if you're relying on a trusted proxies configuration.
import trusted_proxy_list import trusted_proxy_list
}
} }
} }
``` ```