mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
[BUGFIX] Fix HAProxy redirects (#1333)
Including updates to docs examples.
This commit is contained in:
parent
1684ffb989
commit
5b98b4d090
|
@ -94,7 +94,7 @@ frontend fe_http
|
|||
http-request set-var(req.scheme) str(http) if !{ ssl_fc }
|
||||
http-request set-var(req.questionmark) str(?) if { query -m found }
|
||||
|
||||
# Headers to construct redirection URL
|
||||
# Required headers
|
||||
http-request set-header X-Real-IP %[src]
|
||||
http-request set-header X-Forwarded-Proto %[var(req.scheme)]
|
||||
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
|
||||
|
@ -107,7 +107,7 @@ frontend fe_http
|
|||
# Authelia backend route
|
||||
use_backend be_authelia if host-authelia
|
||||
# Redirect protected-frontends to Authelia if not authenticated
|
||||
use_backend be_authelia if protected-frontends !{ var(txn.auth_response_successful) -m bool }
|
||||
http-request redirect location https://auth.example.com/?rd=%[var(req.scheme)]://%[base]%[var(req.questionmark)]%[query] if protected-frontends !{ var(txn.auth_response_successful) -m bool }
|
||||
# Service backend route(s)
|
||||
use_backend be_nextcloud if host-nextcloud
|
||||
|
||||
|
@ -151,7 +151,7 @@ frontend fe_http
|
|||
http-request set-var(req.scheme) str(http) if !{ ssl_fc }
|
||||
http-request set-var(req.questionmark) str(?) if { query -m found }
|
||||
|
||||
# Headers to construct redirection URL
|
||||
# Required headers
|
||||
http-request set-header X-Real-IP %[src]
|
||||
http-request set-header X-Forwarded-Proto %[var(req.scheme)]
|
||||
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
|
||||
|
@ -164,7 +164,7 @@ frontend fe_http
|
|||
# Authelia backend route
|
||||
use_backend be_authelia if host-authelia
|
||||
# Redirect protected-frontends to Authelia if not authenticated
|
||||
use_backend be_authelia if protected-frontends !{ var(txn.auth_response_successful) -m bool }
|
||||
http-request redirect location https://auth.example.com/?rd=%[var(req.scheme)]://%[base]%[var(req.questionmark)]%[query] if protected-frontends !{ var(txn.auth_response_successful) -m bool }
|
||||
# Service backend route(s)
|
||||
use_backend be_nextcloud if host-nextcloud
|
||||
|
||||
|
|
|
@ -39,7 +39,7 @@ frontend fe_http
|
|||
# does not know how to handle it (see https://github.com/TimWolla/haproxy-auth-request/issues/12).
|
||||
http-request lua.auth-request be_auth_request /api/verify if protected-frontends
|
||||
|
||||
http-request redirect location https://login.example.com:8080 if protected-frontends !{ var(txn.auth_response_successful) -m bool }
|
||||
http-request redirect location https://login.example.com:8080/?rd=%[var(req.scheme)]://%[base]%[var(req.questionmark)]%[query] if protected-frontends !{ var(txn.auth_response_successful) -m bool }
|
||||
|
||||
use_backend be_authelia if host-authelia-portal api-path
|
||||
use_backend fe_authelia if host-authelia-portal !api-path
|
||||
|
@ -51,13 +51,13 @@ backend be_authelia
|
|||
server authelia-backend authelia-backend:9091 ssl verify none
|
||||
|
||||
backend be_auth_request
|
||||
mode http
|
||||
server proxy 127.0.0.1:8085
|
||||
mode http
|
||||
server proxy 127.0.0.1:8085
|
||||
|
||||
listen be_auth_request_proxy
|
||||
mode http
|
||||
bind 127.0.0.1:8085
|
||||
server authelia-backend authelia-backend:9091 ssl verify none
|
||||
mode http
|
||||
bind 127.0.0.1:8085
|
||||
server authelia-backend authelia-backend:9091 ssl verify none
|
||||
|
||||
backend fe_authelia
|
||||
server authelia-frontend authelia-frontend:3000
|
||||
|
|
Loading…
Reference in New Issue
Block a user