serguzim/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix caddy forward_auth settings for authentik

Browse source 
The snippet will now set the correct Host for the next hop and keep the
original site in the X-Forward-Auth-Host. The authentik caddy-site will
then put the X-Forward-Auth-Host into the X-Forwarded-Host (which would
normally be the authentik host/domain). Authentik is able to handle the
X-Forwarded-Host header.
This commit is contained in:
Tobias Reisinger 2025-05-30 15:15:34 +02:00
parent 5d22308f0f
commit 9af19f51fa
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
5 changed files with 16 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

4
playbooks/templates/caddy_site.conf.j2
View file

@ -21,7 +21,9 @@
{% elif svc.redirect|default(false) %}
redir "{{ svc.redirect }}"
{% else %}
reverse_proxy {{ svc.docker_host|default(role_name) }}:{{ svc.port }}
reverse_proxy {{ svc.docker_host|default(role_name) }}:{{ svc.port }} {
{{ svc.caddy_proxy_extra | indent(width='\t', first=False) if svc.caddy_proxy_extra|default(false) }}
}
{% endif %}
}
{% endif %}