fix: fix x-forwarded-proto borked by authentik
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 4s
Gitea Actions Demo / Explore-Gitea-Actions (push) Successful in 4s
This commit is contained in:
@@ -25,9 +25,9 @@ in
|
||||
DB_DATABASE = name;
|
||||
DB_USERNAME = name;
|
||||
DB_PASSWORD = config.my-lxc.finances.db.password;
|
||||
# AUTHENTICATION_GUARD = "remote_user_guard";
|
||||
# AUTHENTICATION_GUARD_HEADER = "HTTP_X_AUTHENTIK_EMAIL";
|
||||
# AUTHENTICATION_GUARD_EMAIL = "HTTP_X_AUTHENTIK_EMAIL";
|
||||
AUTHENTICATION_GUARD = "remote_user_guard";
|
||||
AUTHENTICATION_GUARD_HEADER = "HTTP_X_AUTHENTIK_EMAIL";
|
||||
AUTHENTICATION_GUARD_EMAIL = "HTTP_X_AUTHENTIK_EMAIL";
|
||||
APP_URL = "https://${tools.build_hostname "finances"}";
|
||||
APP_KEY_FILE = "/etc/firefly-iii/app.key";
|
||||
TRUSTED_PROXIES = tools.build_ip "proxy";
|
||||
|
||||
@@ -175,6 +175,10 @@ in
|
||||
"Remote-Name"
|
||||
];
|
||||
};
|
||||
fix-headers.headers.customRequestHeaders = {
|
||||
X-Forwarded-Proto = "https";
|
||||
X-Forwarded-Ssl = "on";
|
||||
};
|
||||
matrix-wellknown-mw = {
|
||||
plugin = {
|
||||
staticResponse = {
|
||||
@@ -204,7 +208,13 @@ in
|
||||
);
|
||||
service = "${d.subdomain}-service";
|
||||
entryPoints = [ "websecure" ];
|
||||
middlewares = if (d.auth) then [ "authentik" ] else [ ];
|
||||
middlewares =
|
||||
if (d.auth) then
|
||||
[
|
||||
"authentik"
|
||||
]
|
||||
else
|
||||
[ ];
|
||||
tls.certResolver = "letsencrypt";
|
||||
};
|
||||
}
|
||||
@@ -215,7 +225,14 @@ in
|
||||
rule = "Host(`${ct}${dmn}`) " + (if (def.private == true) then internal else "");
|
||||
service = "${ct}-service";
|
||||
entryPoints = [ "websecure" ];
|
||||
middlewares = if (def.auth) then [ "authentik" ] else [ ];
|
||||
middlewares =
|
||||
if (def.auth) then
|
||||
[
|
||||
"authentik"
|
||||
"fix-headers"
|
||||
]
|
||||
else
|
||||
[ ];
|
||||
tls.certResolver = "letsencrypt";
|
||||
};
|
||||
})
|
||||
|
||||
@@ -36,6 +36,6 @@ in
|
||||
password = db_pass.finances;
|
||||
};
|
||||
private = true;
|
||||
auth = false;
|
||||
auth = true;
|
||||
};
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user