Skip to content

Commit e6bcaa5

Browse files
Zoey2936Zoey2936
committed
make auth_request also use an upstream block
1 parent 61b6f63 commit e6bcaa5

1 file changed

Lines changed: 51 additions & 7 deletions

File tree

backend/templates/proxy_host.conf

Lines changed: 51 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,51 @@
77
{% if enabled %}
88
{{ upstreams }}
99

10+
{% assign auth_request_anubis_upstream_host = env.AUTH_REQUEST_ANUBIS_UPSTREAM | replace: "https://", "" | replace: "http://", "" | split: "/" | first %}
11+
{% if env.AUTH_REQUEST_ANUBIS_UPSTREAM contains "https://" %}{% assign auth_request_anubis_upstream_scheme = "https://" %}{% else %}{% assign auth_request_anubis_upstream_scheme = "http://" %}{% endif %}
12+
{% if npmplus_auth_request == "anubis" or create_anubis_locations %}
13+
upstream auth_request_anubis_{{ id }} {
14+
zone auth_request_anubis_{{ id }} 64k;
15+
server {{ auth_request_anubis_upstream_host }} resolve;
16+
}
17+
{% endif %}
18+
19+
{% assign auth_request_tinyauth_upstream_host = env.AUTH_REQUEST_TINYAUTH_UPSTREAM | replace: "https://", "" | replace: "http://", "" | split: "/" | first %}
20+
{% if env.AUTH_REQUEST_TINYAUTH_UPSTREAM contains "https://" %}{% assign auth_request_tinyauth_upstream_scheme = "https://" %}{% else %}{% assign auth_request_tinyauth_upstream_scheme = "http://" %}{% endif %}
21+
{% if npmplus_auth_request == "tinyauth" or create_tinyauth_locations %}
22+
upstream auth_request_tinyauth_{{ id }} {
23+
zone auth_request_tinyauth_{{ id }} 64k;
24+
server {{ auth_request_tinyauth_upstream_host }} resolve;
25+
}
26+
{% endif %}
27+
28+
{% assign auth_request_oauth2proxy_upstream_host = env.AUTH_REQUEST_OAUTH2PROXY_UPSTREAM | replace: "https://", "" | replace: "http://", "" | split: "/" | first %}
29+
{% if env.AUTH_REQUEST_OAUTH2PROXY_UPSTREAM contains "https://" %}{% assign auth_request_oauth2proxy_upstream_scheme = "https://" %}{% else %}{% assign auth_request_oauth2proxy_upstream_scheme = "http://" %}{% endif %}
30+
{% if npmplus_auth_request == "oauth2proxy" or create_oauth2proxy_locations %}
31+
upstream auth_request_oauth2proxy_{{ id }} {
32+
zone auth_request_oauth2proxy_{{ id }} 64k;
33+
server {{ auth_request_oauth2proxy_upstream_host }} resolve;
34+
}
35+
{% endif %}
36+
37+
{% assign auth_request_authelia_upstream_host = env.AUTH_REQUEST_AUTHELIA_UPSTREAM | replace: "https://", "" | replace: "http://", "" | split: "/" | first %}
38+
{% if env.AUTH_REQUEST_AUTHELIA_UPSTREAM contains "https://" %}{% assign auth_request_authelia_upstream_scheme = "https://" %}{% else %}{% assign auth_request_authelia_upstream_scheme = "http://" %}{% endif %}
39+
{% if npmplus_auth_request == "authelia" or create_authelia_locations %}
40+
upstream auth_request_authelia_{{ id }} {
41+
zone auth_request_authelia_{{ id }} 64k;
42+
server {{ auth_request_authelia_upstream_host }} resolve;
43+
}
44+
{% endif %}
45+
46+
{% assign auth_request_authentik_upstream_host = env.AUTH_REQUEST_AUTHENTIK_UPSTREAM | replace: "https://", "" | replace: "http://", "" | split: "/" | first %}
47+
{% if env.AUTH_REQUEST_AUTHENTIK_UPSTREAM contains "https://" %}{% assign auth_request_authentik_upstream_scheme = "https://" %}{% else %}{% assign auth_request_authentik_upstream_scheme = "http://" %}{% endif %}
48+
{% if npmplus_auth_request == "authentik" or npmplus_auth_request == "authentik-send-basic-auth" or create_authentik_locations %}
49+
upstream auth_request_authentik_{{ id }} {
50+
zone auth_request_authentik_{{ id }} 64k;
51+
server {{ auth_request_authentik_upstream_host }} resolve;
52+
}
53+
{% endif %}
54+
1055
server {
1156
{% include "_common.conf" %}
1257

@@ -172,10 +217,9 @@
172217
location /.within.website {
173218
proxy_ssl_name $proxy_host;
174219
proxy_set_header Host $proxy_host;
175-
set $anubis_upstream {{ env.AUTH_REQUEST_ANUBIS_UPSTREAM }};
176220
include proxy-headers.conf;
177221
proxy_set_header Accept-Encoding "";
178-
proxy_pass $anubis_upstream$request_uri;
222+
proxy_pass {{ auth_request_anubis_upstream_scheme }}auth_request_anubis_{{ id }}$request_uri;
179223
proxy_method GET;
180224
proxy_pass_request_body off;
181225
proxy_set_header Content-Length "";
@@ -193,7 +237,7 @@
193237
proxy_set_header Host $proxy_host;
194238
include proxy-headers.conf;
195239
proxy_set_header Accept-Encoding "";
196-
proxy_pass {{ env.AUTH_REQUEST_TINYAUTH_UPSTREAM }}/api/auth/nginx;
240+
proxy_pass {{ auth_request_tinyauth_upstream_scheme }}auth_request_tinyauth_{{ id }}/api/auth/nginx;
197241
internal;
198242
proxy_method GET;
199243
proxy_pass_request_body off;
@@ -212,15 +256,15 @@
212256
proxy_set_header Host $proxy_host;
213257
include proxy-headers.conf;
214258
proxy_set_header Accept-Encoding "";
215-
proxy_pass {{ env.AUTH_REQUEST_OAUTH2PROXY_UPSTREAM }}$request_uri;
259+
proxy_pass {{ auth_request_oauth2proxy_upstream_scheme }}auth_request_oauth2proxy_{{ id }}$request_uri;
216260
proxy_set_header X-Auth-Request-Redirect $request_uri;
217261
}
218262
location /oauth2/auth {
219263
proxy_ssl_name $proxy_host;
220264
proxy_set_header Host $proxy_host;
221265
include proxy-headers.conf;
222266
proxy_set_header Accept-Encoding "";
223-
proxy_pass {{ env.AUTH_REQUEST_OAUTH2PROXY_UPSTREAM }}$request_uri;
267+
proxy_pass {{ auth_request_oauth2proxy_upstream_scheme }}auth_request_oauth2proxy_{{ id }}$request_uri;
224268
internal;
225269
proxy_method GET;
226270
proxy_pass_request_body off;
@@ -239,7 +283,7 @@
239283
proxy_set_header Host $proxy_host;
240284
include proxy-headers.conf;
241285
proxy_set_header Accept-Encoding "";
242-
proxy_pass {{ env.AUTH_REQUEST_AUTHELIA_UPSTREAM }}/api/authz/auth-request;
286+
proxy_pass {{ auth_request_authelia_upstream_scheme }}auth_request_authelia_{{ id }}/api/authz/auth-request;
243287
internal;
244288
proxy_method GET;
245289
proxy_pass_request_body off;
@@ -255,7 +299,7 @@
255299
proxy_set_header Host $proxy_host;
256300
include proxy-headers.conf;
257301
proxy_set_header Accept-Encoding "";
258-
proxy_pass {{ env.AUTH_REQUEST_AUTHENTIK_UPSTREAM }}/outpost.goauthentik.io;
302+
proxy_pass {{ auth_request_authentik_upstream_scheme }}auth_request_authentik_{{ id }}/outpost.goauthentik.io;
259303
auth_request_set $auth_cookie $upstream_http_set_cookie;
260304
add_header Set-Cookie $auth_cookie;
261305
proxy_method GET;

0 commit comments

Comments
 (0)