Open
Description
Describe your question/
I would like Uptime-Kuma to be authenticated using authentik.
When try to navigate to https://uptime-kuma.domain.org/ I am not getting redirected to authentik login page.
Relevant info
With the bad config I have done concerning this app, I still have external access to uptime-kuma without any authentication. I should be able to logiin with authentik.
Screenshots
Traefik dynamic file config:
authentik:
forwardAuth:
address: "http://authentik-server:9000/outpost.goauthentik.io/auth/traefik"
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version
routers:
authentik:
rule: "Host(`authentik.domain.org`) && PathPrefix(`/outpost.goauthentik.io/`)"
priority: 10
service: authentik
# service web
authentik:
loadBalancer:
servers:
- url: "http://authentik-server:9000/outpost.goauthentik.io"
Authentik config (Provider auth transfer apps))
- application:
- name: Traefik Forward Auth Kuma
- slug: traefik-forward-auth-kuma
- provider: Traefik Forward Auth Provider Kuma
- Any
- Provider for uptime-kuma
- authorisation flux: default-provider-authorization-implicit ....
- forward auth single app
- external host: uptime-kuma.domain.org
- flux advanced parameters: default-authentication-flow
Authentification parameters:
- intercept the authentication header
- OIDC: Traefik forward ...
advanced flux parameters:
- auth flux: default-authentication-flow
Traefik labels for the Kuma docker compose files:
labels:
- "traefik.enable=true"
- "traefik.http.routers.kuma.entrypoints=http-external"
- "traefik.http.routers.kuma.rule=Host(`uptime-kuma.domains.org`)"
- "traefik.http.middlewares.kuma-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.kuma.middlewares=kuma-https-redirect"
- "traefik.http.routers.kuma-secure.entrypoints=https-external"
- "traefik.http.routers.kuma-secure.rule=Host(`uptime-kuma.domains.org`)"
- "traefik.http.routers.kuma-secure.tls=true"
- "traefik.http.routers.kuma-secure.service=kuma"
- "traefik.http.routers.kuma.middlewares=authentik@file"
- "traefik.http.services.kuma.loadbalancer.server.port=3001"
- authentik version:2025.2.0
- Deployment: docker-compose,
Thx