Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add proxy pass to zammad auth/sso

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-08-17 22:45:08 +02:00
parent 4a716a8fd2
commit 21c984d35c
1 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
utils/modules/zammad/default.nix
View File

@@ -68,6 +68,9 @@
;
};
locations."/auth/sso" = {
proxyPass = "http://127.0.0.1:6042";
proxyWebsockets = true;
extraConfig = ''
# Basic Authelia Config
# Send a subsequent request to Authelia to verify if the user is authenticated
@@ -84,10 +87,10 @@
auth_request_set $groups $upstream_http_remote_groups;
auth_request_set $name $upstream_http_remote_name;
auth_request_set $email $upstream_http_remote_email;
proxy_set_header X-Forwarded-User $user;
proxy_set_header X-Forwarded-Groups $groups;
proxy_set_header X-Forwarded-Name $name;
proxy_set_header X-Forwarded-Email $email;
proxy_set_header Remote-User $user;
proxy_set_header Remote-Groups $groups;
proxy_set_header Remote-Name $name;
proxy_set_header Remote-Email $email;
# If Authelia returns 401, then nginx redirects the user to the login portal.
# If it returns 200, then the request pass through to the backend.
# For other type of errors, nginx will handle them as usual.