diff --git a/root/defaults/nginx/authelia-server.conf.sample b/root/defaults/nginx/authelia-server.conf.sample index d969a05a..6917b809 100644 --- a/root/defaults/nginx/authelia-server.conf.sample +++ b/root/defaults/nginx/authelia-server.conf.sample @@ -1,4 +1,4 @@ -## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample +## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample # Make sure that your authelia container is in the same user defined bridge network and is named authelia # Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf @@ -28,7 +28,7 @@ location @authelia_proxy_signin { add_header Set-Cookie $set_cookie; ## Set the $target_url variable based on the original request - set_escape_uri $target_url $scheme://$http_host$request_uri; + set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri; ## Translate the Location response header from the auth subrequest into a variable auth_request_set $signin_url $upstream_http_location; diff --git a/root/defaults/nginx/authentik-server.conf.sample b/root/defaults/nginx/authentik-server.conf.sample index 7b08ff9d..cd7deb67 100644 --- a/root/defaults/nginx/authentik-server.conf.sample +++ b/root/defaults/nginx/authentik-server.conf.sample @@ -1,4 +1,4 @@ -## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample +## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample # Make sure that your authentik container is in the same user defined bridge network and is named authentik-server # Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf @@ -38,10 +38,10 @@ location @goauthentik_proxy_signin { add_header Set-Cookie $set_cookie; ## Set the $target_url variable based on the original request - set_escape_uri $target_url $scheme://$http_host$request_uri; + set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri; ## Set the $signin_url variable - set $signin_url https://$http_host/outpost.goauthentik.io/start?rd=$target_url; + set $signin_url https://$host$is_request_port$request_port/outpost.goauthentik.io/start?rd=$target_url; ## Redirect to login return 302 $signin_url; diff --git a/root/defaults/nginx/proxy.conf.sample b/root/defaults/nginx/proxy.conf.sample index 967d170e..f3bea250 100644 --- a/root/defaults/nginx/proxy.conf.sample +++ b/root/defaults/nginx/proxy.conf.sample @@ -1,4 +1,4 @@ -## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample +## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample # Timeout if the real server is dead proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; @@ -21,11 +21,11 @@ proxy_no_cache $cookie_session; # Proxy Header Settings proxy_set_header Connection $connection_upgrade; proxy_set_header Early-Data $ssl_early_data; -proxy_set_header Host $host; +proxy_set_header Host $host$is_request_port$request_port; proxy_set_header Proxy ""; proxy_set_header Upgrade $http_upgrade; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Host $host; +proxy_set_header X-Forwarded-Host $host$is_request_port$request_port; proxy_set_header X-Forwarded-Method $request_method; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Proto $scheme; @@ -33,5 +33,5 @@ proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Uri $request_uri; proxy_set_header X-Original-Method $request_method; -proxy_set_header X-Original-URL $scheme://$http_host$request_uri; +proxy_set_header X-Original-URL $scheme://$host$is_request_port$request_port$request_uri; proxy_set_header X-Real-IP $remote_addr; diff --git a/root/defaults/nginx/tinyauth-server.conf.sample b/root/defaults/nginx/tinyauth-server.conf.sample index a4256c82..8bac75a5 100644 --- a/root/defaults/nginx/tinyauth-server.conf.sample +++ b/root/defaults/nginx/tinyauth-server.conf.sample @@ -1,4 +1,4 @@ -## Version 2025/06/08 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-server.conf.sample +## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-server.conf.sample # Make sure that your tinyauth container is in the same user defined bridge network and is named tinyauth # Rename /config/nginx/proxy-confs/tinyauth.subdomain.conf.sample to /config/nginx/proxy-confs/tinyauth.subdomain.conf @@ -12,7 +12,7 @@ location /tinyauth { proxy_pass http://$upstream_tinyauth:3000/api/auth/nginx; proxy_set_header x-forwarded-proto $scheme; - proxy_set_header x-forwarded-host $http_host; + proxy_set_header x-forwarded-host $host$is_request_port$request_port; proxy_set_header x-forwarded-uri $request_uri; } @@ -21,8 +21,8 @@ location @tinyauth_login { internal; ## Set the $target_url variable based on the original request - set_escape_uri $target_url $scheme://$http_host$request_uri; - + set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri; + ## Set the $signin_url variable set $domain $host; if ($host ~* "^[^.]+\.([^.]+\..+)$") {