Skip to content
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions root/defaults/nginx/authelia-server.conf.sample
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authelia-server.conf.sample
# Make sure that your authelia container is in the same user defined bridge network and is named authelia
# Rename /config/nginx/proxy-confs/authelia.subdomain.conf.sample to /config/nginx/proxy-confs/authelia.subdomain.conf

Expand Down Expand Up @@ -28,7 +28,7 @@ location @authelia_proxy_signin {
add_header Set-Cookie $set_cookie;

## Set the $target_url variable based on the original request
set_escape_uri $target_url $scheme://$http_host$request_uri;
set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri;

## Translate the Location response header from the auth subrequest into a variable
auth_request_set $signin_url $upstream_http_location;
Expand Down
6 changes: 3 additions & 3 deletions root/defaults/nginx/authentik-server.conf.sample
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## Version 2025/03/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/authentik-server.conf.sample
# Make sure that your authentik container is in the same user defined bridge network and is named authentik-server
# Rename /config/nginx/proxy-confs/authentik.subdomain.conf.sample to /config/nginx/proxy-confs/authentik.subdomain.conf

Expand Down Expand Up @@ -38,10 +38,10 @@ location @goauthentik_proxy_signin {
add_header Set-Cookie $set_cookie;

## Set the $target_url variable based on the original request
set_escape_uri $target_url $scheme://$http_host$request_uri;
set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri;

## Set the $signin_url variable
set $signin_url https://$http_host/outpost.goauthentik.io/start?rd=$target_url;
set $signin_url https://$host$is_request_port$request_port/outpost.goauthentik.io/start?rd=$target_url;

## Redirect to login
return 302 $signin_url;
Expand Down
8 changes: 4 additions & 4 deletions root/defaults/nginx/proxy.conf.sample
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## Version 2023/02/09 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/proxy.conf.sample

# Timeout if the real server is dead
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
Expand All @@ -21,17 +21,17 @@ proxy_no_cache $cookie_session;
# Proxy Header Settings
proxy_set_header Connection $connection_upgrade;
proxy_set_header Early-Data $ssl_early_data;
proxy_set_header Host $host;
proxy_set_header Host $host$is_request_port$request_port;
proxy_set_header Proxy "";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Host $host$is_request_port$request_port;
proxy_set_header X-Forwarded-Method $request_method;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Uri $request_uri;
proxy_set_header X-Original-Method $request_method;
proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
proxy_set_header X-Original-URL $scheme://$host$is_request_port$request_port$request_uri;
proxy_set_header X-Real-IP $remote_addr;
8 changes: 4 additions & 4 deletions root/defaults/nginx/tinyauth-server.conf.sample
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
## Version 2025/06/08 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-server.conf.sample
## Version 2026/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/tinyauth-server.conf.sample
# Make sure that your tinyauth container is in the same user defined bridge network and is named tinyauth
# Rename /config/nginx/proxy-confs/tinyauth.subdomain.conf.sample to /config/nginx/proxy-confs/tinyauth.subdomain.conf

Expand All @@ -12,7 +12,7 @@ location /tinyauth {
proxy_pass http://$upstream_tinyauth:3000/api/auth/nginx;

proxy_set_header x-forwarded-proto $scheme;
proxy_set_header x-forwarded-host $http_host;
proxy_set_header x-forwarded-host $host$is_request_port$request_port;
proxy_set_header x-forwarded-uri $request_uri;
}

Expand All @@ -21,8 +21,8 @@ location @tinyauth_login {
internal;

## Set the $target_url variable based on the original request
set_escape_uri $target_url $scheme://$http_host$request_uri;
set_escape_uri $target_url $scheme://$host$is_request_port$request_port$request_uri;

## Set the $signin_url variable
set $domain $host;
if ($host ~* "^[^.]+\.([^.]+\..+)$") {
Expand Down