17 lines
670 B
Django/Jinja
17 lines
670 B
Django/Jinja
# distributed from ansible
|
|
|
|
auth_request /_authelia;
|
|
auth_request_set $target_url $scheme://$http_host$request_uri;
|
|
|
|
# set headers returned by authelia so they can be consumed
|
|
auth_request_set $authelia_user $upstream_http_remote_user;
|
|
auth_request_set $authelia_groups $upstream_http_remote_groups;
|
|
auth_request_set $authelia_name $upstream_http_remote_name;
|
|
auth_request_set $authelia_email $upstream_http_remote_email;
|
|
|
|
# if authelia returns 401 then nginx redirects user to the login
|
|
# portal because the user wasnt logged in
|
|
#
|
|
# if it returns 200, the user is logged in and request is processed
|
|
error_page 401 =302 https://{{ authelia_login_url }}/?rd=$target_url;
|