Add Authelia #44
|
@ -0,0 +1 @@
|
|||
ANSIBLE_VAULT_PASSWORD_FILE=(pass show ansible-homelab | psub) vagrant provision
|
|
@ -1,5 +1,6 @@
|
|||
server {
|
||||
listen 80;
|
||||
server_name auth.{{ base_domain }};
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
|
|
|
@ -28,8 +28,10 @@ access_control:
|
|||
default_policy: deny
|
||||
rules:
|
||||
- domain:
|
||||
- "{{ base_domain }}"
|
||||
- "*.{{ base_domain }}"
|
||||
- "keycloak.{{ base_domain }}"
|
||||
policy: one_factor
|
||||
policy: deny
|
||||
session:
|
||||
name: authelia_session
|
||||
secret: somerandomsecret
|
||||
|
|
|
@ -27,6 +27,9 @@ proxy_buffers 64 256k;
|
|||
# If behind reverse proxy, forwards the correct IP
|
||||
set_real_ip_from 10.0.0.0/8;
|
||||
set_real_ip_from 172.16.0.0/12;
|
||||
set_real_ip_from 172.17.0.0/16;
|
||||
set_real_ip_from 172.18.0.0/16;
|
||||
set_real_ip_from 172.19.0.0/16;
|
||||
set_real_ip_from 192.168.0.0/16;
|
||||
set_real_ip_from fc00::/7;
|
||||
real_ip_header X-Forwarded-For;
|
||||
|
|
Loading…
Reference in New Issue