rope/nixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix Authelia forward-auth: use set instead of auth_request_set for redirect URL

Browse source 
auth_request_set reads variables from the auth subrequest context where
$scheme/$http_host/$request_uri are empty, causing a 500 instead of a
302 redirect. Using set captures from the main request context.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
ediblerope 2026-04-07 20:31:03 +01:00
parent 64bd0b8f0b
commit 09d24eecf3
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
services/nginx.nix
View file

@ -3,8 +3,8 @@
let
# Authelia forward-auth snippet injected into protected locations
autheliaAuthConfig = ''
set $target_url $scheme://$http_host$request_uri;
auth_request /internal/authelia/authz;
auth_request_set $target_url $scheme://$http_host$request_uri;
auth_request_set $user $upstream_http_remote_user;
auth_request_set $groups $upstream_http_remote_groups;
error_page 401 =302 https://auth.nordhammer.it/?rd=$target_url;