From c7d16e64279ff9efa96fec41880ce8278c005f2a Mon Sep 17 00:00:00 2001
From: NullBite <me@nullbite.com>
Date: Sun, 14 Jul 2024 23:57:31 -0400
Subject: [PATCH] authelia: configure endpoint i think
---
hosts/rpi4/authelia.nix | 53 ++++++++++++++++++++++++++++-------------
1 file changed, 36 insertions(+), 17 deletions(-)
diff --git a/hosts/rpi4/authelia.nix b/hosts/rpi4/authelia.nix
index d8e99e6..3bd6a2a 100644
--- a/hosts/rpi4/authelia.nix
+++ b/hosts/rpi4/authelia.nix
@@ -235,23 +235,42 @@ in
let
api = "${config.authelia.upstream}/api/authz/auth-request";
in
- lib.mkIf (!(isNull config.authelia.upstream)) {
- # just setup both, they can't be accessed externally anyways.
- "/internal/authelia/authz" = {
- proxyPass = api;
- recommendedProxySettings = false;
- extraConfig = ''
- include ${autheliaLocationConfig};
- '';
- };
- "/internal/authelia/authz/basic" = {
- proxyPass = "${api}/basic";
- recommendedProxySettings = false;
- extraConfig = ''
- include ${autheliaBasicLocationConfig};
- '';
- };
- };
+ lib.mkMerge [
+ (lib.mkIf (!(isNull config.authelia.upstream)) {
+ # just setup both, they can't be accessed externally anyways.
+ "/internal/authelia/authz" = {
+ proxyPass = api;
+ recommendedProxySettings = false;
+ extraConfig = ''
+ include ${autheliaLocationConfig};
+ '';
+ };
+ "/internal/authelia/authz/basic" = {
+ proxyPass = "${api}/basic";
+ recommendedProxySettings = false;
+ extraConfig = ''
+ include ${autheliaBasicLocationConfig};
+ '';
+ };
+ })
+ (lib.mkIf (!(isNull config.authelia.endpoint.upstream)) {
+ "/" = {
+ extraConfig = ''
+ include "${autheliaProxyConfig}";
+ '';
+ proxyPass = "${config.authelia.endpoint.upstream}";
+ recommendedProxySettings = false;
+ };
+ "= /api/verify" = {
+ proxyPass = "${config.authelia.endpoint.upstream}";
+ recommendedProxySettings = false;
+ };
+ "/api/authz" = {
+ proxyPass = "${config.authelia.endpoint.upstream}";
+ recommendedProxySettings = false;
+ };
+ })
+ ];
};
};