How to setup authentic with nginx proxy manager

[buzzard10]

Describe your question/ I would like to use authentic as pre-authorization endpoint for my services which are behind nginx proxy manager. Authentik is hosted on different machine and i would like to know whether is doable?

Relevant infos i'm using authentic and nginx proxy manager in the newest versions. after i set proxy config i have error 500 ;c

[obsidiangroup]

This is doable. There shouldn't be any different configs. NGINX Proxy Manager (NPM) is just a front-end for configuring NGINX. All it does is give you a GUI to setup a proxy server. It still matters what application you are trying to protect.

Say you want to use authentik's proxy provider for Sonarr. In NPM, you configure your sonarr.domain.com to forward to your authentik instance/port. In authentik, you configure your Application and Proxy Provider. But if is an OIDC/SAML app, in NPM you'd just set the forward to the application's IP/port, and configure the idp settings within the app.

authentik even provides the config-bits needed for proxy provider using NPM.

I just set this exact setup for someone else. authentik is running on one host, NPM on another. No problems.

It may help to see both your NPM config and Provider config.

[buzzard10]

@obsidiangroup thank you very much for your response! Okay so i have this weird setup, don't lough :) It's something like this.

1. User connect to external VPS
2. My NPM is available on 80/443 ports
3. NPM point to one of services on this VPS or to FRP tunnel
4. In my LAN there is FRPC which point to my server by tcp or to my local NPM which then handle traffic to apps
5. Authentik is on my local host

I know that it's maybe not a BEST setup, but it works for now 😂

Proxy config

Proxy host config:

Proxy config: I've copied proxy config from official page: https://goauthentik.io/docs/providers/proxy/server_nginx

• I've changed auth_request /outpost.goauthentik.io/auth/nginx; to auth_request /outpost.goauthentik.io/auth/cdn;
• I've changed proxy_pass http://outpost.company:9000/outpost.goauthentik.io; to proxy_pass https://auth.XXXXXXXX.XX/outpost.goauthentik.io;

result:

I wonder, maybe it's a problem that i'm connecting through httpS instead of http?

Provider configuration

[buzzard10]

@obsidiangroup have you had time to check my config? :)