Authelia is open source and a partner of Caddy, so this configuration is standardized. https://www.authelia.com/
Users can customize domain, port,tls, and the uri. Only one Auth Provider can be serialized to the config.
copy_headers are added automatically as per documentation standard without customization options.
To use it, the Forward Auth Provider has to be configured in "General Settings - Auth Provider". Afterwards, in any handle the tab "Access" has the option Forward Auth. Enabling this checkbox will prepend the forward_auth directive before the reverse_proxy directive.
This should work with both domains, and subdomains.
Fixes: https://github.com/opnsense/plugins/issues/4056
This adds a generic and standard approach to forward_auth: https://caddyserver.com/docs/caddyfile/directives/forward_auth.
This implementation generates the default configuration for Authelia based on the documentation: https://caddyserver.com/docs/caddyfile/directives/forward_auth#authelia
Authelia is open source and a partner of Caddy, so this configuration is standardized. https://www.authelia.com/
Users can customize
domain
,port
,tls
, and theuri
. Only one Auth Provider can be serialized to the config.copy_headers
are added automatically as per documentation standard without customization options.To use it, the Forward Auth Provider has to be configured in "General Settings - Auth Provider". Afterwards, in any
handle
the tab "Access" has the optionForward Auth
. Enabling this checkbox will prepend theforward_auth
directive before thereverse_proxy
directive.This should work with both
domains
, andsubdomains
.An example generated config: