Comments (1)
assuming you have a reverse proxy installed already that is exposed to your cloudflare tunnel and have authentik working locally, you would use the local proxy url of your application in the host section of cf tunnels. so instead of exposing the docker container directly in your ct tunnel, you would use the mydockerinstance.local.mydomain.com if that makes sense. you would also need to map/expose the actual external url host.domain.com subdomain in your reverse proxy that points to your container or authentik instance depending on how you are proxying with authentik. that way when you access the external url from cloudflare your reverse proxy manager routes it to the resource, which in this case would be attached to/with authentik
in authentik i treated internal and external access as two separate brands by creating a separate outposts to handle local and external requests. this means you'll have to create separate versions of local vs external providers, applications, and brand. then add all the local providers/apps to the local outpost and external providers/apps to the external outpost. and point the local outpost to the local url and the external outpost to point to the external url. most of the settings will be the same when setting up the two providers and applications just the url, referencing provider, names, and slugs will be different.
that way when you're accessing externally it redirects to external authentik and when accessing internally it redirects to the local authentik. this is assuming you also included authentik in your cloudflare tunnel. i didn't see any documentation on this either so i'm not sure if this is the official way/feels lowkey hacky but i was able to get it working this way. i did it this way so i didn't have to create a whole separate instance of authentik for local vs external.
- if any devs/mods are reading this it would be great if we could define multiple hosts/domains/urls for one provider in the proxy section
then in your reverse proxy create a host that handles both or just create a wildcard subdomain if possible for both external and local versions independently if that makes sense
from authentik.
Related Issues (20)
- Nginx proxy managers/nginx configuration given by authentik does not work HOT 5
- Update check fails HOT 3
- AzureAD OAuth Source - Profile URL Reset HOT 5
- Authentik Workers are now have an unexpectedly high memory footprint HOT 1
- ldap duplicate key value HOT 1
- Schedule custom actions
- docs: Update Gitea Service index.md
- Proxy Outpost no longer works after changing server URL
- application/o/authorize endpoint missing CORS headers HOT 4
- I would like to request a feature suggestion.
- Manual outpost env var AUTHENTIK_TOKEN not respecting secrets _FILE suffix HOT 1
- Alternative API auth mechanism
- broken ldap cached session after "failed to execute flow" HOT 4
- authentik/ADFS: Authentication failed: Could not retrieve profile.
- Healthcheck endpoints returning 404 HOT 1
- Add Worker Healthcheck endpoint
- AUTHENTIK_LOG_LEVEL is not respected HOT 5
- Missing custom scopes in JWT (M2M) HOT 3
- Error sending recovery link via Mail von Display Name has "," in it HOT 1
- Error During Example Enrollment Flow HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authentik.