ervwalter · January 4, 2022 21:03
diff --git a/authelia advanced config directives b/authelia advanced config directives
 location /authelia {
    internal;
    set $upstream_authelia http://authelia:9091/api/verify; #ADD YOUR IP AND PORT OF AUTHELIA
    proxy_pass_request_body off;
    proxy_pass $upstream_authelia;    
    proxy_set_header Content-Length "";

    # Timeout if the real server is dead
    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
    client_body_buffer_size 128k;
    proxy_set_header Host $host;
    proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr; 
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Host $http_host;
    proxy_set_header X-Forwarded-Uri $request_uri;
    proxy_set_header X-Forwarded-Ssl on;
    proxy_redirect  http://  $scheme://;
    proxy_http_version 1.1;
    proxy_set_header Connection "";
    proxy_cache_bypass $cookie_session;
    proxy_no_cache $cookie_session;
    proxy_buffers 4 32k;

    send_timeout 5m;
    proxy_read_timeout 240;
    proxy_send_timeout 240;
    proxy_connect_timeout 240;
 }

 location / {
 		auth_request /authelia;
 		auth_request_set $target_url $scheme://$http_host$request_uri;
 		auth_request_set $user $upstream_http_remote_user;
 		auth_request_set $groups $upstream_http_remote_groups;
 		proxy_set_header Remote-User $user;
 		proxy_set_header Remote-Groups $groups;
 		error_page 401 =302 https://auth.example.com/?rd=$target_url; #change EXAMPLE.COM to your domain
 		
 		client_body_buffer_size 128k;
 		proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    proxy_http_version 1.1;

    # default proxy rules
    include conf.d/include/proxy.conf;
 }
diff --git a/heimdall-docker-compose.yml b/heimdall-docker-compose.yml
 version: "2.2"

 services:
  heimdall:
    image: ghcr.io/linuxserver/heimdall
    container_name: heimdall
    environment:
      - PUID=1000
      - PGID=1000
      - TZ=America/Chicago
    volumes:
      - ./config:/config
    restart: unless-stopped

 networks:
  default:
    name: proxy
diff --git a/npm proxy host settings b/npm proxy host settings
 domain names:       heimdall.example.com
 scheme:             http
 forward hostname:   heimdall
 forward port:       443
 cache assets:       false
 websockets support: false
 access list:        publically accessible
 ssl certificat:     *.example.com
 force ssl:          true
 advanced:           [the ngnix directives for authelia]
diff --git a/npm-docker-compose.yml b/npm-docker-compose.yml
 version: "3"
 services:
  app:
    container_name: nginx-proxy-manager
    image: "jc21/nginx-proxy-manager:latest"
    restart: always
    ports:
      - "80:80"
      - "443:443"
      - "81:81"
    environment:
      DB_SQLITE_FILE: "/data/database.sqlite"
      DISABLE_IPV6: "true"
    healthcheck:
      test: ["CMD", "/bin/check-health"]
      interval: 10s
      timeout: 3s
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt

 networks:
  default:
    name: proxy
	location /authelia {
	internal;
	set $upstream_authelia http://authelia:9091/api/verify; #ADD YOUR IP AND PORT OF AUTHELIA
	proxy_pass_request_body off;
	proxy_pass $upstream_authelia;
	proxy_set_header Content-Length "";

	# Timeout if the real server is dead
	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
	client_body_buffer_size 128k;
	proxy_set_header Host $host;
	proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $remote_addr;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header X-Forwarded-Host $http_host;
	proxy_set_header X-Forwarded-Uri $request_uri;
	proxy_set_header X-Forwarded-Ssl on;
	proxy_redirect http:// $scheme://;
	proxy_http_version 1.1;
	proxy_set_header Connection "";
	proxy_cache_bypass $cookie_session;
	proxy_no_cache $cookie_session;
	proxy_buffers 4 32k;

	send_timeout 5m;
	proxy_read_timeout 240;
	proxy_send_timeout 240;
	proxy_connect_timeout 240;
	}

	location / {
	auth_request /authelia;
	auth_request_set $target_url $scheme://$http_host$request_uri;
	auth_request_set $user $upstream_http_remote_user;
	auth_request_set $groups $upstream_http_remote_groups;
	proxy_set_header Remote-User $user;
	proxy_set_header Remote-Groups $groups;
	error_page 401 =302 https://auth.example.com/?rd=$target_url; #change EXAMPLE.COM to your domain

	client_body_buffer_size 128k;
	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;

	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection $http_connection;
	proxy_http_version 1.1;

	# default proxy rules
	include conf.d/include/proxy.conf;
	}
	version: "2.2"

	services:
	heimdall:
	image: ghcr.io/linuxserver/heimdall
	container_name: heimdall
	environment:
	- PUID=1000
	- PGID=1000
	- TZ=America/Chicago
	volumes:
	- ./config:/config
	restart: unless-stopped

	networks:
	default:
	name: proxy
	domain names: heimdall.example.com
	scheme: http
	forward hostname: heimdall
	forward port: 443
	cache assets: false
	websockets support: false
	access list: publically accessible
	ssl certificat: *.example.com
	force ssl: true
	advanced: [the ngnix directives for authelia]
	version: "3"
	services:
	app:
	container_name: nginx-proxy-manager
	image: "jc21/nginx-proxy-manager:latest"
	restart: always
	ports:
	- "80:80"
	- "443:443"
	- "81:81"
	environment:
	DB_SQLITE_FILE: "/data/database.sqlite"
	DISABLE_IPV6: "true"
	healthcheck:
	test: ["CMD", "/bin/check-health"]
	interval: 10s
	timeout: 3s
	volumes:
	- ./data:/data
	- ./letsencrypt:/etc/letsencrypt

	networks:
	default:
	name: proxy