Comments (1)
assuming you have a reverse proxy installed already that is exposed to your cloudflare tunnel and have authentik working locally, you would use the local proxy url of your application in the host section of cf tunnels. so instead of exposing the docker container directly in your ct tunnel, you would use the mydockerinstance.local.mydomain.com if that makes sense. you would also need to map/expose the actual external url host.domain.com subdomain in your reverse proxy that points to your container or authentik instance depending on how you are proxying with authentik. that way when you access the external url from cloudflare your reverse proxy manager routes it to the resource, which in this case would be attached to/with authentik
in authentik i treated internal and external access as two separate brands by creating a separate outposts to handle local and external requests. this means you'll have to create separate versions of local vs external providers, applications, and brand. then add all the local providers/apps to the local outpost and external providers/apps to the external outpost. and point the local outpost to the local url and the external outpost to point to the external url. most of the settings will be the same when setting up the two providers and applications just the url, referencing provider, names, and slugs will be different.
that way when you're accessing externally it redirects to external authentik and when accessing internally it redirects to the local authentik. this is assuming you also included authentik in your cloudflare tunnel. i didn't see any documentation on this either so i'm not sure if this is the official way/feels lowkey hacky but i was able to get it working this way. i did it this way so i didn't have to create a whole separate instance of authentik for local vs external.
- if any devs/mods are reading this it would be great if we could define multiple hosts/domains/urls for one provider in the proxy section
then in your reverse proxy create a host that handles both or just create a wildcard subdomain if possible for both external and local versions independently if that makes sense
from authentik.
Related Issues (20)
- Custom Event "expires" time does not reflect System Settings
- LDAP search permissions no longer work HOT 8
- Apple Social Source Not Returning Name on First Login
- Custom workflow for non-standard OAuth2
- Provision System>>Settings>>Avatars via blueprints
- Unable to sync groups from Active Directory
- Update OAuth2 provider scopes in roundcube integration docs HOT 1
- Adding Elestio as deployment option
- Users have to login multiple times a day
- Authentic configuration_error error emails after upgrade 2024.8.2 HOT 2
- OAuth2 Duplicate User Error
- configuration for nginx proxy manager makes host offline HOT 9
- Kubernetes standalone outpost gives Failed to fetch outpost configuration... error="403 Forbidden" HOT 1
- OAuth2 require DB strong consistancy
- OIDC source endpoints misconfigured when deleting an external user HOT 2
- LDAP client can't connect to ldap outpost(2024.8.2) and authentik(2024.8.2)
- Ui HOT 1
- @ HOT 1
- Make Authentik transparent to improve user experience
- authentik only randomly comes online
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from authentik.