API tools faq
paste
Somebody23

navidrome.conf settings

Somebody23
Oct 9th, 2022 (edited)
139
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.79 KB | None | 0 0
raw download clone embed print report
  1. ## Version 2022/09/08
  2. # make sure that your dns has a cname set for navidrome and that your navidrome container is not using a base url
  3.  
  4. server {
  5. listen 443 ssl;
  6. listen [::]:443 ssl;
  7.  
  8. server_name music.*;
  9.  
  10. include /config/nginx/ssl.conf;
  11.  
  12. client_max_body_size 0;
  13.  
  14. location / {
  15. # Put your proxy_pass to your application here
  16. proxy_pass http://192.168.1.102:4533;
  17.  
  18. # authentik-specific config
  19. auth_request /outpost.goauthentik.io/auth/nginx;
  20. error_page 401 = @goauthentik_proxy_signin;
  21. auth_request_set $auth_cookie $upstream_http_set_cookie;
  22. add_header Set-Cookie $auth_cookie;
  23.  
  24. # pass original hostname and url to Nginx, it might be needed for some apps to work
  25. # proxy_set_header Host $host;
  26. # proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
  27.  
  28. # translate headers from the outposts back to the actual upstream
  29. auth_request_set $authentik_username $upstream_http_x_authentik_username;
  30. auth_request_set $authentik_groups $upstream_http_x_authentik_groups;
  31. auth_request_set $authentik_email $upstream_http_x_authentik_email;
  32. auth_request_set $authentik_name $upstream_http_x_authentik_name;
  33. auth_request_set $authentik_uid $upstream_http_x_authentik_uid;
  34.  
  35. proxy_set_header X-authentik-username $authentik_username;
  36. proxy_set_header X-authentik-groups $authentik_groups;
  37. proxy_set_header X-authentik-email $authentik_email;
  38. proxy_set_header X-authentik-name $authentik_name;
  39. proxy_set_header X-authentik-uid $authentik_uid;
  40. }
  41.  
  42. location /outpost.goauthentik.io {
  43. proxy_pass http://auth.mydomain.com/outpost.goauthentik.io;
  44. # ensure the host of this vserver matches your external URL you've configured
  45. # in authentik
  46. proxy_set_header Host $host;
  47. proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
  48. add_header Set-Cookie $auth_cookie;
  49. auth_request_set $auth_cookie $upstream_http_set_cookie;
  50.  
  51. # required for POST requests to work
  52. proxy_pass_request_body off;
  53. proxy_set_header Content-Length "";
  54. }
  55.  
  56. # Special location for when the /auth endpoint returns a 401,
  57. # redirect to the /start URL which initiates SSO
  58. location @goauthentik_proxy_signin {
  59. internal;
  60. add_header Set-Cookie $auth_cookie;
  61. return 302 /outpost.goauthentik.io/start?rd=$request_uri;
  62. # For domain level, use the below error_page to redirect to your authentik server with the full redirect path
  63. # return 302 https://auth.mydomain.com/outpost.goauthentik.io/start?rd=$scheme://$http_host$request_uri;
  64. }
  65. }
  66.  
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!