authentik icon indicating copy to clipboard operation
authentik copied to clipboard
verified publisher icon goauthentik

How to setup authentic with nginx proxy manager

Open buzzard10 opened this issue 2 years ago • 4 comments

Describe your question/ I would like to use authentic as pre-authorization endpoint for my services which are behind nginx proxy manager. Authentik is hosted on different machine and i would like to know whether is doable?

Relevant infos i'm using authentic and nginx proxy manager in the newest versions. after i set proxy config i have error 500 ;c

buzzard10 avatar Jun 04 '23 07:06 buzzard10

This is doable. There shouldn't be any different configs. NGINX Proxy Manager (NPM) is just a front-end for configuring NGINX. All it does is give you a GUI to setup a proxy server. It still matters what application you are trying to protect.

Say you want to use authentik's proxy provider for Sonarr. In NPM, you configure your sonarr.domain.com to forward to your authentik instance/port. In authentik, you configure your Application and Proxy Provider. But if is an OIDC/SAML app, in NPM you'd just set the forward to the application's IP/port, and configure the idp settings within the app.

authentik even provides the config-bits needed for proxy provider using NPM.

I just set this exact setup for someone else. authentik is running on one host, NPM on another. No problems.

It may help to see both your NPM config and Provider config.

obsidiangroup avatar Jun 13 '23 22:06 obsidiangroup

@obsidiangroup thank you very much for your response! Okay so i have this weird setup, don't lough :) image It's something like this.

  1. User connect to external VPS
  2. My NPM is available on 80/443 ports
  3. NPM point to one of services on this VPS or to FRP tunnel
  4. In my LAN there is FRPC which point to my server by tcp or to my local NPM which then handle traffic to apps
  5. Authentik is on my local host

I know that it's maybe not a BEST setup, but it works for now 😂

Proxy config

Proxy host config: image

Proxy config: I've copied proxy config from official page: https://goauthentik.io/docs/providers/proxy/server_nginx

  • I've changed auth_request /outpost.goauthentik.io/auth/nginx; to auth_request /outpost.goauthentik.io/auth/cdn;
  • I've changed proxy_pass http://outpost.company:9000/outpost.goauthentik.io; to proxy_pass https://auth.XXXXXXXX.XX/outpost.goauthentik.io;

result: image

I wonder, maybe it's a problem that i'm connecting through httpS instead of http?

Provider configuration

image

buzzard10 avatar Jun 14 '23 07:06 buzzard10

@obsidiangroup have you had time to check my config? :)

buzzard10 avatar Jun 22 '23 14:06 buzzard10

NPM and Authentik don't work together if one follows all available instructions. This npm issue thread has workarounds that make it work when using NPM version 2.11.1 through 2.11.3 https://github.com/NginxProxyManager/nginx-proxy-manager/issues/3474

motoridersd avatar Aug 27 '24 16:08 motoridersd