trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: add reverse-proxy example config, fix outpost docker-compose

This commit is contained in:
Jens Langhammer 2020-10-08 09:27:28 +02:00
parent 63041d788b
commit 7a3122f25c
3 changed files with 57 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
docs/installation/reverse-proxy.md Normal file
View File

@ -0,0 +1,42 @@
# passbook behind a reverse-proxy
If you want to access passbook behind a reverse-proxy, use a config like this. It is important that Websocket is enabled, so that Outposts can connect.
```
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
# Server config
listen 80;
server_name sso.domain.tld;
# 301 to SSL
location / {
return 301 https://$host$request_uri;
}
}
server {
# Server config
listen 443 ssl http2;
server_name sso.domain.tld;
# SSL Certs
ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem;
# Proxy site
location / {
proxy_pass https://<hostname of your passbook server>;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
```

2
docs/outposts/deploy-docker-compose.md
View File

@ -5,7 +5,7 @@ To deploy an outpost with docker-compose, use this snippet in your docker-compo
You can also run the outpost in a separate docker-compose project, you just have to ensure that the outpost container can reach your application container. You can also run the outpost in a separate docker-compose project, you just have to ensure that the outpost container can reach your application container.
```yaml ```yaml
version: 3.5 version: '3.5'
services: services:
passbook_proxy: passbook_proxy:

27
mkdocs.yml
View File

@ -8,23 +8,24 @@ nav:
- Installation: - Installation:
- docker-compose: installation/docker-compose.md - docker-compose: installation/docker-compose.md
- Kubernetes: installation/kubernetes.md - Kubernetes: installation/kubernetes.md
- Reverse Proxy: installation/reverse-proxy.md
- Flows: - Flows:
Overview: flow/flows.md Overview: flow/flows.md
Examples: flow/examples/examples.md Examples: flow/examples/examples.md
- Stages: - Stages:
- Captcha Stage: flow/stages/captcha/index.md - Captcha Stage: flow/stages/captcha/index.md
- Dummy Stage: flow/stages/dummy/index.md - Dummy Stage: flow/stages/dummy/index.md
- Email Stage: flow/stages/email/index.md - Email Stage: flow/stages/email/index.md
- Identification Stage: flow/stages/identification/index.md - Identification Stage: flow/stages/identification/index.md
- Invitation Stage: flow/stages/invitation/index.md - Invitation Stage: flow/stages/invitation/index.md
- OTP Stage: flow/stages/otp/index.md - OTP Stage: flow/stages/otp/index.md
- Password Stage: flow/stages/password/index.md - Password Stage: flow/stages/password/index.md
- Prompt Stage: flow/stages/prompt/index.md - Prompt Stage: flow/stages/prompt/index.md
- Prompt Stage Validation: flow/stages/prompt/validation.md - Prompt Stage Validation: flow/stages/prompt/validation.md
- User Delete Stage: flow/stages/user_delete.md - User Delete Stage: flow/stages/user_delete.md
- User Login Stage: flow/stages/user_login.md - User Login Stage: flow/stages/user_login.md
- User Logout Stage: flow/stages/user_logout.md - User Logout Stage: flow/stages/user_logout.md
- User Write Stage: flow/stages/user_write.md - User Write Stage: flow/stages/user_write.md
- Sources: sources.md - Sources: sources.md
- Providers: - Providers:
- OAuth2: providers/oauth2.md - OAuth2: providers/oauth2.md