Code Monkey home page Code Monkey logo

Comments (1)

gitmotion avatar gitmotion commented on June 13, 2024

assuming you have a reverse proxy installed already that is exposed to your cloudflare tunnel and have authentik working locally, you would use the local proxy url of your application in the host section of cf tunnels. so instead of exposing the docker container directly in your ct tunnel, you would use the mydockerinstance.local.mydomain.com if that makes sense. you would also need to map/expose the actual external url host.domain.com subdomain in your reverse proxy that points to your container or authentik instance depending on how you are proxying with authentik. that way when you access the external url from cloudflare your reverse proxy manager routes it to the resource, which in this case would be attached to/with authentik

in authentik i treated internal and external access as two separate brands by creating a separate outposts to handle local and external requests. this means you'll have to create separate versions of local vs external providers, applications, and brand. then add all the local providers/apps to the local outpost and external providers/apps to the external outpost. and point the local outpost to the local url and the external outpost to point to the external url. most of the settings will be the same when setting up the two providers and applications just the url, referencing provider, names, and slugs will be different.

that way when you're accessing externally it redirects to external authentik and when accessing internally it redirects to the local authentik. this is assuming you also included authentik in your cloudflare tunnel. i didn't see any documentation on this either so i'm not sure if this is the official way/feels lowkey hacky but i was able to get it working this way. i did it this way so i didn't have to create a whole separate instance of authentik for local vs external.

  • if any devs/mods are reading this it would be great if we could define multiple hosts/domains/urls for one provider in the proxy section

then in your reverse proxy create a host that handles both or just create a wildcard subdomain if possible for both external and local versions independently if that makes sense

from authentik.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.