-
Notifications
You must be signed in to change notification settings - Fork 35
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[feature] protecting proxy hosts using lua-resty-openidc #1606
Comments
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Yes on my half Reason being is many auth providers don't support auth request and currently the solution requires deploying a auth proxy as extra middleware which isn't ideal The branch I mentioned provides this via iirc lua-resty-oidc (branch in question: https://github.com/NginxProxyManager/nginx-proxy-manager/tree/openidc ) |
This comment has been minimized.
This comment has been minimized.
You can try to switch to the develop tag and just paste this example in the advanced tab, make sure to edit all variables (marked with {{ var_name }}), to remove not needed lines with are inside an if condition ({% if ... %} {% endif ... %}) and to fill out if conditions, but it could maybe block renewals using http challenge, but anything not tested by me, I just copied this example from the mentioned branch and installed to required lua module in the develop tag:
|
This comment has been minimized.
This comment has been minimized.
can you please test if my comment above works? |
Hey sorry, I am not using NPMPlus or NPM right now, I have needed oidc for a while and switched to raw nginx/openresty to accomodate that The moment either project has native oidc support via the UI then Id likely switch back That being said when I have some spare time if noone else has tried it I could try spinning up an instance just to test it out and see if it works |
Maybe I will add it to the UI in the (far) future, but testing is still welcome by anyone, since a tested advanced config is the base requirement to also get a UI implementation |
Would love to see the oidc feature from the nginx proxy manager openidc branch make its way here (or another implementation)
Being able to setup other auth providers like say keycloak without needing a middleware auth proxy would be a a great addition
The text was updated successfully, but these errors were encountered: