commit f77ce61ee08f575b6805e82cdb9e6f3b56645b8f parent c43bc3742bd75656b683053c6cfe2af28c7ba0e6 Author: mtmn <miro@haravara.org> Date: Wed, 29 Apr 2026 22:30:18 +0200 fix: handle auth more dynamically Diffstat:
| M | hosts/nixaran/configuration.nix | | | 0 | |
| M | modules/services/caddy.nix | | | 12 | ++++-------- |
2 files changed, 4 insertions(+), 8 deletions(-)
diff --git a/hosts/nixaran/configuration.nix b/hosts/nixaran/configuration.nix Binary files differ. diff --git a/modules/services/caddy.nix b/modules/services/caddy.nix @@ -43,23 +43,19 @@ in { extraConfig = (lib.concatStringsSep "\n" (lib.mapAttrsToList (name: domain: - mkAuthSnippet ( - if name == "default" - then "auth" - else "auth_${name}" - ) + mkAuthSnippet "auth_${name}" domain) cfg.authDomains)) + '' (remote_auth) { - forward_auth https://${cfg.authDomains.default} { + forward_auth https://${cfg.authDomains.haravara} { uri /oauth2/auth copy_headers X-Auth-Request-User X-Auth-Request-Email - header_up Host ${cfg.authDomains.default} + header_up Host ${cfg.authDomains.haravara} @error status 401 handle_response @error { - redir * https://${cfg.authDomains.default}/oauth2/start?rd=https://{host}{uri} + redir * https://${cfg.authDomains.haravara}/oauth2/start?rd=https://{host}{uri} } } }