Hey y'all,
I have no idea what broke since this all used to work. I'm using Authelia to secure a couple of webapps, and it used to work fine, passing along Remote-User headers and everything. Something must have changed, but I can't narrow it down, and posting here is my last ditch to get it working haha.
I can set up services just fine, but as soon as I add the auth@file middleware the services start returning a 404. I can connect to auth.domain.com just fine, log in, log out, etc, but applying it to a service immediately makes it return a 404 with no further information in any logs or developer tools.
I've attached the relevant snippets below:
Note: Service responds as normal with ipAllowList middleware.
fileConfig.yml Routers
http:
routers:
paperless-ngx:
entryPoints:
- https
rule: 'Host(`paperless.domain.com`)'
service: paperless-ngx
middlewares:
- auth@file
- ipWhiteList@file
fileConfig.yml Service (X for obfuscation)
services:
paperless-ngx:
loadBalancer:
servers:
- url: http://192.168.1.X:8000
fileConfig.yml Middlewares
middlewares:
# Only Allow Local networks
ipWhiteList:
ipWhiteList:
sourceRange:
- 127.0.0.1/32 # localhost
- 192.168.1.1/24 # LAN Subnet
# Authelia guard
auth:
forwardauth:
address: http://authelia:9091/api/verify?rd=https://auth.domain.com/
trustForwardHeader: true
authResponseHeaders:
- Remote-User
- Remote-Groups
- Remote-Name
- Remote-Email
Does anything here look wrong? I can additionally post my Authelia config, let me know the relevant bits so I can obfuscate and minimise the amount I'm posting.
Thanks so much in advance everyone.
Additional info:
All apps are running in Docker within Unraid. I'm defining the services within the fileConfig to easier keep track/AB test my auth issues. I'm connecting locally for now, but I have some other services exposed to the open internet. If I had to narrow down some changes that broke Authelia, I think I may have made a change during setting up Remote-User headers, but I can't find any differences between my current setup and the example configs I adapted to set up Authelia in the first place.