fix ddos

2026-05-09 10:32:18 +02:00
parent f02adc6d93
commit 9f5f8751e5
1 changed files with 1 additions and 0 deletions
--- a/modules/server/containers/defs/traefik.nix
+++ b/modules/server/containers/defs/traefik.nix
@@ -35,6 +35,7 @@ in {
        "traefik.http.routers.${containerCfg.subdomain}.tls.domains[0].main" = "${serverCfg.hostDomain}";
        "traefik.http.routers.${containerCfg.subdomain}.tls.domains[0].sans" = "*.${serverCfg.hostDomain}";
        "traefik.http.middlewares.authentik.forwardauth.maxResponseBodySize" = "10485760";
        "traefik.http.middlewares.authentik.forwardauth.address" = "http://authentik-server:9000/outpost.goauthentik.io/auth/traefik";
        "traefik.http.middlewares.authentik.forwardauth.trustForwardHeader" = "true";
        "traefik.http.middlewares.authentik.forwardauth.authResponseHeaders" = "X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid,X-authentik-jwt,X-authentik-meta-jwks,X-authentik-meta-outpost,X-authentik-meta-provider,X-authentik-meta-app,X-authentik-meta-version";