Foix blueprint

modules/server/containers/data/authentik/traefik.yaml

@@ -15,19 +15,16 @@ entries:
       invalidation_flow:
         !Find [authentik_flows.flow, [slug, default-provider-invalidation-flow]]
 
-      # For domain-wide, external_host must be the root domain or the auth domain
       external_host: https://@AUTHENTIK_DOMAIN@
-
-      # This allows the cookie to work across *.@COOKIE_DOMAIN@
       cookie_domain: "@COOKIE_DOMAIN@"
 
-      mode: forward_auth
+      mode: forward_auth_domain
       intercept_header_auth: true
 
   # 2. The Application (Required to link the provider)
   - model: authentik_core.application
     identifiers:
-      slug: authentik-proxy-root
+      slug: authentik-proxy
     attrs:
       name: "Domain Auth Provider"
       provider: