Added Header Authentication

2025-12-31 21:59:58 +03:00 · 2025-07-17 16:19:56 +05:30
parent 744064f3aa
commit cad77320f3
7 changed files with 328 additions and 15 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -52,6 +52,13 @@ services:
      - DELAY=${DELAY:-3600}
      # Optional: Skip TLS verification (insecure, use only for testing)
      # - GITEA_SKIP_TLS_VERIFY=${GITEA_SKIP_TLS_VERIFY:-false}
+      # Header Authentication (for Reverse Proxy SSO)
+      - HEADER_AUTH_ENABLED=${HEADER_AUTH_ENABLED:-false}
+      - HEADER_AUTH_USER_HEADER=${HEADER_AUTH_USER_HEADER:-X-Authentik-Username}
+      - HEADER_AUTH_EMAIL_HEADER=${HEADER_AUTH_EMAIL_HEADER:-X-Authentik-Email}
+      - HEADER_AUTH_NAME_HEADER=${HEADER_AUTH_NAME_HEADER:-X-Authentik-Name}
+      - HEADER_AUTH_AUTO_PROVISION=${HEADER_AUTH_AUTO_PROVISION:-false}
+      - HEADER_AUTH_ALLOWED_DOMAINS=${HEADER_AUTH_ALLOWED_DOMAINS:-}
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=3", "--spider", "http://localhost:4321/api/health"]
      interval: 30s