server { listen 80; server_name localhost; client_max_body_size 16M; # serve static files location /static/ { alias /static/; } # serve media files location /media/ { alias /media/; } # Authelia endpoint for authentication requests include /config/nginx/auth.conf; # pass requests for dynamic content to gunicorn location / { proxy_set_header Host $host; proxy_pass http://web_recipes:8080; # Ensure Authelia is specifically required for this endpoint # This line is important as it will return a 401 error if the user doesn't have access include /config/nginx/authelia.conf; auth_request_set $user $upstream_http_remote_user; proxy_set_header REMOTE-USER $user; } # Required to allow user to logout of authentication from within Recipes # Ensure the below is changed to actual the authentication url location /accounts/logout/ { return 301 http:///logout } }