From ac850620babe4ef82432a51261c8917ebc042406 Mon Sep 17 00:00:00 2001 From: josedario87 Date: Mon, 27 Oct 2025 15:49:38 -0600 Subject: [PATCH] Arreglar callback de Authentik MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Problema: El callback /outpost.goauthentik.io/callback estaba en el router público sin middleware de Authentik, causando que llegara directamente a Node.js → 404 Error Solución: Quitar /outpost.goauthentik.io del router público para que el callback pase por el router principal con el middleware authentik-forward-auth@file, que maneja correctamente el flujo OAuth --- docker-compose.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index f6fa12f..bced0a5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -36,8 +36,9 @@ - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.responseforwarding.flushinterval=1ms" - "traefik.http.services.wifi-nucleoriofrio-service.loadbalancer.serverstransport=wifi-transport@file" - # Router 1: Público (assets, manifest, icons, callback de Authentik) - SIN autenticación - ALTA PRIORIDAD - - "traefik.http.routers.wifi-nucleoriofrio-public.rule=Host(`wifi.nucleoriofrio.com`) && (PathPrefix(`/assets`) || PathPrefix(`/.well-known`) || PathPrefix(`/icons`) || PathPrefix(`/outpost.goauthentik.io`) || Path(`/manifest.webmanifest`) || Path(`/favicon.ico`) || Path(`/vite.svg`) || Path(`/sw.js`))" + # Router 1: Público (assets, manifest, icons) - SIN autenticación - ALTA PRIORIDAD + # NOTA: /outpost.goauthentik.io NO debe estar aquí, lo maneja el middleware de Authentik + - "traefik.http.routers.wifi-nucleoriofrio-public.rule=Host(`wifi.nucleoriofrio.com`) && (PathPrefix(`/assets`) || PathPrefix(`/.well-known`) || PathPrefix(`/icons`) || Path(`/manifest.webmanifest`) || Path(`/favicon.ico`) || Path(`/vite.svg`) || Path(`/sw.js`))" - "traefik.http.routers.wifi-nucleoriofrio-public.entrypoints=websecure" - "traefik.http.routers.wifi-nucleoriofrio-public.tls.certresolver=letsencrypt" - "traefik.http.routers.wifi-nucleoriofrio-public.service=wifi-nucleoriofrio-service"