nixos/oauth2_proxy_nginx: specify hostname in X-Auth-Request-Redirect

Fixes redirection after signing in when you use a single oauth2_proxy instance for multiple domains. X-Auth-Request-Redirect header is used to decide which URL to redirect to after signing in. Specifying `request_uri` is enough in case you need to redirect to the same domain that serves oauth2 callback endpoint, but with multiple domains the you should include the scheme and the host.
author: Zhenya Vinogradov <zhenyavinogradov@gmail.com> 2021-02-08 15:04:23 +0300
committer: Zhenya Vinogradov <zhenyavinogradov@gmail.com> 2021-02-08 15:28:52 +0300
commit: cc26d8592f6c6fb39b8ac8b4ad83a73df71675bc (patch)
tree: 17c8c9f4a22964ba913465074b138a14e0527edc /nixos/modules
parent: c9f6a7f349a4608fc5c85c5cac756ba400320dba (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/security/oauth2_proxy_nginx.nix b/nixos/modules/services/security/oauth2_proxy_nginx.nix
index be6734f439f3d..553638ad49658 100644
--- a/nixos/modules/services/security/oauth2_proxy_nginx.nix
+++ b/nixos/modules/services/security/oauth2_proxy_nginx.nix
@@ -31,7 +31,7 @@ in
         proxyPass = cfg.proxy;
         extraConfig = ''
           proxy_set_header X-Scheme                $scheme;
-          proxy_set_header X-Auth-Request-Redirect $request_uri;
+          proxy_set_header X-Auth-Request-Redirect $scheme://$host$request_uri;
         '';
       };
       locations."/oauth2/auth" = {
author	Zhenya Vinogradov <zhenyavinogradov@gmail.com>	2021-02-08 15:04:23 +0300
committer	Zhenya Vinogradov <zhenyavinogradov@gmail.com>	2021-02-08 15:28:52 +0300
commit	cc26d8592f6c6fb39b8ac8b4ad83a73df71675bc (patch)
tree	17c8c9f4a22964ba913465074b138a14e0527edc /nixos/modules
parent	c9f6a7f349a4608fc5c85c5cac756ba400320dba (diff)