There is now native support for external authentication in Caddy since version v2.5.1.
Check out the official documentation here
Caddy 2 plugin for integration with Authelia
The following is an example of using the plugin inside a Caddyfile:
whoami.example.com {
route {
# Authelia URL : internal URL preferred
authelia http://authelia:9091 {
# redirect_url: optional
# Public auth URL, used when not authenticated on whoami.example.com
redirect_url authelia.example.com
}
request_header Remote-User {http.auth.user.id}
request_header Remote-Groups {http.auth.user.groups}
request_header Remote-Email {http.auth.user.email}
request_header Remote-Name {http.auth.user.name}
reverse_proxy http://whoami
}
}
authelia.example.com {
# Needed for 2FA to work - authelia checks X-Forwarded-Host, and Caddy doesn't fill it by default
request_header X-Forwarded-Host {http.request.host}
reverse_proxy http://authelia:9091
}This project is available under the Mozilla Public License 2.0 (MPL), excepted where otherwise explicitly noted.
Copyright (c) 2020 Vítor Vasconcellos. All rights reserved.
I am not affiliated with Caddy or Authelia.
Caddy® is a registered trademark of Light Code Labs, LLC.