Fully translated + good linking
This commit is contained in:
@ -197,7 +197,7 @@ To use Authentik outside your local network, you must expose it.
|
||||
|
||||
::alert{type="info"}
|
||||
📋 __Prerequisites:__ <br/><br/>
|
||||
We assume you have already created a subdomain like `auth.mydomain.com` in your [DNS zone](/generalites/dns), with a CNAME pointing to `mydomain.com`. Also, unless you're using [Cloudflare Zero Trust](/serveex/securite/cloudflare), you must have already forwarded port `443` from your router to port `443` of your server in your [NAT rules](/generalites/nat).
|
||||
We assume you have already created a subdomain like `auth.mydomain.com` in your [DNS zone](/general/dns), with a CNAME pointing to `mydomain.com`. Also, unless you're using [Cloudflare Zero Trust](/serveex/securite/cloudflare), you must have already forwarded port `443` from your router to port `443` of your server in your [NAT rules](/general/nat).
|
||||
::
|
||||
|
||||
Open the `authentik-server.conf` file:
|
||||
@ -363,14 +363,14 @@ Your new architecture looks like this:
|
||||
|
||||
## Protecting a Remote Server Service
|
||||
---
|
||||
For a [native application](/serveex/securite/authentik#protéger-une-app-native) (via OAuth 2.0 or other), nothing changes.
|
||||
For a [native application](/serveex/securite/authentik/#protecting-a-native-app) (via OAuth 2.0 or other), nothing changes.
|
||||
|
||||
For a non-native app behind a reverse proxy, you must deploy an __Outpost__. An Outpost is a container acting as a local proxy — it's the target of your app's auth requests and the only one authorized to communicate with your Authentik API.
|
||||
|
||||
::alert{type="info"}
|
||||
Prerequisites:
|
||||
- Install [Docker](/serveex/coeur/docker) on the remote server hosting the service.
|
||||
- If the app has no native integration, use a compatible reverse proxy. We will use [SWAG](/serveex/coeur/swag) here.
|
||||
- Install [Docker](/serveex/core/docker) on the remote server hosting the service.
|
||||
- If the app has no native integration, use a compatible reverse proxy. We will use [SWAG](/serveex/core/swag) here.
|
||||
::
|
||||
|
||||
This container will forward requests to your main [Authentik](/serveex/securite/authentik#authentik) instance over the internet (or your local network). The server will perform checks and respond to the Outpost, which will allow or block access accordingly.
|
||||
@ -379,7 +379,7 @@ This container will forward requests to your main [Authentik](/serveex/securite/
|
||||
|
||||
### Configuring Authentik
|
||||
|
||||
Create your [providers and applications](/serveex/securite/authentik#protéger-une-app-native) as shown earlier.
|
||||
Create your [providers and applications](/serveex/securite/authentik/#protecting-a-native-app) as shown earlier.
|
||||
|
||||
Then, in the admin panel, go to _Applications > Outposts_, and create a new outpost.
|
||||
|
||||
@ -413,11 +413,11 @@ On the list of created outposts, locate the new one and click _Show details_ at
|
||||
|
||||
### Configuring the Remote Machine
|
||||
|
||||
We assume you’ve already installed [Docker](/serveex/coeur/docker) and [SWAG](/serveex/coeur/swag) on this remote machine.
|
||||
We assume you’ve already installed [Docker](/serveex/core/docker) and [SWAG](/serveex/core/swag) on this remote machine.
|
||||
|
||||
On your remote machine, use [Dockge](/serveex/coeur/docker/#installer-dockge-pour-gérer-et-déployer-les-conteneurs) to create a stack named `authentik-outpost`.
|
||||
On your remote machine, use [Dockge](/serveex/core/docker/#installer-dockge-pour-gérer-et-déployer-les-conteneurs) to create a stack named `authentik-outpost`.
|
||||
|
||||
If you haven’t installed [Dockge](/serveex/coeur/docker/#installer-dockge-pour-gérer-et-déployer-les-conteneurs), create a folder `/docker/authentik-outpost`, or directly via command line:
|
||||
If you haven’t installed [Dockge](/serveex/core/docker/#installer-dockge-pour-gérer-et-déployer-les-conteneurs), create a folder `/docker/authentik-outpost`, or directly via command line:
|
||||
|
||||
```shell
|
||||
sudo mkdir -P /docker/authentik-outpost
|
||||
@ -486,7 +486,7 @@ Press `Esc`, then type `:x` and press `Enter` to save and exit.
|
||||
:::
|
||||
::
|
||||
|
||||
If using [Dockge](/serveex/coeur/docker/#installer-dockge-pour-gérer-et-déployer-les-conteneurs), restart SWAG.
|
||||
If using [Dockge](/serveex/core/docker/#installer-dockge-pour-gérer-et-déployer-les-conteneurs), restart SWAG.
|
||||
|
||||
Otherwise, via terminal:
|
||||
|
||||
@ -547,7 +547,7 @@ proxy_pass http://$upstream_authentik:9000;
|
||||
|
||||
Save and exit with `Esc`, then `:x` and `Enter`.
|
||||
|
||||
Then configure the applications to protect as you did on your main server, whether they are [native](/serveex/securite/authentik#protéger-une-app-native) or protected via [reverse proxy](/serveex/securite/authentik#protéger-une-app-par-reverse-proxy).
|
||||
Then configure the applications to protect as you did on your main server, whether they are [native](/serveex/securite/authentik/#protecting-a-native-app) or protected via [reverse proxy](/serveex/securite/authentik#protecting-an-app-via-reverse-proxy).
|
||||
|
||||
## Migrating an Authentik Database
|
||||
---
|
||||
|
||||
Reference in New Issue
Block a user