authentik/website/docs/providers/proxy/_nginx_ingress.md

Create a new ingress for the outpost

```yaml
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: authentik-outpost
spec:
  rules:
  - host: app.company
    http:
      paths:
      - backend:
          # Or, to use an external Outpost, create an ExternalName service and reference that here.
          # See https://kubernetes.io/docs/concepts/services-networking/service/#externalname
          serviceName: ak-outpost-example-outpost
          servicePort: 9000
        path: /outpost.goauthentik.io
```

This ingress handles authentication requests, and the sign-in flow.

Add these annotations to the ingress you want to protect

```yaml
metadata:
  annotations:
    nginx.ingress.kubernetes.io/auth-url: |
      https://outpost.company/outpost.goauthentik.io/auth/nginx
    nginx.ingress.kubernetes.io/auth-signin: |
      https://outpost.company/outpost.goauthentik.io/start?rd=$escaped_request_uri
    nginx.ingress.kubernetes.io/auth-response-headers: |
      Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid
    nginx.ingress.kubernetes.io/auth-snippet: |
       proxy_set_header Host $http_host;
```
website/docs: add nginx-proxy-manager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-12 21:57:19 +00:00			`Create a new ingress for the outpost`

			```yaml
			`apiVersion: networking.k8s.io/v1beta1`
			`kind: Ingress`
			`metadata:`
			`name: authentik-outpost`
			`spec:`
			`rules:`
website/docs: use common placeholders for forward_auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-26 12:29:38 +00:00			`- host: app.company`
website/docs: add nginx-proxy-manager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-12 21:57:19 +00:00			`http:`
			`paths:`
			`- backend:`
web/admin: redesign provider pages to provide more info Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-26 13:08:45 +00:00			`# Or, to use an external Outpost, create an ExternalName service and reference that here.`
			`# See https://kubernetes.io/docs/concepts/services-networking/service/#externalname`
			`serviceName: ak-outpost-example-outpost`
website/docs: add nginx-proxy-manager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-12 21:57:19 +00:00			`servicePort: 9000`
*: rename akprox to outpost.goauthentik.io (#2266) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-02-08 19:25:38 +00:00			`path: /outpost.goauthentik.io`
website/docs: add nginx-proxy-manager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-12 21:57:19 +00:00			```

			`This ingress handles authentication requests, and the sign-in flow.`

			`Add these annotations to the ingress you want to protect`

			```yaml
			`metadata:`
			`annotations:`
website/docs: use common placeholders for forward_auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-26 12:29:38 +00:00			`nginx.ingress.kubernetes.io/auth-url: \|`
*: rename akprox to outpost.goauthentik.io (#2266) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-02-08 19:25:38 +00:00			`https://outpost.company/outpost.goauthentik.io/auth/nginx`
website/docs: use common placeholders for forward_auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-26 12:29:38 +00:00			`nginx.ingress.kubernetes.io/auth-signin: \|`
*: rename akprox to outpost.goauthentik.io (#2266) Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-02-08 19:25:38 +00:00			`https://outpost.company/outpost.goauthentik.io/start?rd=$escaped_request_uri`
website/docs: use common placeholders for forward_auth Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-26 12:29:38 +00:00			`nginx.ingress.kubernetes.io/auth-response-headers: \|`
			`Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid`
website/docs: add nginx-proxy-manager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-12 21:57:19 +00:00			`nginx.ingress.kubernetes.io/auth-snippet: \|`
website/docs: improve nginx examples Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2022-01-25 13:25:21 +00:00			`proxy_set_header Host $http_host;`
website/docs: add nginx-proxy-manager Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> 2021-11-12 21:57:19 +00:00			```