I have HA running behind Traefik. In HomeAssistant, I get following logs:
homeassistant | 2025-04-13 12:55:19.318 DEBUG (MainThread) [custom_components.auth_header] <CIMultiDictProxy('Host': 'homeassistant.tld', 'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15', 'Content-Length': '157', 'Accept': '*/*', 'Accept-Encoding': 'gzip, deflate, br', 'Accept-Language': 'es-ES,es;q=0.9', 'Content-Type': 'text/plain;charset=UTF-8', 'Cookie': 'authelia_session=XXXXX', 'Origin': 'https://homeassistant.tld', 'Priority': 'u=3, i', 'Sec-Fetch-Dest': 'empty', 'Sec-Fetch-Mode': 'cors', 'Sec-Fetch-Site': 'same-origin', 'X-Forwarded-For': 'XXX', 'X-Forwarded-Host': 'homeassistant.tld', 'X-Forwarded-Port': '443', 'X-Forwarded-Proto': 'https', 'X-Forwarded-Server': '7653e9b683fd', 'X-Real-Ip': 'XXX')>
homeassistant | 2025-04-13 12:55:19.318 DEBUG (MainThread) [custom_components.auth_header] Got actual IP 172.29.0.98
homeassistant | 2025-04-13 12:55:19.318 INFO (MainThread) [custom_components.auth_header.headers] No header set, returning empty flow
homeassistant | 2025-04-13 12:55:19.319 DEBUG (MainThread) [custom_components.auth_header.headers] Validating access for IP: 172.29.0.98
homeassistant | 2025-04-13 12:55:19.319 DEBUG (MainThread) [custom_components.auth_header.headers] No matching user found
It complains about it's not receiving proper header. In HA configuration I have this:
username_header: Remote-User
{"ClientAddr":"172.29.0.1:39032","ClientHost":"79.116.72.101","ClientPort":"39032","ClientUsername":"-","DownstreamContentSize":6,"DownstreamStatus":200,"Duration":3395585,"OriginContentSize":6,"OriginDuration":2952906,"OriginStatus":200,"Overhead":442679,"RequestAddr":"authelia.tld","RequestContentSize":0,"RequestCount":170,"RequestHost":"authelia.tld","RequestMethod":"GET","RequestPath":"/api/authz/forward-auth","RequestPort":"-","RequestProtocol":"HTTP/2.0","RequestScheme":"https","RetryAttempts":0,"RouterName":"authelia@file","ServiceAddr":"authelia:9091","ServiceName":"authelia@file","ServiceURL":"http://authelia:9091","SpanId":"0000000000000000","StartLocal":"2025-04-13T09:34:52.051136076Z","StartUTC":"2025-04-13T09:34:52.051136076Z","TLSCipher":"TLS_CHACHA20_POLY1305_SHA256","TLSVersion":"1.3","TraceId":"00000000000000000000000000000000","downstream_Content-Length":"6","downstream_Content-Type":"text/plain; charset=utf-8","downstream_Date":"Sun, 13 Apr 2025 09:34:51 GMT","downstream_Remote-Email":"XXX","downstream_Remote-Groups":"XXX","downstream_Remote-Name":"F3","downstream_Remote-User":"f3","entryPointName":"websecure","level":"info","msg":"","origin_Content-Length":"6","origin_Content-Type":"text/plain; charset=utf-8","origin_Date":"Sun, 13 Apr 2025 09:34:51 GMT","origin_Remote-Email":"XXX","origin_Remote-Groups":"XXX","origin_Remote-Name":"F3","origin_Remote-User":"f3","request_Accept":"*/*","request_Accept-Encoding":"gzip, deflate, br","request_Accept-Language":"es-ES,es;q=0.9","request_Cookie":"authelia_session=XXX","request_Priority":"u=3, i","request_Sec-Fetch-Dest":"empty","request_Sec-Fetch-Mode":"cors","request_Sec-Fetch-Site":"same-origin","request_User-Agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15","request_X-Forwarded-For":"XXX","request_X-Forwarded-Host":"homeassistant.tld","request_X-Forwarded-Method":"GET","request_X-Forwarded-Port":"443","request_X-Forwarded-Proto":"https","request_X-Forwarded-Server":"10b616afa3ee","request_X-Forwarded-Uri":"/frontend_latest/1262.27ea4623221417cf.js","request_X-Real-Ip":"XXX","time":"2025-04-13T09:34:52Z"}
But HA auth header is not receiving it.
Any clue about what is happening?
I have HA running behind Traefik. In HomeAssistant, I get following logs:
It complains about it's not receiving proper header. In HA configuration I have this:
However, in Traefik logs it seems Remote-User header is being redirected:
But HA auth header is not receiving it.
Any clue about what is happening?