From 683da0dad1eae6132445f71cbc8b82391f72dc65 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Lov=C3=A9n?= <thomasloven@gmail.com>
Date: Mon, 27 Jan 2020 16:34:59 +0100
Subject: [PATCH] Fix authelia login redirection

---
 README.md                    | 1 +
 traefik/config/security.yaml | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index f9b222d..971207f 100644
--- a/README.md
+++ b/README.md
@@ -15,3 +15,4 @@ Instead, a special service - `authelia-config` runs before authelia start, and p
 ## Lessons learned
 
 - Authelia will ONLY work with https. Both the authelia url itself and the one being authenticated must be https.
+- The authorization link should NOT end with `/#/` or `/%2F/` or anything, just `/`. Otherwise it will not redirect you back after authorizing.
diff --git a/traefik/config/security.yaml b/traefik/config/security.yaml
index 4d7fffb..4903f78 100644
--- a/traefik/config/security.yaml
+++ b/traefik/config/security.yaml
@@ -27,9 +27,10 @@ http:
     auth:
       # Go through authelia for authorization
       forwardAuth:
-        address: http://authelia:9091/api/verify?rd=https://auth.{{ env "PRIVATE_DOMAIN" }}/%23/
+        address: http://authelia:9091/api/verify?rd=https://auth.{{ env "PRIVATE_DOMAIN" }}/
         trustForwardHeader: true
         authResponseHeaders:
           - X-Forwarded-User
-        insecureSkipVerify: true
+        tls:
+          insecureSkipVerify: true