What happened?
I want to know if its possible to serve files via pomerium like you can with Caddy or NGINX? Here are some examples:
example.com {
root * /srv
file_server
}
Here’s what I’m trying to replicate from NGINX:
}
location /homebrew.orcbrew {
root /usr/share/nginx/html/homebrew;
}
What’s your environment like?
- Pomerium version (retrieve with
pomerium --version
): using pomerium latest in docker compose - i can’t get the exact version version (i don’t know how) - Server Operating System/Architecture/Cloud: host node is debian on proxmox
What’s your config.yaml?
log_level: debug
authenticate_service_url: https://authenticate.example.com
singing_key: REDACTED
cookie_secret: REDACTED
address: :443
http_redirect_addr: :80
idp_provider: "REDACTED"
idp_client_id: "REDACTED"
idp_client_secret: "REDACTED"
certificates:
- cert: '/etc/letsencrypt/live/authenticate.example.com/fullchain.pem'
key: '/etc/letsencrypt/live/authenticate.example.com/privkey.pem'
- cert: '/etc/letsencrypt/live/example.com/fullchain.pem'
key: '/etc/letsencrypt/live/example.com/privkey.pem'
routes:
- from: https://verify.example.com
to: http://verify:8000
pass_identity_headers: true
allow_any_authenticated_user: true
- from: https://docker.example.com
to: http://portainer:9000
pass_identity_headers: true
allow_any_authenticated_user: true
- from: https://syncthing.example.com
to: http://syncthing:8384
pass_identity_headers: true
allow_any_authenticated_user: true
- from: https://example.com
to: http://dashy:80
pass_identity_headers: true
host_rewrite_header: true
allow_any_authenticated_user: true
cors_allow_preflight: true
- from: https://code.example.com
to: http://codeserver:8080
pass_identity_headers: true
host_rewrite_header: true
allow_websockets: true
allow_any_authenticated_user: true
cors_allow_preflight: true
- from: https://notes.example.com
to: http://hedgedoc:3000
pass_identity_headers: true
allow_websockets: true
allow_any_authenticated_user: true
host_rewrite_header: true
cors_allow_preflight: true
- from: https://books.example.com
to: http://calibre-web:8083
pass_identity_headers: true
allow_any_authenticated_user: true
cors_allow_preflight: true
- from: https://dnd.example.com
to: http://foundryvtt:30000
pass_identity_headers: true
host_rewrite_header: true
allow_websockets: true
allow_any_authenticated_user: true
cors_allow_preflight: true
- from: https://orcpub.example.com
to: http://orcpub:8890
pass_identity_headers: true
host_rewrite_header: true
allow_websockets: true
allow_any_authenticated_user: true
cors_allow_preflight: true
- from: https://neko.example.com
to: http://neko:8080
pass_identity_headers: true
host_rewrite_header: true
allow_websockets: true
allow_any_authenticated_user: true
cors_allow_preflight: true
Additional context
Here’s the original thread discussing what I’m trying to do.