I am utilizing the following apps on TrueNAS Community 25.04.0:
- Authentik - App Version: v2025.4.1, Version: v1.0.16
- Nginx - App Version: v2.12.3, Version: v1.1.14
So far, I have configured the apps Audiobookshelf, Immich, and Zipline for OAUTH authentication. (YAY!) However, I want to also configure two apps (IT-Tools, OpenSpeedTest) for external access. Currently, the pages are accessible both when I do not password protect them as well as requiring authentication from Nginx Proxy Manager. I want to set up forward authentication so that anyone accessing it-tools.mydomain.test or openspeedtest.mydomain.test (replace mydomain.test with my actual domain) will be redirected to Authentik for validation followed by access to the tool. This appears to require Forward Authentication, so I have followied the instructions for creating a Proxy Provider → Forward Auth (Single Application). I have installed the provided script for Nginx (Proxy Manager), disabled the authentication set up for the site in Nginx Proxy Manager, and changed line 50 from the following:
# When using the embedded outpost, use:
proxy_pass http://authentik.company:9000/outpost.goauthentik.io;
When I perform the following changes, I get a “500 Internal Server Error”, apparently from the Nginx Reverse Proxy:
The only address that works is http://192.168.1.2:30020, but it brings up the webpage directly without the detour for Authentik validation. (no, not what I wanted). This is with testing in Incognito mode of my browser to avoid cookies and caching.
I am utilizing the following ports:
- WebUI Port: 30020
- HTTP Port: 30021
- HTTPS Port: 30022
- No additional ports configured
Do I have to definate a port 9000? If so, what values do I put in as follows:
