Problem (field : 'head') with authelia

[Henrya20]

Hello,

[ALERT] 341/153853 (7) : Lua function 'auth-request': runtime error: /usr/local/etc/haproxy/auth-request.lua:90: attempt to call a nil value (field 'head') from /usr/local/etc/haproxy/auth-request.lua:90 C function line 48.
Lua function 'auth-request': runtime error: /usr/local/etc/haproxy/auth-request.lua:90: attempt to call a nil value (field 'head') from /usr/local/etc/haproxy/auth-request.lua:90 C function line 48.

This is the error I get when using the auth-request script in conjunction with authelia.

The problem is that I get redirected back to the authelia login page even though the login is correct.

Unfortunately I can't really figure it out.

This is my HAProxy Config:

global
# Path to haproxy-lua-http, below example assumes /usr/local/etc/haproxy/haproxy-lua-http/http.lua
lua-prepend-path /usr/local/etc/haproxy/?/http.lua
lua-prepend-path /usr/local/etc/haproxy/json.lua
# Path to haproxy-auth-request
lua-load /usr/local/etc/haproxy/auth-request.lua
log stdout format raw local0 debug
defaults
mode http
log global
option httplog
option forwardfor
frontend fe_http
bind *:8080
acl protected-frontends hdr(host) -m reg -i ^(?i)(mail).example.de
acl host-authelia hdr(host) -i auth.example.de
acl host-mail hdr(host) -i mail.example.de
http-request set-var(req.scheme) str(https) if { ssl_fc }
http-request set-var(req.scheme) str(http) if !{ ssl_fc }
http-request set-var(req.questionmark) str(?) if { query -m found }
http-request set-header X-Real-IP %[src]
http-request set-header X-Forwarded-Proto %[var(req.scheme)]
http-request set-header X-Forwarded-Host %[req.hdr(Host)]
http-request set-header X-Forwarded-Uri %[path]%[var(req.questionmark)]%[query]
# Protect endpoints with haproxy-auth-request and Authelia
http-request lua.auth-request be_authelia /api/verify if protected-frontends
use_backend be_authelia if host-authelia
# Redirect protected-frontends to Authelia if not authenticated
http-request redirect location http://auth.example.de/?rd=https://%[base]%[var(req.questionmark)]%[query] if protected-frontends !{ var(txn.auth_response_successful) -m bool }
# Service backend route(s)
use_backend be_mail if host-mail
backend be_authelia
server authelia:9091 authelia:9091
backend be_mail
# Pass Remote-User, Remote-Name, Remote-Email and Remote-Groups headers
acl remote_user_exist var(req.auth_response_header.remote_user) -m found
acl remote_groups_exist var(req.auth_response_header.remote_groups) -m found
acl remote_name_exist var(req.auth_response_header.remote_name) -m found
acl remote_email_exist var(req.auth_response_header.remote_email) -m found
http-request set-header Remote-User %[var(req.auth_response_header.remote_user)] if remote_user_exist
http-request set-header Remote-Groups %[var(req.auth_response_header.remote_groups)] if remote_groups_exist
http-request set-header Remote-Name %[var(req.auth_response_header.remote_name)] if remote_name_exist
http-request set-header Remote-Email %[var(req.auth_response_header.remote_email)] if remote_email_exist
server mail 10.1.1.1:12000

[TimWolla]

This looks like haproxy-lua-http is not properly installed / outdated. This is the version you need: https://github.com/haproxytech/haproxy-lua-http/blob/4ac4483142c4f12445d47e55c8ecf155d9be0904/http.lua

[Henrya20]

Thank you for your reply.

Unfortunately after downloading the http.lua script again from the Git, i get the same error.

[TimWolla]

lua-prepend-path /usr/local/etc/haproxy/?/http.lua
lua-prepend-path /usr/local/etc/haproxy/json.lua

It might be that the script was not found in the expected location (/usr/local/etc/haproxy/haproxy-lua-http/http.lua) and HAProxy instead loaded /usr/local/etc/haproxy/json.lua, because without a question mark placeholder that acts as a catch all. What happens if you comment out the lua-prepend-path /usr/local/etc/haproxy/json.lua line?

[TimWolla]

Closing due to the lack of activity and this being a question only.