89f251d559
* add nginx forward_auth e2e tests Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add envoy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove even more duplicate code Signed-off-by: Jens Langhammer <jens@goauthentik.io> * cleanup more Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add traefik static config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * more cleanup, don't generate dex config cause they support env variables Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use default dex entrypoint to use templating Signed-off-by: Jens Langhammer <jens@goauthentik.io> * remove options that are always set as default Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix compose flag Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add caddy Signed-off-by: Jens Langhammer <jens@goauthentik.io> * merge python files Signed-off-by: Jens Langhammer <jens@goauthentik.io> * use whoami api to check better Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix envoy config Signed-off-by: Jens Langhammer <jens@goauthentik.io> * set invalidation flow Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix logout checks Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
58 lines
1.3 KiB
YAML
58 lines
1.3 KiB
YAML
# yaml-language-server: $schema=https://json.schemastore.org/traefik-v2.json
|
|
api:
|
|
insecure: true
|
|
debug: true
|
|
|
|
log:
|
|
level: debug
|
|
accessLog:
|
|
filePath: /dev/stdout
|
|
|
|
entryPoints:
|
|
web:
|
|
address: ":80"
|
|
|
|
# Re-use the same config file to define everything
|
|
providers:
|
|
file:
|
|
filename: /etc/traefik/traefik.yml
|
|
|
|
http:
|
|
middlewares:
|
|
authentik:
|
|
forwardAuth:
|
|
address: http://ak-test-outpost:9000/outpost.goauthentik.io/auth/traefik
|
|
trustForwardHeader: true
|
|
authResponseHeaders:
|
|
- X-authentik-username
|
|
- X-authentik-groups
|
|
- X-authentik-email
|
|
- X-authentik-name
|
|
- X-authentik-uid
|
|
- X-authentik-jwt
|
|
- X-authentik-meta-jwks
|
|
- X-authentik-meta-outpost
|
|
- X-authentik-meta-provider
|
|
- X-authentik-meta-app
|
|
- X-authentik-meta-version
|
|
routers:
|
|
default-router:
|
|
rule: "Host(`localhost`)"
|
|
middlewares:
|
|
- authentik
|
|
priority: 10
|
|
service: app
|
|
default-router-auth:
|
|
rule: "Host(`localhost`) && PathPrefix(`/outpost.goauthentik.io/`)"
|
|
priority: 15
|
|
service: authentik
|
|
services:
|
|
app:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://ak-whoami
|
|
authentik:
|
|
loadBalancer:
|
|
servers:
|
|
- url: http://ak-test-outpost:9000/outpost.goauthentik.io
|