yonote
/
onprem-deploy
17
0
Fork 0
Code Pull Requests Releases Activity
onprem-deploy/yonote-keycloak-chart/traefik-forward-auth.yaml

90 lines
2.1 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik-forward-auth
namespace: yonote-onprem
labels:
app: traefik-forward-auth
spec:
replicas: 1
selector:
matchLabels:
app: traefik-forward-auth
strategy:
type: Recreate
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
template:
metadata:
labels:
app: traefik-forward-auth
spec:
containers:
- name: traefik-forward-auth
image: thomseddon/traefik-forward-auth:2
ports:
- containerPort: 4181
protocol: TCP
env:
- name: DOMAIN
value: "wilix.org,wilix.dev"
- name: AUTH_HOST
value: "auth.yonote.develop.wilix.dev"
- name: INSECURE_COOKIE
value: "false"
- name: DEFAULT_PROVIDER
value: "oidc"
- name: PROVIDERS_OIDC_ISSUER_URL
value: "https://auth.onprem-test.stands.wilix.dev/realms/yonote"
- name: PROVIDERS_OIDC_CLIENT_ID
value: "admin"
- name: PROVIDERS_OIDC_CLIENT_SECRET
value: "12345"
- name: SECRET
value: "0987654321"
- name: LOG_LEVEL
value: "debug"
imagePullPolicy: IfNotPresent
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
restartPolicy: Always
terminationGracePeriodSeconds: 60
dnsPolicy: ClusterFirst
securityContext: {}
schedulerName: default-scheduler
---
apiVersion: v1
kind: Service
metadata:
name: traefik-forward-auth
namespace: yonote-onprem
labels:
app: traefik-forward-auth
spec:
ports:
- name: auth-http
protocol: TCP
port: 4181
targetPort: 4181
selector:
app: traefik-forward-auth
type: ClusterIP
sessionAffinity: None
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: traefik-forward-auth
spec:
forwardAuth:
address: https://auth.onprem-test.stands.wilix.dev:4181
authResponseHeaders:
- X-Forwarded-User
View Git Blame Copy Permalink