homelab/k8s/apps/syncthing/traefik-simple.yaml

---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: syncthing-ingressroute
  namespace: syncthing
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`ss.hexor.cy`)
      kind: Rule
      services:
        - name: syncthing-router
          port: 80
      middlewares:
        - name: authentik-forward-auth
          namespace: syncthing
  tls:
    secretName: syncthing-tls
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  name: authentik-forward-auth
  namespace: syncthing
spec:
  forwardAuth:
    address: http://authentik-server.authentik.svc.cluster.local/outpost.goauthentik.io/auth/traefik
    trustForwardHeader: true
    authResponseHeaders:
      - X-authentik-username
      - X-authentik-groups
      - X-authentik-email
      - X-authentik-name
      - X-authentik-uid
Fix: Changed syncthing access and auth scheme 2025-10-12 13:29:10 +03:00			`---`
			`apiVersion: traefik.io/v1alpha1`
			`kind: IngressRoute`
			`metadata:`
			`name: syncthing-ingressroute`
			`namespace: syncthing`
			`spec:`
			`entryPoints:`
			`- websecure`
			`routes:`
			- match: Host(`ss.hexor.cy`)
			`kind: Rule`
			`services:`
			`- name: syncthing-router`
			`port: 80`
			`middlewares:`
			`- name: authentik-forward-auth`
			`namespace: syncthing`
			`tls:`
			`secretName: syncthing-tls`
			`---`
			`apiVersion: traefik.io/v1alpha1`
			`kind: Middleware`
			`metadata:`
			`name: authentik-forward-auth`
			`namespace: syncthing`
			`spec:`
			`forwardAuth:`
			`address: http://authentik-server.authentik.svc.cluster.local/outpost.goauthentik.io/auth/traefik`
			`trustForwardHeader: true`
			`authResponseHeaders:`
			`- X-authentik-username`
			`- X-authentik-groups`
			`- X-authentik-email`
			`- X-authentik-name`
			`- X-authentik-uid`