2026-05-04 18:06:37 +01:00
|
|
|
---
|
|
|
|
|
apiVersion: traefik.io/v1alpha1
|
2026-05-04 18:21:44 +01:00
|
|
|
kind: Middleware
|
|
|
|
|
metadata:
|
2026-05-05 14:56:56 +01:00
|
|
|
name: auth-proxy
|
2026-05-04 18:21:44 +01:00
|
|
|
spec:
|
|
|
|
|
forwardAuth:
|
2026-05-05 14:56:56 +01:00
|
|
|
address: http://auth-proxy.auth-proxy.svc:80/auth
|
2026-05-04 18:21:44 +01:00
|
|
|
trustForwardHeader: true
|
|
|
|
|
authResponseHeaders:
|
|
|
|
|
- X-Auth-Request-User
|
|
|
|
|
- X-Auth-Request-Email
|
|
|
|
|
- X-Auth-Request-Groups
|
|
|
|
|
---
|
|
|
|
|
apiVersion: traefik.io/v1alpha1
|
2026-05-04 18:06:37 +01:00
|
|
|
kind: IngressRoute
|
|
|
|
|
metadata:
|
|
|
|
|
name: secret-reader
|
|
|
|
|
annotations:
|
|
|
|
|
cert-manager.io/cluster-issuer: letsencrypt
|
|
|
|
|
spec:
|
|
|
|
|
entryPoints:
|
|
|
|
|
- websecure
|
|
|
|
|
routes:
|
|
|
|
|
- match: Host(`secret-reader.hexor.cy`)
|
|
|
|
|
kind: Rule
|
|
|
|
|
middlewares:
|
2026-05-05 14:56:56 +01:00
|
|
|
- name: auth-proxy
|
2026-05-04 18:06:37 +01:00
|
|
|
services:
|
|
|
|
|
- name: secret-reader
|
|
|
|
|
port: 80
|
|
|
|
|
tls:
|
|
|
|
|
secretName: secret-reader-tls
|
|
|
|
|
---
|
|
|
|
|
apiVersion: cert-manager.io/v1
|
|
|
|
|
kind: Certificate
|
|
|
|
|
metadata:
|
|
|
|
|
name: secret-reader-tls
|
|
|
|
|
spec:
|
|
|
|
|
secretName: secret-reader-tls
|
|
|
|
|
issuerRef:
|
|
|
|
|
name: letsencrypt
|
|
|
|
|
kind: ClusterIssuer
|
|
|
|
|
dnsNames:
|
|
|
|
|
- secret-reader.hexor.cy
|
