ab/homelab
1
1
Fork 1
Code Issues Pull Requests 48 Actions Packages Wiki Activity

Added oauth2 proxy
Check with kubeconform / lint (push) Successful in 14s
Details
Update Kubernetes Services Wiki / Generate and Update K8s Wiki (push) Successful in 19s
Details
Auto-update README / Generate README and Create MR (push) Successful in 19s
Details

Browse Source
This commit is contained in:
Ultradesu
2026-05-04 18:21:44 +01:00
parent eb27dcf65b
commit 658ec19ff1
3 changed files with 16 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
k8s/apps/mtproxy/secret-reader-ingress.yaml
+13 -1
View File
@@ -1,5 +1,18 @@
--- ---
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: keycloak-auth
spec:
forwardAuth:
address: http://oauth2-proxy.oauth2-proxy.svc:80/oauth2/auth
trustForwardHeader: true
authResponseHeaders:
- X-Auth-Request-User
- X-Auth-Request-Email
- X-Auth-Request-Groups
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: secret-reader name: secret-reader
@@ -13,7 +26,6 @@ spec:
kind: Rule kind: Rule
middlewares: middlewares:
- name: keycloak-auth - name: keycloak-auth
namespace: kube-system
services: services:
- name: secret-reader - name: secret-reader
port: 80 port: 80
k8s/core/oauth2-proxy/kustomization.yaml
-1
View File
@@ -4,7 +4,6 @@ kind: Kustomization
resources: resources:
- app.yaml - app.yaml
- external-secrets.yaml - external-secrets.yaml
- middleware.yaml
helmCharts: helmCharts:
- name: oauth2-proxy - name: oauth2-proxy
k8s/core/oauth2-proxy/middleware.yaml
+3 -14
View File
@@ -1,14 +1,3 @@
--- # Middleware is deployed per-namespace alongside each IngressRoute
apiVersion: traefik.io/v1alpha1 # because Traefik does not allow cross-namespace middleware references.
kind: Middleware # See k8s/apps/mtproxy/secret-reader-ingress.yaml for example.
metadata:
name: keycloak-auth
namespace: kube-system
spec:
forwardAuth:
address: http://oauth2-proxy.oauth2-proxy.svc:80/oauth2/auth
trustForwardHeader: true
authResponseHeaders:
- X-Auth-Request-User
- X-Auth-Request-Email
- X-Auth-Request-Groups