Add auth2proxy for home stuff
Signed-off-by: Martyn Ranyard <m@rtyn.berlin>
This commit is contained in:
parent
fb78e2b1e8
commit
6f25f94695
1 changed files with 44 additions and 0 deletions
44
everything-app/oauth2proxy.yaml
Normal file
44
everything-app/oauth2proxy.yaml
Normal file
|
|
@ -0,0 +1,44 @@
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: oauth2proxy
|
||||||
|
namespace: argocd
|
||||||
|
spec:
|
||||||
|
destination:
|
||||||
|
namespace: auth
|
||||||
|
server: https://kubernetes.default.svc
|
||||||
|
project: default
|
||||||
|
source:
|
||||||
|
chart: oauth2-proxy
|
||||||
|
helm:
|
||||||
|
parameters:
|
||||||
|
- name: config.clientID
|
||||||
|
value: f7f67ba843f06f244857b01d96cbe7bc
|
||||||
|
- name: config.clientSecret
|
||||||
|
value: 2774dc53beb0570e5ea7bc342d2a8f4e47d2d16986ad542d4ce776505043238f
|
||||||
|
- name: config.cookieSecret
|
||||||
|
value: iRNHJrMvm3Lv3UUe3j0ZBWTic3y5XuZQ-mdLVAdmNV4=
|
||||||
|
values: |-
|
||||||
|
ingress:
|
||||||
|
enabled: true
|
||||||
|
className: nginx
|
||||||
|
path: /oauth2
|
||||||
|
pathType: Prefix
|
||||||
|
hosts:
|
||||||
|
- homeauth.martyn.berlin
|
||||||
|
tls:
|
||||||
|
- hosts:
|
||||||
|
- homeauth.martyn.berlin
|
||||||
|
extraArgs:
|
||||||
|
- --provider=oidc
|
||||||
|
- --oidc-issuer-url=https://auth.martyn.berlin/dex
|
||||||
|
- "--scope=openid profile email"
|
||||||
|
- "--email-domain=*"
|
||||||
|
- "--upstream=static://200"
|
||||||
|
- "--http-address=0.0.0.0:4180"
|
||||||
|
repoURL: https://oauth2-proxy.github.io/manifests
|
||||||
|
targetRevision: 7.12.18
|
||||||
|
syncPolicy:
|
||||||
|
automated:
|
||||||
|
prune: true
|
||||||
|
selfHeal: true
|
||||||
Loading…
Add table
Reference in a new issue