This commit is contained in:
Simen Røstvik 2022-12-06 00:39:35 +01:00
parent 9ee76633bf
commit ad436ff171
2 changed files with 41 additions and 0 deletions

View File

@ -0,0 +1,40 @@
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
namespace: traefik
name: longhorn-authentik-forward
spec:
forwardAuth:
address: http://longhorn.roxedus.com/outpost.goauthentik.io/auth/traefik
trustForwardHeader: true
authResponseHeaders:
- X-authentik-username
- X-authentik-groups
- X-authentik-email
- X-authentik-name
- X-authentik-uid
- X-authentik-jwt
- X-authentik-meta-jwks
- X-authentik-meta-outpost
- X-authentik-meta-provider
- X-authentik-meta-app
- X-authentik-meta-version
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: authentik-foorward-wildcard
spec:
rules:
- host: "*.roxedus.com"
http:
paths:
- pathType: Prefix
path: "/outpost.goauthentik.io/"
backend:
service:
name: ak-outpost-localcluster
port:
number: 9000

View File

@ -38,6 +38,7 @@ spec:
annotations:
cert-manager.io/acme-challenge-type: dns01
cert-manager.io/cluster-issuer: roxedus.com-cloudflare
traefik.ingress.kubernetes.io/router.middlewares: authentik-forward@kubernetes
host: longhorn.roxedus.com
tls: true
tlsSecret: longhorn-roxedus-com-cert