computer-playbook/roles/docker-oauth2-proxy/templates/oauth2-proxy-keycloak.cfg.j2

http_address            =   "0.0.0.0:4180"
cookie_secret           =   "{{applications.oauth2_proxy.cookie_secret}}"
email_domains           =   "{{primary_domain}}"
cookie_secure           =   "false"
upstreams               =   "http://{{oauth2_proxy_upstream_application_and_port}}"
cookie_domains          =   ["{{domain}}", "{{domains.keycloak}}"]                  # Required so cookie can be read on all subdomains.
whitelist_domains       =   [".{{primary_domain}}"]                                 # Required to allow redirection back to original requested target.

# keycloak provider
client_secret           =   "{{oidc.client.secret}}"
client_id               =   "{{oidc.client.id}}"
redirect_url            =   "https://{{domain}}/oauth2/callback"
oidc_issuer_url         =   "{{oidc.client.issuer_url}}"
provider                =   "oidc"
provider_display_name   =   "Keycloak"

# role restrictions
#cookie_roles            =   "realm_access.roles"
allowed_roles           =   "{{applications.oauth2_proxy.allowed_roles}}"
Implemented OAuth2-Proxy and other security measures for phpmyadmin 2025-01-26 20:57:34 +01:00			`http_address = "0.0.0.0:4180"`
Refactored application variables 2025-02-03 11:44:13 +01:00			`cookie_secret = "{{applications.oauth2_proxy.cookie_secret}}"`
Implemented OAuth2-Proxy and other security measures for phpmyadmin 2025-01-26 20:57:34 +01:00			`email_domains = "{{primary_domain}}"`
			`cookie_secure = "false"`
			`upstreams = "http://{{oauth2_proxy_upstream_application_and_port}}"`
solved locale network bugs of ldap 2025-02-06 16:27:00 +01:00			`cookie_domains = ["{{domain}}", "{{domains.keycloak}}"] # Required so cookie can be read on all subdomains.`
Implemented OAuth2-Proxy and other security measures for phpmyadmin 2025-01-26 20:57:34 +01:00			`whitelist_domains = [".{{primary_domain}}"] # Required to allow redirection back to original requested target.`
implemented functioning oauth2-proxy 2025-01-26 15:15:23 +01:00
			`# keycloak provider`
Implemented OIDC for mailu 2025-02-06 15:02:18 +01:00			`client_secret = "{{oidc.client.secret}}"`
			`client_id = "{{oidc.client.id}}"`
Implemented OAuth2-Proxy and other security measures for phpmyadmin 2025-01-26 20:57:34 +01:00			`redirect_url = "https://{{domain}}/oauth2/callback"`
solved locale network bugs of ldap 2025-02-06 16:27:00 +01:00			`oidc_issuer_url = "{{oidc.client.issuer_url}}"`
Implemented OAuth2-Proxy and other security measures for phpmyadmin 2025-01-26 20:57:34 +01:00			`provider = "oidc"`
			`provider_display_name = "Keycloak"`

			`# role restrictions`
Implemented OAuth2-Proxy for LDAP 2025-01-26 22:16:58 +01:00			`#cookie_roles = "realm_access.roles"`
Refactored application variables 2025-02-03 11:44:13 +01:00			`allowed_roles = "{{applications.oauth2_proxy.allowed_roles}}"`