kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 23:08:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

implemented functioning oauth2-proxy

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-01-26 15:15:23 +01:00
parent 7b9959af21
commit c35eb10343
7 changed files with 66 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
templates/docker/services/oauth2-proxy.yml.j2
View File

@@ -1,15 +0,0 @@
oauth2-proxy:
image: quay.io/oauth2-proxy/oauth2-proxy:{{oauth2_version}}
restart: {{docker_restart_policy}}
environment:
OAUTH2_PROXY_PROVIDER: "keycloak" # The OAuth2 provider, in this case, Keycloak. Change based on your provider (e.g., Google, GitHub).
OAUTH2_PROXY_OIDC_ISSUER_URL: "https://auth.veen.world/auth/realms/veen.world"
OAUTH2_PROXY_CLIENT_ID: "{{domain}}" # The client ID configured in Keycloak for the application.
OAUTH2_PROXY_CLIENT_SECRET: "{{oauth2_proxy_client_secret}}" # The client secret configured in Keycloak for the application.
OAUTH2_PROXY_COOKIE_SECRET: "{{oauth2_proxy_cookie_secret}}" # A random 32-character string used to sign cookies for session management. Generate with `openssl rand -base64 32`.
#OAUTH2_PROXY_EMAIL_DOMAINS: "{{primary_domain}}" # The allowed email domain(s) for authentication. Example: "example.com".
OAUTH2_PROXY_REDIRECT_URL: "{{oauth2_proxy_redirect_url}}" # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak.
OAUTH2_PROXY_UPSTREAMS: "http://127.0.0.1:{{http_port}}" # The internal upstream service (your application) that OAuth2-Proxy protects.
ports:
- "127.0.0.1:{{oauth2_proxy_port}}:4180"
{% include 'templates/docker/container/networks.yml.j2' %}