reverted back to forward auth
This commit is contained in:
+14
-17
@@ -137,15 +137,6 @@ spec:
|
|||||||
targetPort: 8443
|
targetPort: 8443
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
---
|
---
|
||||||
apiVersion: v1
|
|
||||||
kind: Service
|
|
||||||
metadata:
|
|
||||||
name: ak-outpost-crafty-ptr
|
|
||||||
namespace: crafty-system
|
|
||||||
spec:
|
|
||||||
type: ExternalName
|
|
||||||
externalName: ak-outpost-crafty-outpost.auth-system.svc.cluster.local
|
|
||||||
---
|
|
||||||
#added comment for update
|
#added comment for update
|
||||||
apiVersion: networking.k8s.io/v1
|
apiVersion: networking.k8s.io/v1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
@@ -156,11 +147,17 @@ metadata:
|
|||||||
app.kubernetes.io/name: craftycontroller
|
app.kubernetes.io/name: craftycontroller
|
||||||
app.kubernetes.io/instance: crafty
|
app.kubernetes.io/instance: crafty
|
||||||
annotations:
|
annotations:
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-prod
|
cert-manager.io/cluster-issuer: letsencrypt-prod # Or your specific issuer
|
||||||
|
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
||||||
external-dns.alpha.kubernetes.io/hostname: crafty.dooplex.hu,crafty.home
|
external-dns.alpha.kubernetes.io/hostname: crafty.dooplex.hu,crafty.home
|
||||||
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
|
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
|
||||||
nginx.ingress.kubernetes.io/proxy-ssl-verify: "off"
|
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
|
||||||
nginx.ingress.kubernetes.io/ssl-redirect: 'true'
|
# Authentik proxy authentication
|
||||||
|
nginx.ingress.kubernetes.io/auth-url: "http://ak-outpost-crafty-outpost.auth-system.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx"
|
||||||
|
nginx.ingress.kubernetes.io/auth-signin: "https://crafty.dooplex.hu/outpost.goauthentik.io/start?rd=$escaped_request_uri"
|
||||||
|
nginx.ingress.kubernetes.io/auth-response-headers: "Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid"
|
||||||
|
nginx.ingress.kubernetes.io/auth-snippet: |
|
||||||
|
proxy_set_header X-Forwarded-Host $http_host;
|
||||||
spec:
|
spec:
|
||||||
ingressClassName: nginx-internal
|
ingressClassName: nginx-internal
|
||||||
tls:
|
tls:
|
||||||
@@ -175,9 +172,9 @@ spec:
|
|||||||
pathType: Prefix
|
pathType: Prefix
|
||||||
backend:
|
backend:
|
||||||
service:
|
service:
|
||||||
name: ak-outpost-crafty-ptr
|
name: craftycontroller-https
|
||||||
port:
|
port:
|
||||||
number: 9000
|
number: 8443
|
||||||
- host: crafty.home
|
- host: crafty.home
|
||||||
http:
|
http:
|
||||||
paths:
|
paths:
|
||||||
@@ -185,9 +182,9 @@ spec:
|
|||||||
pathType: Prefix
|
pathType: Prefix
|
||||||
backend:
|
backend:
|
||||||
service:
|
service:
|
||||||
name: ak-outpost-crafty-ptr
|
name: craftycontroller-https
|
||||||
port:
|
port:
|
||||||
number: 9000
|
number: 8443
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: StatefulSet
|
kind: StatefulSet
|
||||||
|
|||||||
Reference in New Issue
Block a user