update traefik config
This commit is contained in:
43
boilerplates/traefik/dynamic/authentik.yml
Normal file
43
boilerplates/traefik/dynamic/authentik.yml
Normal file
@@ -0,0 +1,43 @@
|
||||
http:
|
||||
routers:
|
||||
authentik:
|
||||
rule: "Host(`authentik.local.mk-labs.cloud`)"
|
||||
entryPoints:
|
||||
- websecure
|
||||
service: authentik
|
||||
tls:
|
||||
certResolver: cloudflare
|
||||
middlewares:
|
||||
- security-headers
|
||||
|
||||
services:
|
||||
authentik:
|
||||
loadBalancer:
|
||||
servers:
|
||||
- url: "http://10.1.71.40:8000"
|
||||
|
||||
## Authentik Forward Auth Middleware
|
||||
## Add 'authentik' to a router's middlewares list to protect it with SSO
|
||||
## Example:
|
||||
## my-service:
|
||||
## rule: "Host(`my-service.local.mk-labs.cloud`)"
|
||||
## middlewares:
|
||||
## - security-headers
|
||||
## - authentik-forwardauth
|
||||
middlewares:
|
||||
authentik-forwardauth:
|
||||
forwardAuth:
|
||||
address: "http://10.1.71.40:8000/outpost.goauthentik.io/auth/nginx"
|
||||
trustForwardHeader: true
|
||||
authResponseHeaders:
|
||||
- X-authentik-username
|
||||
- X-authentik-groups
|
||||
- X-authentik-email
|
||||
- X-authentik-name
|
||||
- X-authentik-uid
|
||||
- X-authentik-jwt
|
||||
- X-authentik-meta-jwks
|
||||
- X-authentik-meta-outpost
|
||||
- X-authentik-meta-provider
|
||||
- X-authentik-meta-app
|
||||
- X-authentik-meta-version
|
||||
Reference in New Issue
Block a user