26 lines
808 B
HCL
26 lines
808 B
HCL
resource "kubectl_manifest" "middleware" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: Middleware
|
|
metadata:
|
|
name: "${local.app_slug}-gatekeeper"
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.ak_gatekeeper_labels)}
|
|
spec:
|
|
forwardAuth:
|
|
address: http://authentik.${var.domain}-auth.svc:9000/outpost.goauthentik.io/auth/traefik
|
|
trustForwardHeader: true
|
|
authResponseHeaders:
|
|
- X-authentik-username
|
|
- X-authentik-email
|
|
- X-authentik-groups
|
|
- X-authentik-name
|
|
- X-authentik-uid
|
|
- X-authentik-jwt
|
|
- X-authentik-meta-jwks
|
|
- X-authentik-meta-outpost
|
|
- X-authentik-meta-provider
|
|
- X-authentik-meta-app
|
|
- X-authentik-meta-version
|
|
EOF
|
|
} |