kydah-modules/ak-gatekeeper/middleware.tf

resource "kubectl_manifest" "middleware" {
  yaml_body = <<-EOF
    apiVersion: traefik.io/v1alpha1
    kind: Middleware
    metadata:
        name: "${local.app_slug}-gatekeeper"
        namespace: "${var.namespace}"
        labels: ${jsonencode(local.ak_gatekeeper_labels)}
    spec:
      forwardAuth:
        address: http://ak-${var.domain}-proxy-outpost.${var.domain}-auth.svc:9000/outpost.goauthentik.io/auth/traefik
        trustForwardHeader: true
        authResponseHeaders: ${jsonencode(var.response_headers)}
  EOF
}