1package kube
2
3configMap: authproxy: {
4 // To update run:
5 // kubectl apply -f configmap.yaml
6 // kubectl scale --replicas=0 deployment/proxy
7 // kubectl scale --replicas=1 deployment/proxy
8
9 apiVersion: "v1"
10 kind: "ConfigMap"
11 data: "authproxy.cfg": """
12 # Google Auth Proxy Config File
13 ## https://github.com/bitly/google_auth_proxy
14
15 ## <addr>:<port> to listen on for HTTP clients
16 http_address = \"0.0.0.0:4180\"
17
18 ## the OAuth Redirect URL.
19 redirect_url = \"https://auth.example.com/oauth2/callback\"
20
21 ## the http url(s) of the upstream endpoint. If multiple, routing is based on path
22 upstreams = [
23 # frontend
24 \"http://frontend-waiter:7080/dpr/\",
25 \"http://frontend-maitred:7080/ui/\",
26 \"http://frontend-maitred:7080/ui\",
27 \"http://frontend-maitred:7080/report/\",
28 \"http://frontend-maitred:7080/report\",
29 \"http://frontend-maitred:7080/static/\",
30 # kitchen
31 \"http://kitchen-chef:8080/visit\",
32 # infrastructure
33 \"http://download:7080/file/\",
34 \"http://download:7080/archive\",
35 \"http://tasks:7080/tasks\",
36 \"http://tasks:7080/tasks/\",
37 ]
38
39 ## pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream
40 pass_basic_auth = true
41 request_logging = true
42
43 ## Google Apps Domains to allow authentication for
44 google_apps_domains = [
45 \"mod.test\",
46 ]
47
48 email_domains = [
49 \"mod.test\",
50 ]
51
52 ## The Google OAuth Client ID, Secret
53 client_id = \"---\"
54 client_secret = \"---\"
55
56 ## Cookie Settings
57 ## Secret - the seed string for secure cookies
58 ## Domain - optional cookie domain to force cookies to (ie: .yourcompany.com)
59 ## Expire - expire timeframe for cookie
60 cookie_secret = \"won't tell you\"
61 cookie_domain = \".example.com\"
62 cookie_https_only = true
63 """
64}
View as plain text