providers/proxy: include auth headers

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-12-20 21:37:22 +01:00
parent 621773c1ea
commit 577b7ee515
4 changed files with 4 additions and 4 deletions

View file

@ -116,7 +116,7 @@ class TraefikMiddlewareReconciler(KubernetesObjectReconciler[TraefikMiddleware])
forwardAuth=TraefikMiddlewareSpecForwardAuth(
address=f"http://{self.name}.{self.namespace}:9000/akprox/auth/traefik",
authResponseHeaders=[],
authResponseHeadersRegex="^(Remote|X).*$",
authResponseHeadersRegex="^(Auth|Remote|X).*$",
trustForwardHeader=True,
)
),

View file

@ -34,7 +34,7 @@ services:
# `authentik-proxy` refers to the service name in the compose file.
traefik.http.middlewares.authentik.forwardauth.address: http://authentik-proxy:9000/akprox/auth/traefik
traefik.http.middlewares.authentik.forwardauth.trustForwardHeader: true
traefik.http.middlewares.authentik.forwardauth.authResponseHeadersRegex: ^(Remote|X).*$$
traefik.http.middlewares.authentik.forwardauth.authResponseHeadersRegex: ^(Auth|Remote|X).*$$
restart: unless-stopped
whoami:

View file

@ -9,7 +9,7 @@ spec:
forwardAuth:
address: http://outpost.company:9000/akprox/auth/traefik
trustForwardHeader: true
authResponseHeadersRegex: ^(Remote|X).*$
authResponseHeadersRegex: ^(Auth|Remote|X).*$
```
Add the following settings to your IngressRoute

View file

@ -5,7 +5,7 @@ http:
forwardAuth:
address: http://outpost.company:9000/akprox/auth/traefik
trustForwardHeader: true
authResponseHeadersRegex: ^(Remote|X).*$
authResponseHeadersRegex: ^(Auth|Remote|X).*$
routers:
default-router:
rule: "Host(`app.company`)"