auth-proxy: proxies only authenticated requests to upstream, redirects to login page otherwise (#103) * auth-proxy: inspects authenticated user * ingress: chart and use in rpuppy * auth-proxy: make it optional in rpuppy * kratos: whitelist env pub/priv domains for auth return_to addr * url-shortener: put behind auth-proxy * pihole: replace oauth2-client with auth-proxy * auth-proxy: fix upstream uri generation * pihole: remove old chart using oauth2 * auth-proxy: remove temporary values file * url-shortener: check x-user header for authentication * auth: fix allowed_return_urls list * auth-proxy: fix current address generation logic --------- Co-authored-by: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>

commit: 0ba5e4081640155aa4a356fa279c6d6bb9e55d90 [log] [tgz]
author: Giorgi Lekveishvili <giolekva@gmail.com> Wed Mar 20 15:56:30 2024 +0400
committer: GitHub <noreply@github.com> Wed Mar 20 15:56:30 2024 +0400
tree: 64cf73da6abcdf295404a76f7172151cd1a11c1b
parent: d7744a6874c4eceeabf5011a18e68430725eed4d [diff] [blame]
diff --git a/charts/ingress/.helmignore b/charts/ingress/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/charts/ingress/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
commit	0ba5e4081640155aa4a356fa279c6d6bb9e55d90	[log] [tgz]
author	Giorgi Lekveishvili <giolekva@gmail.com>	Wed Mar 20 15:56:30 2024 +0400
committer	GitHub <noreply@github.com>	Wed Mar 20 15:56:30 2024 +0400
tree	64cf73da6abcdf295404a76f7172151cd1a11c1b
parent	d7744a6874c4eceeabf5011a18e68430725eed4d [diff] [blame]