auth-proxy: proxies only authenticated requests to upstream, redirects to login page otherwise (#103) * auth-proxy: inspects authenticated user * ingress: chart and use in rpuppy * auth-proxy: make it optional in rpuppy * kratos: whitelist env pub/priv domains for auth return_to addr * url-shortener: put behind auth-proxy * pihole: replace oauth2-client with auth-proxy * auth-proxy: fix upstream uri generation * pihole: remove old chart using oauth2 * auth-proxy: remove temporary values file * url-shortener: check x-user header for authentication * auth: fix allowed_return_urls list * auth-proxy: fix current address generation logic --------- Co-authored-by: Giorgi Lekveishvili <lekva@gl-mbp-m1-max.local>

commit: 0ba5e4081640155aa4a356fa279c6d6bb9e55d90 [log] [tgz]
author: Giorgi Lekveishvili <giolekva@gmail.com> Wed Mar 20 15:56:30 2024 +0400
committer: GitHub <noreply@github.com> Wed Mar 20 15:56:30 2024 +0400
tree: 64cf73da6abcdf295404a76f7172151cd1a11c1b
parent: d7744a6874c4eceeabf5011a18e68430725eed4d [diff]
diff --git a/charts/pihole/templates/tests/test-pihole-endpoint.yml b/charts/pihole/templates/tests/test-pihole-endpoint.yml
new file mode 100644
index 0000000..dd50c04
--- /dev/null
+++ b/charts/pihole/templates/tests/test-pihole-endpoint.yml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: "{{ .Release.Name }}-smoke-test"
+  annotations:
+    "helm.sh/hook": test
+spec:
+  containers:
+  - name: hook1-container
+    image: curlimages/curl
+    imagePullPolicy: IfNotPresent
+    command: ['sh', '-c', 'curl http://{{ template "pihole.fullname" . }}-web:80/']
+  restartPolicy: Never
+  terminationGracePeriodSeconds: 0
commit	0ba5e4081640155aa4a356fa279c6d6bb9e55d90	[log] [tgz]
author	Giorgi Lekveishvili <giolekva@gmail.com>	Wed Mar 20 15:56:30 2024 +0400
committer	GitHub <noreply@github.com>	Wed Mar 20 15:56:30 2024 +0400
tree	64cf73da6abcdf295404a76f7172151cd1a11c1b
parent	d7744a6874c4eceeabf5011a18e68430725eed4d [diff]