Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 01b3d3bc65d3a381eda181cdbb3ebed9cfdb7399 / . / charts / pihole / templates / oauth2-proxy-config.yaml
blob: 1365162c00b1d333581e62d1a43b72944c829531 [file] [log] [blame]
giolekva01b3d3b2021-11-09 17:48:28 +0400[diff] [blame^]1{{- $secret := include "clientSecret" . -}}
2---
3apiVersion: v1
4kind: Secret
5type: Opaque
6metadata:
7 name: {{ .Values.oauth2.secretName }}
8 namespace: {{ .Release.Namespace }}
9data:
10 client_id: {{ .Values.oauth2.clientId | b64enc }}
11 client_secret: {{ $secret | b64enc }}
12---
13apiVersion: v1
14kind: ConfigMap
15metadata:
16 name: {{ .Values.oauth2.configName }}
17 namespace: {{ .Release.Namespace }}
18data:
19 oauth2-proxy.cfg: |
20 http_address = "0.0.0.0:8080"
21
22 reverse_proxy = true
23
24 ## the OAuth Redirect URL.
25 # defaults to the "https://" + requested host header + "/oauth2/callback"
26 # redirect_url = "http://pihole.pcloud/oauth2/callback"
27
28 upstreams = [
29 "http://pihole-web.{{ .Release.Namespace}}.svc"
30 ]
31
32 email_domains = [
33 "*"
34 ]
35
36 standard_logging = false
37 request_logging = false
38 auth_logging = false
39
40 pass_basic_auth = true
41 pass_user_headers = true
42 pass_host_header = true
43
44 ## The OAuth Client ID, Secret
45 client_id = "{{ .Values.oauth2.clientId }}"
46 client_secret = "{{ $secret }}"
47
48 ## Pass OAuth Access token to upstream via "X-Forwarded-Access-Token"
49 pass_access_token = false
50
51 cookie_name = "_oauth2_proxy_pihole"
52 cookie_secret = "123456789012345678901234567890--"
53 cookie_domains = "pihole.{{ .Values.domain }}"
54 cookie_expire = "168h"
55 cookie_refresh = "100h"
56 cookie_secure = true
57 cookie_httponly = true
58
59 provider = "oidc"
60 oidc_issuer_url = "{{ .Values.hydraPublic }}"
61 provider_display_name = "PCloud"
62 profile_url = "{{ .Values.profileUrl }}"