| giolekva | 01b3d3b | 2021-11-09 17:48:28 +0400 | [diff] [blame] | 1 | apiVersion: v1 |
| 2 | kind: ConfigMap |
| 3 | metadata: |
| 4 | name: {{ .Values.oauth2.configName }} |
| 5 | namespace: {{ .Release.Namespace }} |
| 6 | data: |
| 7 | oauth2-proxy.cfg: | |
| 8 | http_address = "0.0.0.0:8080" |
| 9 | |
| 10 | reverse_proxy = true |
| 11 | |
| 12 | ## the OAuth Redirect URL. |
| 13 | # defaults to the "https://" + requested host header + "/oauth2/callback" |
| 14 | # redirect_url = "http://pihole.pcloud/oauth2/callback" |
| 15 | |
| 16 | upstreams = [ |
| 17 | "http://pihole-web.{{ .Release.Namespace}}.svc" |
| 18 | ] |
| 19 | |
| 20 | email_domains = [ |
| 21 | "*" |
| 22 | ] |
| 23 | |
| 24 | standard_logging = false |
| 25 | request_logging = false |
| 26 | auth_logging = false |
| 27 | |
| 28 | pass_basic_auth = true |
| 29 | pass_user_headers = true |
| 30 | pass_host_header = true |
| 31 | |
| 32 | ## The OAuth Client ID, Secret |
| 33 | client_id = "{{ .Values.oauth2.clientId }}" |
| giolekva | 99c6cdd | 2021-11-10 15:12:48 +0400 | [diff] [blame] | 34 | client_secret = "{{ .Values.oauth2.clientSecret }}" |
| giolekva | 01b3d3b | 2021-11-09 17:48:28 +0400 | [diff] [blame] | 35 | |
| 36 | ## Pass OAuth Access token to upstream via "X-Forwarded-Access-Token" |
| 37 | pass_access_token = false |
| 38 | |
| 39 | cookie_name = "_oauth2_proxy_pihole" |
| giolekva | 99c6cdd | 2021-11-10 15:12:48 +0400 | [diff] [blame] | 40 | cookie_secret = "{{ .Values.oauth2.cookieSecret }}" |
| giolekva | 3085046 | 2021-12-01 16:23:50 +0400 | [diff] [blame] | 41 | cookie_domains = "{{ .Values.domain }}" |
| giolekva | 01b3d3b | 2021-11-09 17:48:28 +0400 | [diff] [blame] | 42 | cookie_expire = "168h" |
| 43 | cookie_refresh = "100h" |
| 44 | cookie_secure = true |
| 45 | cookie_httponly = true |
| 46 | |
| 47 | provider = "oidc" |
| 48 | oidc_issuer_url = "{{ .Values.hydraPublic }}" |
| 49 | provider_display_name = "PCloud" |
| 50 | profile_url = "{{ .Values.profileUrl }}" |