wn/traefik-forward-auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

traefik v1.7 kubernetes doc fixes

Browse Source
This commit is contained in:
Thom Seddon 2020-04-28 17:15:53 +01:00
parent 9abf5645b7
commit 1ac0ca9732
9 changed files with 48 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/traefik-v1.7/kubernetes/advanced-separate-pod/kustomization.yaml
View File

@ -1,3 +1,3 @@
resources:
bases:
- traefik-forward-auth
- whoami

7
examples/traefik-v1.7/kubernetes/advanced-separate-pod/traefik-forward-auth/deployment.yaml
View File

@ -28,6 +28,9 @@ spec:
value: "/config"
- name: DOMAIN
value: "example.com"
# INSECURE_COOKIE is required unless using https entrypoint
- name: INSECURE_COOKIE
value: "true"
# Remove COOKIE_DOMAIN if not using auth host mode
- name: COOKIE_DOMAIN
value: "example.com"
@ -46,11 +49,11 @@ spec:
secretKeyRef:
name: secrets
key: google-client-secret
- name: COOKIE_SECRET
- name: SECRET
valueFrom:
secretKeyRef:
name: secrets
key: cookie-secret
key: secret
volumeMounts:
- name: configs
mountPath: /config

2
examples/traefik-v1.7/kubernetes/advanced-separate-pod/traefik-forward-auth/traefik-forward-auth.env
View File

@ -1,3 +1,3 @@
google-client-id=client-id
google-client-secret=client-secret
cookie-secret=something-random
secret=something-random

3
examples/traefik-v1.7/kubernetes/advanced-single-pod/kustomization.yaml Normal file
View File

@ -0,0 +1,3 @@
bases:
- traefik
- whoami

14
examples/traefik-v1.7/kubernetes/advanced-single-pod/traefik/deployment.yaml
View File

@ -29,11 +29,9 @@ spec:
ports:
- name: http
containerPort: 80
hostPort: 80
protocol: TCP
- name: https
containerPort: 443
hostPort: 443
protocol: TCP
- name: dash
containerPort: 8080
@ -52,10 +50,14 @@ spec:
env:
- name: CONFIG
value: "/config"
- name: COOKIE_DOMAIN
value: "example.com"
- name: DOMAIN
value: "example.com"
# INSECURE_COOKIE is required if not using a https entrypoint
# - name: INSECURE_COOKIE
# value: "true"
# Remove COOKIE_DOMAIN if not using auth host mode
- name: COOKIE_DOMAIN
value: "example.com"
- name: AUTH_HOST
value: "auth.example.com"
- name: LOG_LEVEL
@ -70,11 +72,11 @@ spec:
secretKeyRef:
name: secrets
key: google-client-secret
- name: COOKIE_SECRET
- name: SECRET
valueFrom:
secretKeyRef:
name: secrets
key: cookie-secret
key: secret
volumeMounts:
- name: configs
mountPath: /config

2
examples/traefik-v1.7/kubernetes/advanced-single-pod/traefik/kustomization.yaml
View File

@ -18,7 +18,7 @@ configMapGenerator:
- name: configs
files:
- configs/traefik.toml
- config/traefik-forward-auth.ini
- configs/traefik-forward-auth.ini
#
# Secrets

2
examples/traefik-v1.7/kubernetes/advanced-single-pod/traefik/secrets/traefik-forward-auth.env
View File

@ -1,3 +1,3 @@
google-client-id=client-id
google-client-secret=client-secret
cookie-secret=something-random
secret=something-random

22
examples/traefik-v1.7/kubernetes/advanced-single-pod/traefik/service.yaml
View File

@ -1,4 +1,26 @@
#
# Traefik Service
#
apiVersion: v1
kind: Service
metadata:
name: traefik
labels:
app: traefik
spec:
# Use NodePort if required
type: LoadBalancer
selector:
app: traefik
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443
---
#
# Auth Service
#
apiVersion: v1

9
examples/traefik-v1.7/kubernetes/simple-separate-pod/k8s-traefik-forward-auth.yml
View File

@ -29,6 +29,9 @@ spec:
env:
- name: DOMAIN
value: "example.com"
# INSECURE_COOKIE is required unless using https entrypoint
- name: INSECURE_COOKIE
value: "true"
- name: PROVIDERS_GOOGLE_CLIENT_ID
valueFrom:
secretKeyRef:
@ -39,11 +42,11 @@ spec:
secretKeyRef:
name: secrets
key: traefik-forward-auth-google-client-secret
- name: COOKIE_SECRET
- name: SECRET
valueFrom:
secretKeyRef:
name: secrets
key: traefik-forward-auth-cookie-secret
key: traefik-forward-auth-secret
---
#
@ -84,4 +87,4 @@ type: Opaque
data:
traefik-forward-auth-google-client-id: base64-client-id
traefik-forward-auth-google-client-secret: base64-client-secret
traefik-forward-auth-cookie-secret: base64-something-random
traefik-forward-auth-secret: base64-something-random