wn/traefik-forward-auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add auth host example + update examples

Browse Source
This commit is contained in:
Thom Seddon 2018-11-06 14:44:12 +00:00
parent dcf4f6574d
commit 4c1874b786
4 changed files with 47 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -78,7 +78,7 @@ As the hostname in the `redirect_uri` is dynamically generated based on the orig
#### Auth Host #### Auth Host
This is an optional mode of operation that is useful when dealing with a large number of subdomains, it is activated by using the `-auth-host` config option. This is an optional mode of operation that is useful when dealing with a large number of subdomains, it is activated by using the `-auth-host` config option (see [this example docker-compose.yml](https://github.com/thomseddon/traefik-forward-auth/blob/master/example/docker-compose-auth-host.yml)).
For example, if you have a few applications: `app1.test.com`, `app2.test.com`, `appN.test.com`, adding every domain to Google's console can become laborious. For example, if you have a few applications: `app1.test.com`, `app2.test.com`, `appN.test.com`, adding every domain to Google's console can become laborious.
To utilise an auth host, permit domain level cookies by setting the cookie domain to `test.com` then set the `auth-host` to: `auth.test.com`. To utilise an auth host, permit domain level cookies by setting the cookie domain to `test.com` then set the `auth-host` to: `auth.test.com`.

44
example/docker-compose-auth-host.yml Normal file
View File

@ -0,0 +1,44 @@
version: '3'
services:
traefik:
image: traefik
command: -c /traefik.toml --logLevel=DEBUG
ports:
- "8085:80"
- "8086:8080"
networks:
- traefik
volumes:
- ./traefik.toml:/traefik.toml
- /var/run/docker.sock:/var/run/docker.sock
whoami1:
image: emilevauge/whoami
networks:
- traefik
labels:
- "traefik.backend=whoami"
- "traefik.enable=true"
- "traefik.frontend.rule=Host:whoami.yourdomain.com"
traefik-forward-auth:
image: thomseddon/traefik-forward-auth
environment:
- CLIENT_ID=your-client-id
- CLIENT_SECRET=your-client-secret
- SECRET=something-random
- COOKIE_SECURE=false
- DOMAIN=yourcompany.com
- AUTH_HOST=auth.yourdomain.com
networks:
- traefik
# When using an auth host, adding it here prompts traefik to generate certs
labels:
- traefik.enable=true
- traefik.port=4181
- traefik.backend=traefik-forward-auth
- traefik.frontend.rule=Host:auth.yourdomain.com
networks:
traefik:

2
example/docker-compose-dev.yml
View File

@ -32,7 +32,7 @@ services:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.frontend.rule=Host:whoami.localhost.org" - "traefik.frontend.rule=Host:whoami.localhost.org"
forward-oauth: traefik-forward-auth:
build: ../ build: ../
environment: environment:
- CLIENT_ID=test - CLIENT_ID=test

2
example/docker-compose.yml
View File

@ -22,7 +22,7 @@ services:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.frontend.rule=Host:whoami.localhost.com" - "traefik.frontend.rule=Host:whoami.localhost.com"
forward-oauth: traefik-forward-auth:
image: thomseddon/traefik-forward-auth image: thomseddon/traefik-forward-auth
environment: environment:
- CLIENT_ID=your-client-id - CLIENT_ID=your-client-id