JankySolutions/infra
2
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages 12 Wiki Activity Actions
infra/k8s/monitoring/oauth2-proxy.yaml
Finn d5e276cc02 more dashboard stuff
2024-07-27 19:10:21 -07:00

87 lines
2 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: oauth2-proxy-prometheus
labels:
app: oauth2-proxy
instance: prometheus
spec:
selector:
matchLabels:
app: oauth2-proxy
instance: prometheus
template:
metadata:
labels:
app: oauth2-proxy
instance: prometheus
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "44180"
spec:
containers:
- name: oauth2-proxy
image: quay.io/oauth2-proxy/oauth2-proxy:latest
args:
- --http-address=0.0.0.0:4180
- --metrics-address=0.0.0.0:44180
- --real-client-ip-header=x-forwarded-for
envFrom:
- configMapRef:
name: oauth2-proxy
- secretRef:
name: oauth2-proxy-prometheus
env:
- name: OAUTH2_PROXY_CLIENT_ID
value: prometheus
resources:
limits:
memory: "128Mi"
cpu: "500m"
ports:
- containerPort: 4180
---
apiVersion: v1
kind: Service
metadata:
name: oauth2-proxy-prometheus
spec:
selector:
app: oauth2-proxy
instance: prometheus
ports:
- name: http
port: 4180
---
apiVersion: v1
kind: ConfigMap
metadata:
name: oauth2-proxy
data:
OAUTH2_PROXY_PROVIDER: keycloak-oidc
OAUTH2_PROXY_OIDC_ISSUER_URL: https://auth.janky.solutions/realms/janky.solutions
OAUTH2_PROXY_PROVIDER_DISPLAY_NAME: Janky Solutions
OAUTH2_PROXY_EMAIL_DOMAINS: "*"
OAUTH2_PROXY_CODE_CHALLENGE_METHOD: S256
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: oauth2-proxy-prometheus
spec:
forwardAuth:
address: http://oauth2-proxy-prometheus.monitoring.svc.cluster.local:4180/oauth2/auth
trustForwardHeader: true
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: oauth2-proxy-prometheus-errors
spec:
errors:
status:
- "401-403"
service:
name: oauth2-proxy-prometheus
port: 4180
query: "/oauth2/sign_in?rd={url}"
Reference in a new issue View git blame Copy permalink