mirror of
https://github.com/samply/bridgehead.git
synced 2025-07-10 21:40:21 +02:00
Test
This commit is contained in:
@ -77,6 +77,9 @@ services:
|
||||
- OAUTH2_PROXY_COOKIE_SECRET=${IDMANAGER_AUTH_COOKIE_SECRET}
|
||||
- OAUTH2_PROXY_COOKIE_NAME=_BRIDGEHEAD_oauth2_idm
|
||||
- OAUTH2_PROXY_COOKIE_DOMAINS=.${HOST}
|
||||
- OAUTH2_PROXY_COOKIE_EXPIRE=12h
|
||||
- OAUTH2_PROXY_COOKIE_SECURE=true
|
||||
- OAUTH2_PROXY_COOKIE_HTTPONLY=true
|
||||
- OAUTH2_PROXY_HTTP_ADDRESS=:4180
|
||||
- OAUTH2_PROXY_REVERSE_PROXY=true
|
||||
- OAUTH2_PROXY_WHITELIST_DOMAINS=.${HOST}
|
||||
@ -89,7 +92,15 @@ services:
|
||||
# Keycloak has an expiration time of 60s therefore oauth2-proxy needs to refresh after that
|
||||
- OAUTH2_PROXY_COOKIE_REFRESH=60s
|
||||
- OAUTH2_PROXY_ALLOWED_GROUPS=app-dktk-ccp-ppsn
|
||||
- OAUTH2_PROXY_OIDC_GROUPS_CLAIM=${OIDC_GROUP_CLAIM}
|
||||
- OAUTH2_PROXY_PROXY_PREFIX=/oauth2-idm
|
||||
- OAUTH2_PROXY_AUTH_LOGGING=true
|
||||
- OAUTH2_PROXY_CHALLENGE_METHOD=S256
|
||||
- OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true
|
||||
- OAUTH2_PROXY_PASS_BASIC_AUTH=true
|
||||
- OAUTH2_PROXY_USER_HEADERS=false
|
||||
- OAUTH2_PASS_ACCESS_TOKEN=false
|
||||
- OAUTH2_PROVIDER_DISPLAY_NAME="VerbIS Login"
|
||||
labels:
|
||||
- "traefik.enable=true"
|
||||
- "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4180"
|
||||
|
Reference in New Issue
Block a user