diff --git a/manifests/sillytavern/ingress.yaml b/manifests/sillytavern/ingress.yaml index 802dea1..0b70c62 100644 --- a/manifests/sillytavern/ingress.yaml +++ b/manifests/sillytavern/ingress.yaml @@ -11,7 +11,6 @@ metadata: cert-manager.io/cluster-issuer: letsencrypt-production traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" - traefik.ingress.kubernetes.io/router.middlewares: sillytavern-oauth2-proxy@kubernetescrd spec: ingressClassName: traefik tls: diff --git a/manifests/sillytavern/middleware.yaml b/manifests/sillytavern/middleware.yaml deleted file mode 100644 index b7a4f93..0000000 --- a/manifests/sillytavern/middleware.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: traefik.io/v1alpha1 -kind: Middleware -metadata: - name: oauth2-proxy - namespace: sillytavern -spec: - forwardAuth: - address: http://oauth2-proxy.sillytavern.svc.cluster.local:4180/oauth2/auth - authResponseHeaders: - - X-Auth-Request-User - - X-Auth-Request-Email diff --git a/manifests/sillytavern/oauth2-proxy.yaml b/manifests/sillytavern/oauth2-proxy.yaml deleted file mode 100644 index dd2244d..0000000 --- a/manifests/sillytavern/oauth2-proxy.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: oauth2-proxy - namespace: sillytavern -spec: - replicas: 1 - selector: - matchLabels: - app: oauth2-proxy - template: - metadata: - labels: - app: oauth2-proxy - spec: - containers: - - name: oauth2-proxy - image: quay.io/oauth2-proxy/oauth2-proxy:v7.15.2-amd64 - args: - - --provider=oidc - - --oidc-issuer-url=https://auth.t0rt1k.tech/ - - --redirect-url=https://sillytavern.mrt0rtikize.ru/oauth2/callback - - --upstream=http://sillytavern:8000 - - --http-address=0.0.0.0:4180 - - --email-domain=* - - --scope=openid email - - --pass-authorization-header=true - - --set-authorization-header=true - - --cookie-domain=.mrt0rtikize.ru - - --cookie-secure=true - - --cookie-samesite=lax - - --reverse-proxy=true - env: - - name: OAUTH2_PROXY_CLIENT_ID - valueFrom: - secretKeyRef: - name: oauth2-proxy-secret - key: client-id - - name: OAUTH2_PROXY_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: oauth2-proxy-secret - key: client-secret - - name: OAUTH2_PROXY_COOKIE_SECRET - valueFrom: - secretKeyRef: - name: oauth2-proxy-secret - key: cookie-secret - ports: - - containerPort: 4180 - name: http - resources: - requests: - cpu: 10m - memory: 32Mi - limits: - cpu: 50m - memory: 64Mi - livenessProbe: - httpGet: - path: /ping - port: 4180 - initialDelaySeconds: 5 - periodSeconds: 10 - readinessProbe: - httpGet: - path: /ping - port: 4180 - initialDelaySeconds: 3 - periodSeconds: 5 ---- -apiVersion: v1 -kind: Service -metadata: - name: oauth2-proxy - namespace: sillytavern -spec: - selector: - app: oauth2-proxy - ports: - - port: 4180 - targetPort: 4180 - name: http