feat: update podinfo to use middleware

2024-11-11 23:34:15 -05:00
parent b193214ecb
commit 73d96081ff
2 changed files with 26 additions and 24 deletions
--- a/apps/base/podinfo.yaml
+++ b/apps/base/podinfo.yaml
@@ -36,12 +36,14 @@ spec:
      externalPort: 80
    ingress:
      enabled: true
+      annotations:
+        traefik.ingress.kubernetes.io/router.middlewares: authentik-system-ak-outpost-authentik-embedded-outpost@kubernetescrd
      hosts:
-        - host: podinfo.yadunut.dev
+        - host: podinfo.i.yadunut.dev
          paths:
            - path: /
              pathType: ImplementationSpecific
      tls:
        - secretName: wildcard-cert-yadunut.dev-prod
          hosts:
-            - podinfo.yadunut.dev
+            - podinfo.i.yadunut.dev
--- a/infra/controllers/authentik/middlewares.yaml
+++ b/infra/controllers/authentik/middlewares.yaml
@@ -1,22 +1,22 @@
-apiVersion: traefik.containo.us/v1alpha1
-kind: Middleware
-metadata:
-    name: authentik
-    namespace: authentik-system
-spec:
-    forwardAuth:
-        # This address should point to the cluster endpoint provided by the kubernetes service, not the Ingress.
-        address: http://authentik/outpost.goauthentik.io/auth/traefik
-        trustForwardHeader: true
-        authResponseHeaders:
-            - X-authentik-username
-            - X-authentik-groups
-            - X-authentik-email
-            - X-authentik-name
-            - X-authentik-uid
-            - X-authentik-jwt
-            - X-authentik-meta-jwks
-            - X-authentik-meta-outpost
-            - X-authentik-meta-provider
-            - X-authentik-meta-app
-            - X-authentik-meta-version
+# apiVersion: traefik.io/v1alpha1
+# kind: Middleware
+# metadata:
+#     name: authentik
+#     namespace: authentik-system
+# spec:
+#     forwardAuth:
+#         # This address should point to the cluster endpoint provided by the kubernetes service, not the Ingress.
+#         address: http://authentik/outpost.goauthentik.io/auth/traefik
+#         trustForwardHeader: true
+#         authResponseHeaders:
+#             - X-authentik-username
+#             - X-authentik-groups
+#             - X-authentik-email
+#             - X-authentik-name
+#             - X-authentik-uid
+#             - X-authentik-jwt
+#             - X-authentik-meta-jwks
+#             - X-authentik-meta-outpost
+#             - X-authentik-meta-provider
+#             - X-authentik-meta-app
+#             - X-authentik-meta-version