feat(oauth2-proxy) add oauth2-proxy module

2025-09-13 00:15:31 +09:00
parent cf28e427c2
commit 45aa5bd20e
6 changed files with 292 additions and 0 deletions
--- a/oauth2-proxy/oauth2-proxy-external-secret.gomplate.yaml
+++ b/oauth2-proxy/oauth2-proxy-external-secret.gomplate.yaml
@@ -0,0 +1,32 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: oauth2-proxy-{{ .Env.APP_NAME }}-config
+  namespace: {{ .Env.APP_NAMESPACE }}
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-secret-store
+    kind: ClusterSecretStore
+  target:
+    name: oauth2-proxy-{{ .Env.APP_NAME }}-config
+    creationPolicy: Owner
+    template:
+      type: Opaque
+      data:
+        client_id: "{{ `{{ .client_id }}` }}"
+        client_secret: "{{ `{{ .client_secret }}` }}"
+        cookie_secret: "{{ `{{ .cookie_secret }}` }}"
+  data:
+  - secretKey: client_id
+    remoteRef:
+      key: oauth2-proxy/{{ .Env.APP_NAME }}
+      property: client_id
+  - secretKey: client_secret
+    remoteRef:
+      key: oauth2-proxy/{{ .Env.APP_NAME }}
+      property: client_secret
+  - secretKey: cookie_secret
+    remoteRef:
+      key: oauth2-proxy/{{ .Env.APP_NAME }}
+      property: cookie_secret