feat(oauth2-proxy) add oauth2-proxy module

2025-09-13 00:15:31 +09:00
parent cf28e427c2
commit 45aa5bd20e
6 changed files with 292 additions and 0 deletions
--- a/oauth2-proxy/oauth2-proxy-ingressroute.gomplate.yaml
+++ b/oauth2-proxy/oauth2-proxy-ingressroute.gomplate.yaml
@@ -0,0 +1,36 @@
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: {{ .Env.APP_NAME }}-auth-headers
+  namespace: {{ .Env.APP_NAMESPACE }}
+spec:
+  headers:
+    sslRedirect: true
+    stsSeconds: 315360000
+    browserXssFilter: true
+    contentTypeNosniff: true
+    forceSTSHeader: true
+    sslHost: {{ .Env.APP_HOST }}
+    stsIncludeSubdomains: true
+    stsPreload: true
+    frameDeny: true
+
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: oauth2-proxy-{{ .Env.APP_NAME }}
+  namespace: {{ .Env.APP_NAMESPACE }}
+  labels:
+    app: {{ .Env.APP_NAME }}-oauth2-proxy
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: "Host(`{{ .Env.APP_HOST }}`)"
+      kind: Rule
+      services:
+        - name: oauth2-proxy-{{ .Env.APP_NAME }}
+          port: 80
+      middlewares:
+        - name: {{ .Env.APP_NAME }}-auth-headers