Find file History


N.B., this chart is deprecated and is no longer maintained as it's upstream has been abandoned.

oauth2-proxy is a reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group.

Note - at this time, there is a known incompatibility between oauth2-proxy version 2.2 (which is its latest release) and nginx-ingress versions >= 0.9beta12. To utilize this chart at this time please use nginx-ingress version 0.9beta11


$ helm install stable/oauth2-proxy


This chart bootstraps an oauth2-proxy deployment on a Kubernetes cluster using the Helm package manager.

Installing the Chart

To install the chart with the release name my-release:

$ helm install stable/oauth2-proxy --name my-release

The command deploys oauth2-proxy on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation.

Uninstalling the Chart

To uninstall/delete the my-release deployment:

$ helm delete my-release

The command removes all the Kubernetes components associated with the chart and deletes the release.


The following table lists the configurable parameters of the oauth2-proxy chart and their default values.

Parameter Description Default
affinity node/pod affinities None
authenticatedEmailsFile.enabled Enables authorize individual email addresses false
authenticatedEmailsFile.template Name of the configmap what is handled outside of that chart ""
`authenticatedEmailsFile.restricted_access (email addresses)[] list config ""
config.clientID oauth client ID ""
config.clientSecret oauth client secret ""
config.cookieSecret server specific cookie for the secret; create a new one with python -c 'import os,base64; print base64.b64encode(os.urandom(16))' ""
config.configFile custom oauth2_proxy.cfg contents for settings not overridable via environment nor command line ""
extraArgs key:value list of extra arguments to give the binary {}
image.pullPolicy Image pull policy IfNotPresent
image.repository Image repository a5huynh/oauth2_proxy
image.tag Image tag 2.2
imagePullSecrets Specify image pull secrets nil (does not add image pull secrets to deployed pods)
ingress.enabled enable ingress false
nodeSelector node labels for pod assignment {}
podAnnotations annotations to add to each pod {}
podLabels additional labesl to add to each pod {}
replicaCount desired number of pods 1
resources pod resource requests & limits {}
priorityClassName priorityClassName nil
service.port port for the service 80
service.type type of service ClusterIP
tolerations List of node taints to tolerate []

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example,

$ helm install stable/oauth2-proxy --name my-release \

Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,

$ helm install stable/oauth2-proxy --name my-release -f values.yaml

Tip: You can use the default values.yaml