You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Updated my clusters and redeployed this again. So far this is my favorite dashboard-type app. Hoping it might be possible to support multiple users / oidc.
On the heimdall side, my oauth2-proxy configuration in the annotation section:
annotations:
# use oauth2-proxy for login & obtain bearer token
nginx.ingress.kubernetes.io/auth-url: "https://oauth2-proxy.vc-prod.k.home.net/oauth2/auth"
nginx.ingress.kubernetes.io/auth-signin: "https://oauth2-proxy.vc-prod.k.home.net/oauth2/start?rd=$escaped_request_uri"
# header to watch for
nginx.ingress.kubernetes.io/auth-response-headers: authorization
# in the following everything after $upstream_http_ is the header you want to pass along to target app
nginx.ingress.kubernetes.io/configuration-snippet: |
auth_request_set $token $upstream_http_authorization;
add_header Authorization $token;
I've noticed there is a heimdall oauth2 server so I'm betting there is already an integration available. Maybe?
I've looked into an authenticating proxy:
https://github.com/oauth2-proxy/oauth2-proxy
Which has an example of being an interface in front of the kubernetes dashboard, which knows how to accept the token passed along by the oauth2-proxy. Is it possible heimdall apps also knows how to work with such a token?
https://kubernetes.github.io/ingress-nginx/examples/auth/oauth-external-auth/
The text was updated successfully, but these errors were encountered: