From d1fa76b6b5cba33f4de31b59115435cf1efaa0e4 Mon Sep 17 00:00:00 2001 From: Lukasz Raczylo Date: Thu, 25 Jul 2024 00:25:20 +0100 Subject: [PATCH] Update documentation. --- .traefik.yml | 2 + README.md | 101 +++++++++++++++++++++++++++++++++++++++++++++------ 2 files changed, 92 insertions(+), 11 deletions(-) diff --git a/.traefik.yml b/.traefik.yml index 39a79f1..ea605f9 100644 --- a/.traefik.yml +++ b/.traefik.yml @@ -11,8 +11,10 @@ testData: clientID: 1234567890.apps.googleusercontent.com clientSecret: secret callbackURL: /oauth2/callback + logoutURL: /oauth2/logout scopes: - openid - email - profile sessionEncryptionKey: potato-secret + forceHTTPS: false diff --git a/README.md b/README.md index c70d095..70913ca 100644 --- a/README.md +++ b/README.md @@ -7,16 +7,95 @@ This middleware is supposed to replace the need for the forward-auth and oauth2- ### Configuration options +#### Docker compose example + +`docker-compose.yaml` + +```yaml +version: "3.7" + +services: + traefik: + image: traefik:v3.0.1 + command: + - "--experimental.plugins.traefikoidc.modulename=github.com/lukaszraczylo/traefikoidc" + - "--experimental.plugins.traefikoidc.version=v0.2.1" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + - ./traefik-config/traefik.yml:/etc/traefik/traefik.yml + - ./traefik-config/dynamic-configuration.yml:/etc/traefik/dynamic-configuration.yml + labels: + - "traefik.http.routers.dash.rule=Host(`dash.localhost`)" + - "traefik.http.routers.dash.service=api@internal" + + ports: + - "80:80" + + hello: + image: containous/whoami + labels: + - traefik.enable=true + - traefik.http.routers.hello.entrypoints=http + - traefik.http.routers.hello.rule=Host(`hello.localhost`) + - traefik.http.services.hello.loadbalancer.server.port=80 + - traefik.http.routers.hello.middlewares=my-plugin@file + + whoami: + image: jwilder/whoami + labels: + - traefik.enable=true + - traefik.http.routers.whoami.entrypoints=http + - traefik.http.routers.whoami.rule=Host(`whoami.localhost`) + - traefik.http.services.whoami.loadbalancer.server.port=8000 + - traefik.http.routers.whoami.middlewares=my-plugin@file ``` -testData: - providerURL: https://accounts.google.com - clientID: 1234567890.apps.googleusercontent.com - clientSecret: secret - callbackURL: /oauth2/callback - logoutURL: /oauth2/logout - scopes: - - openid - - email - - profile - sessionEncryptionKey: potato-secret + +`traefik-config/traefik.yaml` + +```yaml +log: + level: INFO + +experimental: + localPlugins: + traefikoidc: + moduleName: github.com/lukaszraczylo/traefikoidc + +# API and dashboard configuration +api: + dashboard: true + insecure: true + +entryPoints: + http: + address: ":80" + forwardedHeaders: + insecure: true + +providers: + docker: + endpoint: "unix:///var/run/docker.sock" + exposedByDefault: false + file: + filename: /etc/traefik/dynamic-configuration.yml +``` + +`traefik-config/dynamic-configuration.yaml` +```yaml +http: + middlewares: + my-plugin: + plugin: + traefikoidc: + providerURL: https://accounts.google.com + clientID: 1234567890.apps.googleusercontent.com + clientSecret: secret + callbackURL: /oauth2/callback + logoutURL: /oauth2/logout + scopes: + - openid + - email + - profile + sessionEncryptionKey: potato-secret + forceHTTPS: false ```