Update addons/traefik.yaml

2024-08-28 10:08:01 +00:00 · 2024-08-28 10:08:01 +00:00 · 83f4db0116
commit 83f4db0116
parent 5b4850a045
1 changed files with 44 additions and 37 deletions
--- a/addons/traefik.yaml
+++ b/addons/traefik.yaml
@ -1,37 +1,44 @@
-# apiVersion: traefik.io/v1alpha1
-# kind: IngressRoute
-# metadata:
-#   name: chart_name
-#   namespace: chart_namespace
-# spec:
-#   routes:
-#     - kind: Rule
-#       match: Host(`chart_host`)
-#       middlewares:
-#         - name: authentik
-#       services:
-#         - name: chart_service
-#           namespace: chart_namespace
-#           port: chart_port
-# ---
-# apiVersion: traefik.io/v1alpha1
-# kind: Middleware
-# metadata:
-#   name: authentik
-#   namespace: chart_namespace
-# spec:
-#   forwardAuth:
-#     address: https://chart_host/outpost.goauthentik.io/auth/traefik
-#     authResponseHeaders:
-#       - X-authentik-username
-#       - X-authentik-groups
-#       - X-authentik-email
-#       - X-authentik-name
-#       - X-authentik-uid
-#       - X-authentik-jwt
-#       - X-authentik-meta-jwks
-#       - X-authentik-meta-outpost
-#       - X-authentik-meta-provider
-#       - X-authentik-meta-app
-#       - X-authentik-meta-version
-#     trustForwardHeader: true
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: {{ .Chart.Name }}
+  namespace: {{ .Values.namespace }}
+spec:
+  routes:
+    - kind: Rule
+      match: {{ .Values.expose.match }}
+{{- if .Values.expose.middlewares }}
+      middlewares:
+        {{ toYaml .Values.expose.middlewares }}
+{{- end }}
+      services:
+        - name: {{ .Values.expose.service.name }}
+          port: {{ .Values.expose.service.port }}
+          namespace: {{ .Values.namespace }}
+{{ if has "authentik" .Values.expose.middlewares }}
+---
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: authentik
+  namespace: {{ .Values.namespace }}
+spec:
+  forwardAuth:
+{{- $regexArray := mustRegexFindAll "Host[(]`[^`]+`[)]" .Values.expose.match -1 }}
+{{- $firstHost := index $regexArray 0 }}
+{{- $hostname := regexReplaceAll ".+`([^`]+)`.+" $firstHost "$1"}}
+    address: https://{{ $hostname }}/outpost.goauthentik.io/auth/traefik
+    authResponseHeaders:
+      - X-authentik-username
+      - X-authentik-groups
+      - X-authentik-email
+      - X-authentik-name
+      - X-authentik-uid
+      - X-authentik-jwt
+      - X-authentik-meta-jwks
+      - X-authentik-meta-outpost
+      - X-authentik-meta-provider
+      - X-authentik-meta-app
+      - X-authentik-meta-version
+    trustForwardHeader: true
+{{ end }}