feat: Reverts using pocket id for docs, for now.
This commit is contained in:
@@ -1,38 +1,5 @@
|
|||||||
{
|
{
|
||||||
email {env.ACME_EMAIL}
|
email {env.ACME_EMAIL}
|
||||||
|
|
||||||
security {
|
|
||||||
oauth identity provider generic {
|
|
||||||
delay_start 3
|
|
||||||
realm generic
|
|
||||||
driver generic
|
|
||||||
client_id 54ac14e4-4e6b-46ce-a870-01b297421e89
|
|
||||||
client_secret 54ac14e4-4e6b-46ce-a870-01b297421e89
|
|
||||||
scopes openid email profile
|
|
||||||
base_auth_url http://localhost
|
|
||||||
metadata_url http://localhost/.well-known/openid-configuration
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
authentication portal docsportal {
|
|
||||||
crypto default token lifetime 3600 # Seconds until you have to reauthenticate
|
|
||||||
enable identity provider generic
|
|
||||||
cookie insedure off
|
|
||||||
transfrom {
|
|
||||||
match realm generic
|
|
||||||
action add role user
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
authorization policy docspolicy {
|
|
||||||
set auth url /caddy-security/oauth2/generic
|
|
||||||
allow roles user
|
|
||||||
inject headers with claims
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
housh.dev {
|
housh.dev {
|
||||||
@@ -107,19 +74,8 @@ housh.dev {
|
|||||||
|
|
||||||
@docs host docs.housh.dev
|
@docs host docs.housh.dev
|
||||||
handle @docs {
|
handle @docs {
|
||||||
@auth {
|
|
||||||
path /caddy-security/*
|
|
||||||
}
|
|
||||||
|
|
||||||
route @auth {
|
|
||||||
authenticate with docsportal
|
|
||||||
}
|
|
||||||
|
|
||||||
route /* {
|
|
||||||
authorize with docspolicy
|
|
||||||
reverse_proxy docs:80
|
reverse_proxy docs:80
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
@pocket_id host id.housh.dev
|
@pocket_id host id.housh.dev
|
||||||
handle @pocket_id {
|
handle @pocket_id {
|
||||||
|
|||||||
Reference in New Issue
Block a user