Add a slot for a second traefik-forward-auth instance

.env.sample

@@ -52,6 +52,7 @@ COMPOSE_FILE="compose.yml"
 #COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak.yml"
 #KEYCLOAK_MIDDLEWARE_ENABLED=1
 #KEYCLOAK_TFA_SERVICE=traefik-forward-auth_app
+#KEYCLOAK_MIDDLEWARE_2_ENABLED=1
 
 #####################################################################
 # Prometheus metrics                                                #

compose.keycloak.yml

@@ -5,7 +5,9 @@ services:
   app:
     deploy:
       labels:
-        - "traefik.http.routers.traefik.middlewares=keycloak@file"
+        - "traefik.http.routers.${STACK_NAME}.middlewares=keycloak@file"
     environment:
       - KEYCLOAK_MIDDLEWARE_ENABLED
       - KEYCLOAK_TFA_SERVICE
+      - KEYCLOAK_MIDDLEWARE_2_ENABLED
+      - KEYCLOAK_MIDDLEWARE_2_SERVICE

file-provider.yml.tmpl

@@ -9,6 +9,14 @@ http:
         authResponseHeaders:
           - X-Forwarded-User
     {{ end }}
+    {{ if eq (env "KEYCLOAK_MIDDLEWARE_2_ENABLED") "1" }}
+    keycloak2:
+      forwardAuth:
+        address: "http://${KEYCLOAK_MIDDLEWARE_2_SERVICE}:4181"
+        trustForwardHeader: true
+        authResponseHeaders:
+          - X-Forwarded-User
+    {{ end }}
     security:
       headers:
         frameDeny: true