coop-cloud/traefik-forward-auth
4
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

DOMAIN causes unexpected behaviour #2

New Issue
Open
opened 2023-11-17 12:19:55 +00:00 by 3wordchant · 3 comments
3wordchant commented 2023-11-17 12:19:55 +00:00
Owner
Copy Link

The DOMAIN environment variable has a special meaning for traefik-forward-auth: it establishes a list of allowed email domains for SSO https://github.com/thomseddon/traefik-forward-auth#user-restriction

This means that abra's default behaviour of setting DOMAIN causes unexpected behaviour. If DOMAIN=auth.example.com, only users with emails like user@auth.example.com will be allowed in 😞

The `DOMAIN` environment variable has a special meaning for `traefik-forward-auth`: it establishes a list of allowed email domains for SSO https://github.com/thomseddon/traefik-forward-auth#user-restriction This means that `abra`'s default behaviour of setting `DOMAIN` causes unexpected behaviour. If `DOMAIN=auth.example.com`, only users with emails like `user@auth.example.com` will be allowed in 😞
moritz commented 2023-11-17 23:13:46 +00:00
Owner
Copy Link

If the DOMAIN variable is already used by a container, I would suggest to rename the variable. Use an env like TRAEFIK_DOMAIN and place DOMAIN=${TRAEFIK_DOMAIN} in the compose file under environment.

If the `DOMAIN` variable is already used by a container, I would suggest to rename the variable. Use an env like `TRAEFIK_DOMAIN` and place `DOMAIN=${TRAEFIK_DOMAIN}` in the compose file under `environment`.
👍 1
3wordchant commented 2023-12-02 15:30:40 +00:00
Author
Owner
Copy Link

@moritz thanks for the suggestion! Maybe I'm misunderstanding your suggestion, but the problem seems to be that, if DOMAIN is set in the container, traefik-forward-auth behaves unexpectedly – and I can't find a way to unset it.

@moritz thanks for the suggestion! Maybe I'm misunderstanding your suggestion, but the problem seems to be that, if `DOMAIN` is set in the container, `traefik-forward-auth` behaves unexpectedly – and I can't find a way to unset it.
moritz commented 2023-12-07 15:56:45 +00:00
Owner
Copy Link

If you set DOMAIN=${TRAEFIK_DOMAIN} in the compose file and set TRAEFIK_DOMAIN="" in your .env file you unset the DOMAIN variable for the container. If you never need the DOMAIN variable you could also directly set DOMAIN="" in the compose file.

If you set `DOMAIN=${TRAEFIK_DOMAIN}` in the compose file and set `TRAEFIK_DOMAIN=""` in your .env file you unset the `DOMAIN` variable for the container. If you never need the `DOMAIN` variable you could also directly set `DOMAIN=""` in the compose file.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
3wordchant aadil abra-bot ammaratef45 Apfelwurm appletalk arjan basebuilder Brooke carla cas codegod100 coopcloud cyrnel decentral1se fauno flancian Frando iexos jade javielico jmakdah2 joe-irving kawaiipunk knoflook kolaente lambdabundesverband linnealovespie marlon mayel mirsal moritz nicksellen notplants p4u1 pau pharaohgraphy renovate-bot ripclap rix rscmbbng sef simon sixsmith stevensting tobias trav val virtualboys wolcen wykwit xynosis yksflip
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: coop-cloud/traefik-forward-auth#2
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?