How to configure a second traefik-forward-auth on the same traefik instance? #30

Closed
opened 2 months ago by 3wordchant · 0 comments
Owner

Let's say we have swarm.example.com, running:

  • id.project.org (Keycloak)
  • secret.project.org (custom-html)
  • id.otherproject.org (Keycloak)
  • secret.otherproject.org (custom-html)

We want secret.project.org to require id.project.org login, and secret.otherproject.org to require id.otherproject.org login.

Currently, we can deploy two coop-cloud/traefik-forward-auth instances with different stack names, and configure them to point at the two Keycloak instances.

But! There's no way to tell Traefik about the second instance, because we only have one "slot" for an auth middleware.

One approach could be to duplicate that section, and have e.g. KEYCLOAK_MIDDLEWARE_2_ENABLED variable, keycloak2 middleware. This would (I think!) work fine for this specific case, but scaling to supporting a 3rd, 4th etc traefik-forward-auth would be increasingly annoying.

Is there any better way to define a variable set of auth middlewares?

Let's say we have swarm.example.com, running: - `id.project.org` (Keycloak) - `secret.project.org` (custom-html) - `id.otherproject.org` (Keycloak) - `secret.otherproject.org` (custom-html) We want `secret.project.org` to require `id.project.org` login, and `secret.otherproject.org` to require `id.otherproject.org` login. Currently, we can deploy two coop-cloud/traefik-forward-auth instances with different stack names, and configure them to point at the two Keycloak instances. But! There's no way to tell Traefik about the second instance, because [we only have one "slot" for an auth middleware](https://git.coopcloud.tech/coop-cloud/traefik/src/branch/master/file-provider.yml.tmpl#L4-L10). One approach could be to duplicate that section, and have e.g. `KEYCLOAK_MIDDLEWARE_2_ENABLED` variable, `keycloak2` middleware. This would (I think!) work fine for this specific case, but scaling to supporting a 3rd, 4th etc `traefik-forward-auth` would be increasingly annoying. Is there any better way to define a variable set of auth middlewares?
3wordchant closed this issue 2 months ago
Sign in to join this conversation.
No Label
No Milestone
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Loading…
There is no content yet.