diff --git a/docker_compose_applications/oauth2-proxy/oauth2-proxy.cfg b/docker_compose_applications/oauth2-proxy/oauth2-proxy.cfg index 3772d91..58c6c68 100644 --- a/docker_compose_applications/oauth2-proxy/oauth2-proxy.cfg +++ b/docker_compose_applications/oauth2-proxy/oauth2-proxy.cfg @@ -4,6 +4,6 @@ http_address = "0.0.0.0:4180" whitelist_domains = [".consider-it.de", ".consider-funding.de"] cookie_secure = true email_domains = [ "*" ] -scope = "openid" +scope = "openid profile email" skip_provider_button = true set_xauthrequest = true diff --git a/docker_compose_applications/reverse-proxy/Caddyfile b/docker_compose_applications/reverse-proxy/Caddyfile index 6b08a84..7d14cc0 100644 --- a/docker_compose_applications/reverse-proxy/Caddyfile +++ b/docker_compose_applications/reverse-proxy/Caddyfile @@ -41,6 +41,54 @@ pdf.consider-it.de { import oauth2_protect pdf.consider-it.de http://stirling-pdf:8080 } +registry.cortex.consider-funding.de { + handle /oauth2/* { + reverse_proxy oauth2-proxy:4180 + } + + handle { + forward_auth oauth2-proxy:4180 { + uri /oauth2/auth + copy_headers Authorization + copy_headers X-Auth-Request-Email + + @bad status 4xx + handle_response @bad { + redir https://registry.cortex.consider-funding.de/oauth2/start + } + } + + reverse_proxy https://ai-registry.neukiefer.de { + header_up Host ai-registry.neukiefer.de + header_up Authorization "Basic Y2l0OnBDMVpUNVFtZjc2WWVGYzA=" + } + } +} + +enricher.cortex.consider-funding.de { + handle /oauth2/* { + reverse_proxy oauth2-proxy:4180 + } + + handle { + forward_auth oauth2-proxy:4180 { + uri /oauth2/auth + copy_headers Authorization + copy_headers X-Auth-Request-Email + + @bad status 4xx + handle_response @bad { + redir https://enricher.cortex.consider-funding.de/oauth2/start + } + } + + reverse_proxy https://ai-enricher.neukiefer.de { + header_up Host ai-enricher.neukiefer.de + header_up Authorization "Basic Y2l0OnBDMVpUNVFtZjc2WWVGYzA=" + } + } +} + n8n.consider-funding.de { reverse_proxy n8n:5678 { flush_interval -1