adds pseudo.cortex.consider-funding.de upstream, adds snippet for easy oauth2-proxy protect, moves oauth2-proxy secrets to .env file

docker_compose_applications/oauth2-proxy/.env.example

@@ -0,0 +1,4 @@
+OAUTH2_PROXY_CLIENT_ID = ""
+OAUTH2_PROXY_CLIENT_SECRET = ""
+OAUTH2_PROXY_COOKIE_SECRET = ""
+OAUTH2_PROXY_OIDC_ISSUER_URL = ""

docker_compose_applications/oauth2-proxy/compose.yaml

@@ -5,6 +5,7 @@ services:
     restart: unless-stopped
     command:
       - --config=/etc/oauth2-proxy/oauth2-proxy.cfg
+    env_file: .env
     volumes:
       - ./oauth2-proxy.cfg:/etc/oauth2-proxy/oauth2-proxy.cfg:ro
     networks:

docker_compose_applications/oauth2-proxy/oauth2-proxy.cfg

@@ -0,0 +1,9 @@
+provider = "entra-id"
+upstreams = ["file:///dev/null"]
+http_address = "0.0.0.0:4180"
+whitelist_domains = [".consider-it.de", ".consider-funding.de"]
+cookie_secure = true
+email_domains = [ "*" ]
+scope = "openid"
+skip_provider_button = true
+set_xauthrequest = true

docker_compose_applications/oauth2-proxy/oauth2-proxy.cfg.example

@@ -1,12 +0,0 @@
-provider = "entra-id"
-oidc_issuer_url = "https://login.microsoftonline.com/xxx-x-x-x-xxxx/v2.0"
-client_id = ""
-client_secret = ""
-cookie_secret = ""
-upstreams = [ "http://stirling-pdf:8080" ]
-http_address = "0.0.0.0:4180"
-redirect_url = "https://pdf.consider-it.de/oauth2/callback"
-cookie_secure = true
-email_domains = [ "*" ]
-scope = "openid"
-skip_provider_button = true