[oauth-proxy] Making some progress on this. It's not working, but it's now redirecting and getting 'invalid status code'

2025-05-30 10:25:00 -07:00
parent 9411f87dbc
commit fec3b3a1e2
4 changed files with 19 additions and 11 deletions
--- a/system/hosts/mcp/containers/traefik.nix
+++ b/system/hosts/mcp/containers/traefik.nix
@@ -13,20 +13,20 @@ in
      restartUnits = [ "podman-traefik.service" ];
      mode = "0400";
    };
+    "traefik/oauth2-plugin-secret" = {
+      restartUnits = [ "podman-traefik.service" ];
+      mode = "0400";
+    };
  };

  sops.templates."traefik/oauth2-config.yaml".content = ''
-    experimental:
-      plugins:
-        traefik-oidc-auth:
-          moduleName: "github.com/sevensolutions/traefik-oidc-auth"
-          version: "v0.11.0"
-
    http:
      middlewares:
        oidc-auth:
          plugin:
            traefik-oidc-auth:
+              Secret: "${config.sops.placeholder."traefik/oauth2-plugin-secret"}"
+              CallbackUri: "https://auth.blazestar.net/oidc/callback"
              Provider:
                Url: "https://auth.blazestar.net/"
                ClientId: "3e3f7d9a-a684-4412-866c-ea7281954a9f"