36 lines
1.1 KiB
YAML
36 lines
1.1 KiB
YAML
version: 1
|
|
metadata:
|
|
name: domain-wide-proxy-setup
|
|
entries:
|
|
# 1. The Provider
|
|
- model: authentik_providers_proxy.proxyprovider
|
|
identifiers:
|
|
name: Domain Wide Proxy
|
|
attrs:
|
|
authorization_flow: !Find [authentik_flows.flow, [slug, default-provider-authorization-explicit-consent]]
|
|
|
|
# For domain-wide, external_host must be the root domain or the auth domain
|
|
external_host: https://@AUTHENTIK_DOMAIN@
|
|
|
|
# This allows the cookie to work across *.@COOKIE_DOMAIN@
|
|
cookie_domain: @COOKIE_DOMAIN@
|
|
|
|
mode: forward_auth
|
|
intercept_header_auth: true
|
|
|
|
# 2. The Application (Required to link the provider)
|
|
- model: authentik_core.application
|
|
identifiers:
|
|
slug: authentik-proxy-root
|
|
attrs:
|
|
name: "Domain Auth Provider"
|
|
provider: !Find [authentik_providers_proxy.proxyprovider, [name, Domain Wide Proxy]]
|
|
|
|
# 3. Add to Outpost
|
|
- model: authentik_outposts.outpost
|
|
identifiers:
|
|
name: authentik Embedded Outpost
|
|
attrs:
|
|
providers:
|
|
- !Find [authentik_providers_proxy.proxyprovider, [name, Domain Wide Proxy]]
|