Simplified Caddy snippets (removed auth/all).
This commit is contained in:
Leo Vasanko
@@ -1,4 +1,5 @@
|
|||||||
localhost {
|
localhost {
|
||||||
|
# Setup the authentication site at /auth/
|
||||||
import auth/setup
|
import auth/setup
|
||||||
# Only users with myapp:reports and auth admin permissions
|
# Only users with myapp:reports and auth admin permissions
|
||||||
handle_path /reports {
|
handle_path /reports {
|
||||||
@@ -22,16 +23,3 @@ localhost {
|
|||||||
reverse_proxy :3000
|
reverse_proxy :3000
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
example.com {
|
|
||||||
# Public endpoints in handle blocks before auth
|
|
||||||
@public path /favicon.ico /.well-known/*
|
|
||||||
handle @public {
|
|
||||||
root * /var/www/
|
|
||||||
file_server
|
|
||||||
}
|
|
||||||
# The rest of the site protected, /auth/ reserved for auth service
|
|
||||||
import auth/all perm=auth:admin {
|
|
||||||
reverse_proxy :3000
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@@ -1,6 +0,0 @@
|
|||||||
# Enable auth site at /auth (setup) and require authentication on all paths
|
|
||||||
import setup
|
|
||||||
handle {
|
|
||||||
import require {args[0]}
|
|
||||||
{block}
|
|
||||||
}
|
|
||||||
@@ -1,5 +1,7 @@
|
|||||||
# Permission to use within your endpoints that need authentication/authorization, that
|
# Permission to use within your endpoints that need authentication/authorization
|
||||||
# is different depending on the route (otherwise use auth/all).
|
# Argument is mandatory and provides a query string to /auth/api/forward
|
||||||
|
# "" means just authentication
|
||||||
|
# perm=yourservice:login to require specific permission
|
||||||
forward_auth {$AUTH_UPSTREAM:localhost:4401} {
|
forward_auth {$AUTH_UPSTREAM:localhost:4401} {
|
||||||
uri /auth/api/forward?{args[0]}
|
uri /auth/api/forward?{args[0]}
|
||||||
header_up Connection keep-alive # Much higher performance
|
header_up Connection keep-alive # Much higher performance
|
||||||
|
|||||||
Reference in New Issue
Block a user