From 9db6e68a6986d731fb635cfe3e25929956edf860 Mon Sep 17 00:00:00 2001
From: Joey Hafner <jafner425@gmail.com>
Date: Mon, 17 Oct 2022 10:12:15 -0700
Subject: [PATCH] Switch to traefik-forward-auth@file

---
 homelab/server/config/keycloak/docker-compose.yml     | 8 ++++----
 homelab/server/config/nginx/docker-compose.yml        | 2 +-
 homelab/server/config/traefik/config/middlewares.yaml | 8 +++++++-
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/homelab/server/config/keycloak/docker-compose.yml b/homelab/server/config/keycloak/docker-compose.yml
index 483a7c25..945b1253 100644
--- a/homelab/server/config/keycloak/docker-compose.yml
+++ b/homelab/server/config/keycloak/docker-compose.yml
@@ -58,11 +58,11 @@ services:
       #- "traefik.http.services.forwardauth.loadbalancer.server.port=4181"
       #- "traefik.http.routers.forwardauth.entrypoints=websecure"
       - "traefik.http.routers.forwardauth.rule=Path(`/_oauth`)"
-      - "traefik.http.routers.forwardauth.middlewares=traefik-forward-auth"
+      #- "traefik.http.routers.forwardauth.middlewares=traefik-forward-auth"
       - "traefik.http.routers.forwardauth.tls.certresolver=lets-encrypt"
-      - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://forwardauth:4181"
-      - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
-      - "traefik.http.middlewares.traefik-forward-auth.forwardauth.trustForwardHeader=true"
+      #- "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://forwardauth:4181"
+      #- "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User"
+      #- "traefik.http.middlewares.traefik-forward-auth.forwardauth.trustForwardHeader=true"
 
 networks:
   web:
diff --git a/homelab/server/config/nginx/docker-compose.yml b/homelab/server/config/nginx/docker-compose.yml
index ae9b4f44..3bda6373 100644
--- a/homelab/server/config/nginx/docker-compose.yml
+++ b/homelab/server/config/nginx/docker-compose.yml
@@ -8,7 +8,7 @@ services:
     labels:
       - traefik.http.routers.nginx.rule=Host(`test.jafner.net`)
       - traefik.http.routers.nginx.tls.certresolver=lets-encrypt
-      - traefik.http.routers.nginx.middlewares=traefik-forward-auth
+      - traefik.http.routers.nginx.middlewares=traefik-forward-auth@file
 
 networks:
   web:
diff --git a/homelab/server/config/traefik/config/middlewares.yaml b/homelab/server/config/traefik/config/middlewares.yaml
index 10320eba..548b2a03 100644
--- a/homelab/server/config/traefik/config/middlewares.yaml
+++ b/homelab/server/config/traefik/config/middlewares.yaml
@@ -45,4 +45,10 @@ http:
         stsPreload: true
     pihole:
       addprefix:
-        prefix: "/admin"
\ No newline at end of file
+        prefix: "/admin"
+    traefik-forward-auth:
+      forwardauth:
+        address: http://forwardauth:4181
+        trustForwardHeader: true
+        authResponseHeaders:
+          - X-Forwarded-User
\ No newline at end of file