From d3d49d6d2f0f34b4fe0ea08f1ccbc1d441cc58ab Mon Sep 17 00:00:00 2001
From: Joey Hafner <jafner425@gmail.com>
Date: Wed, 6 Jul 2022 15:08:19 -0700
Subject: [PATCH] Move authentik middleware definition to authentik.yaml
 traefik dynamic config

---
 .../server/config/authentik/docker-compose.yml |  3 ---
 .../config/traefik/config/authentik.yaml       | 18 ++++++++++++++++++
 2 files changed, 18 insertions(+), 3 deletions(-)
 create mode 100644 homelab/server/config/traefik/config/authentik.yaml

diff --git a/homelab/server/config/authentik/docker-compose.yml b/homelab/server/config/authentik/docker-compose.yml
index c74395b6..a59bae5b 100644
--- a/homelab/server/config/authentik/docker-compose.yml
+++ b/homelab/server/config/authentik/docker-compose.yml
@@ -63,9 +63,6 @@ services:
       traefik.http.routers.authentik.rule: Host(`authentik.jafner.net`)
       traefik.http.routers.authentik.tls.certresolver: lets-encrypt
       traefik.http.services.authentik.loadbalancer.server.port: 9000
-      traefik.http.middlewares.authentik.forwardauth.address: http://authentik:9000/outpost.goauthentik.io/auth/traefik
-      traefik.http.middlewares.authentik.forwardauth.trustForwardHeader: true
-      traefik.http.middlewares.authentik.forwardauth.authResponseHeaders: X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid,X-authentik-jwt,X-authentik-meta-jwks,X-authentik-meta-outpost,X-authentik-meta-provider,X-authentik-meta-app,X-authentik-meta-version
 
   worker:
     image: ${AUTHENTIK_IMAGE:-ghcr.io/goauthentik/server}:${AUTHENTIK_TAG:-2022.1.3}
diff --git a/homelab/server/config/traefik/config/authentik.yaml b/homelab/server/config/traefik/config/authentik.yaml
new file mode 100644
index 00000000..f8a81c0b
--- /dev/null
+++ b/homelab/server/config/traefik/config/authentik.yaml
@@ -0,0 +1,18 @@
+http:
+    middlewares:
+      authentik:
+        forwardauth:
+          address: http://authentik:9000/outpost.goauthentik.io/auth/traefik
+          trustForwardHeader: true
+          authResponseHeaders:
+              - X-authentik-username
+              - X-authentik-groups
+              - X-authentik-email
+              - X-authentik-name
+              - X-authentik-uid
+              - X-authentik-jwt
+              - X-authentik-meta-jwks
+              - X-authentik-meta-outpost
+              - X-authentik-meta-provider
+              - X-authentik-meta-app
+              - X-authentik-meta-version
\ No newline at end of file