--- apiVersion: v1 kind: ConfigMap metadata: name: traefik-forward-auth-0.3.8-d2iq-defaults namespace: ${releaseNamespace} data: values.yaml: |- --- replicaCount: 1 resources: requests: cpu: 100m memory: 128Mi ephemeral-storage: 200Mi service: type: ClusterIP port: 4181 traefikForwardAuth: enabled: false # oidcUri, clientID, clientSecret will be overridden by the TFAController oidcUri: "https://dex.${releaseNamespace}.svc.cluster.local:8080/dex" clientId: traefik-forward-auth-kommander clientSecret: value: "placeholder" valueFrom: secretKeyRef: null allowedUser: valueFrom: secretKeyRef: null cookieSecure: true userCookieName: "kommander_profile_name" whitelist: [] enableRBAC: true enableImpersonation: true rbacPassThroughPaths: ["/dkp/kubernetes/", "/dkp/kubernetes/*"] extraConfig: | cookie-name = _forward_auth_kommander csrf-cookie-name = _forward_auth_csrf_kommander url-path = /_oauth_kommander groups-session-name = _forward_auth_claims_kommander ingress: enabled: true annotations: kubernetes.io/ingress.class: kommander-traefik ingress.kubernetes.io/protocol: https traefik.ingress.kubernetes.io/router.middlewares: ${releaseNamespace}-forwardauth@kubernetescrd traefik.ingress.kubernetes.io/router.tls: "true" paths: - /_oauth_kommander hosts: - "" tls: [] deploymentAnnotations: configmap.reloader.stakater.com/reload: "traefik-forward-auth-configmap" initContainers: null addonsInitializer: "${initializerImage:=mesosphere/kubeaddons-addon-initializer:v0.5.5}" env: LOG_LEVEL: warn