48 lines
1.5 KiB
SYSTEMD
48 lines
1.5 KiB
SYSTEMD
# container-oauth2-proxy.service
|
|
# autogenerated by Podman 4.1.1
|
|
# Thu Aug 18 10:12:36 UTC 2022
|
|
|
|
[Unit]
|
|
Description=Podman container-oauth2-proxy.service
|
|
Wants=network-online.target
|
|
After=network-online.target
|
|
RequiresMountsFor=%t/containers
|
|
|
|
[Service]
|
|
Environment=PODMAN_SYSTEMD_UNIT=%n
|
|
Restart=on-failure
|
|
TimeoutStopSec=70
|
|
ExecStartPre=/bin/rm -f %t/%n.ctr-id
|
|
ExecStart=/usr/bin/podman run \
|
|
--cidfile=%t/%n.ctr-id \
|
|
--cgroups=no-conmon \
|
|
--rm \
|
|
--sdnotify=conmon \
|
|
-d \
|
|
--replace \
|
|
--name oauth2-proxy \
|
|
-p 4180:4180 \
|
|
-e OAUTH2_PROXY_PROVIDER=keycloak-oidc \
|
|
-e OAUTH2_PROXY_CLIENT_ID=oauth2-proxy \
|
|
-e OAUTH2_PROXY_CLIENT_SECRET=H2SITUCIsnVMq0k1OfWsQuSvXmkdHBe0 \
|
|
#-e OAUTH2_PROXY_REDIRECT_URL=https://home.vanoverloop.xyz/oauth2/callback \
|
|
-e OAUTH2_PROXY_OIDC_ISSUER_URL=https://auth.vanoverloop.xyz/realms/master \
|
|
-e OAUTH2_PROXY_ALLOWED_ROLE=home \
|
|
-e OAUTH2_PROXY_HTTP_ADDRESS=0.0.0.0:4180 \
|
|
-e OAUTH2_PROXY_REVERSE_PROXY=true \
|
|
-e OAUTH2_PROXY_COOKIE_SECRET=jmoZ8LpDuAO1PLAtD16Xe4tu7e_OAmXZetiumqquCWA= \
|
|
-e OAUTH2_PROXY_UPSTREAMS=http://pi.lan:5180/ \
|
|
-e OAUTH2_PROXY_EMAIL_DOMAINS=* \
|
|
-e OAUTH2_PROXY_AUTH_LOGGING=true \
|
|
-e OAUTH2_PROXY_REQUEST_LOGGING=true \
|
|
-e OAUTH2_PROXY_SESSION_COOKIE_MINIMAL=true \
|
|
-e OAUTH2_PROXY_COOKIE_DOMAINS=.vanoverloop.xyz \
|
|
-e OAUTH2_PROXY_SKIP_PROVIDER_BUTTON=true quay.io/oauth2-proxy/oauth2-proxy
|
|
ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id
|
|
ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id
|
|
Type=notify
|
|
NotifyAccess=all
|
|
|
|
[Install]
|
|
WantedBy=default.target
|