From ee2b2fefa120c660e9f9ff86cf403c7faa1ea50e Mon Sep 17 00:00:00 2001
From: Caleb Doxsey <cdoxsey@pomerium.com>
Date: Wed, 25 Aug 2021 11:37:58 -0600
Subject: [PATCH] integration: add traefik tests (#2530)

* integration: add traefik tests

* enable traefik

* add auth0
---
 .github/workflows/test.yaml                   |    2 +-
 .../clusters/auth0-traefik/compose.yml        | 1236 +++++++++++++++++
 .../clusters/azure-traefik/compose.yml        | 1236 +++++++++++++++++
 .../clusters/github-traefik/compose.yml       | 1236 +++++++++++++++++
 .../clusters/gitlab-traefik/compose.yml       | 1236 +++++++++++++++++
 .../clusters/google-traefik/compose.yml       | 1236 +++++++++++++++++
 integration/clusters/oidc-traefik/compose.yml | 1236 +++++++++++++++++
 integration/clusters/okta-traefik/compose.yml | 1236 +++++++++++++++++
 .../clusters/onelogin-traefik/compose.yml     | 1236 +++++++++++++++++
 integration/clusters/ping-traefik/compose.yml | 1236 +++++++++++++++++
 integration/tpl/backends/traefik.libsonnet    |  180 +++
 .../auth0-traefik/compose.yml.jsonnet         |    1 +
 .../azure-traefik/compose.yml.jsonnet         |    1 +
 .../github-traefik/compose.yml.jsonnet        |    1 +
 .../gitlab-traefik/compose.yml.jsonnet        |    1 +
 .../google-traefik/compose.yml.jsonnet        |    1 +
 .../clusters/oidc-traefik/compose.yml.jsonnet |    1 +
 .../clusters/okta-traefik/compose.yml.jsonnet |    1 +
 .../onelogin-traefik/compose.yml.jsonnet      |    1 +
 .../clusters/ping-traefik/compose.yml.jsonnet |    1 +
 integration/tpl/deployments/traefik.libsonnet |   17 +
 21 files changed, 11331 insertions(+), 1 deletion(-)
 create mode 100644 integration/clusters/auth0-traefik/compose.yml
 create mode 100644 integration/clusters/azure-traefik/compose.yml
 create mode 100644 integration/clusters/github-traefik/compose.yml
 create mode 100644 integration/clusters/gitlab-traefik/compose.yml
 create mode 100644 integration/clusters/google-traefik/compose.yml
 create mode 100644 integration/clusters/oidc-traefik/compose.yml
 create mode 100644 integration/clusters/okta-traefik/compose.yml
 create mode 100644 integration/clusters/onelogin-traefik/compose.yml
 create mode 100644 integration/clusters/ping-traefik/compose.yml
 create mode 100644 integration/tpl/backends/traefik.libsonnet
 create mode 100644 integration/tpl/clusters/auth0-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/azure-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/github-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/gitlab-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/google-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/oidc-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/okta-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/onelogin-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/clusters/ping-traefik/compose.yml.jsonnet
 create mode 100644 integration/tpl/deployments/traefik.libsonnet

diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 202dd287c..03ec3982c 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -100,7 +100,7 @@ jobs:
       matrix:
         go-version: [1.17.x]
         platform: [ubuntu-latest]
-        deployment: [multi, single]
+        deployment: [multi, single, traefik]
         idp: [auth0, azure, github, gitlab, google, oidc, okta, onelogin, ping]
     runs-on: ${{ matrix.platform }}
     steps:
diff --git a/integration/clusters/auth0-traefik/compose.yml b/integration/clusters/auth0-traefik/compose.yml
new file mode 100644
index 000000000..63d4f27cd
--- /dev/null
+++ b/integration/clusters/auth0-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - auth0
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: auth0
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogImF1dGgwIgp9LAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfQpd
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "auth0"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/azure-traefik/compose.yml b/integration/clusters/azure-traefik/compose.yml
new file mode 100644
index 000000000..852cf7b85
--- /dev/null
+++ b/integration/clusters/azure-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - azure
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: azure
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogImF6dXJlIgp9LAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfQpd
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "azure"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/github-traefik/compose.yml b/integration/clusters/github-traefik/compose.yml
new file mode 100644
index 000000000..fa337e514
--- /dev/null
+++ b/integration/clusters/github-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - github
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: github
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogImdpdGh1YiIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0KXQ==
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "github"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/gitlab-traefik/compose.yml b/integration/clusters/gitlab-traefik/compose.yml
new file mode 100644
index 000000000..9da585b3c
--- /dev/null
+++ b/integration/clusters/gitlab-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - gitlab
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: gitlab
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogImdpdGxhYiIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0KXQ==
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "gitlab"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/google-traefik/compose.yml b/integration/clusters/google-traefik/compose.yml
new file mode 100644
index 000000000..f134d5ebe
--- /dev/null
+++ b/integration/clusters/google-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - google
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: google
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogImdvb2dsZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0KXQ==
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "google"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/oidc-traefik/compose.yml b/integration/clusters/oidc-traefik/compose.yml
new file mode 100644
index 000000000..4e244077a
--- /dev/null
+++ b/integration/clusters/oidc-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - oidc
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: oidc
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogIm9pZGMiCn0sCiJ0byI6ICJodHRwOi8vdHJ1c3RlZC1odHRwZGV0YWlsczo4MDgwIgp9Cl0=
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "oidc"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/okta-traefik/compose.yml b/integration/clusters/okta-traefik/compose.yml
new file mode 100644
index 000000000..455f88668
--- /dev/null
+++ b/integration/clusters/okta-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - okta
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: okta
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogIm9rdGEiCn0sCiJ0byI6ICJodHRwOi8vdHJ1c3RlZC1odHRwZGV0YWlsczo4MDgwIgp9Cl0=
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "okta"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/onelogin-traefik/compose.yml b/integration/clusters/onelogin-traefik/compose.yml
new file mode 100644
index 000000000..7359aba1b
--- /dev/null
+++ b/integration/clusters/onelogin-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - onelogin
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: onelogin
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogIm9uZWxvZ2luIgp9LAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfQpd
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "onelogin"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/clusters/ping-traefik/compose.yml b/integration/clusters/ping-traefik/compose.yml
new file mode 100644
index 000000000..ff14c4c75
--- /dev/null
+++ b/integration/clusters/ping-traefik/compose.yml
@@ -0,0 +1,1236 @@
+networks:
+  main: {}
+services:
+  fortio:
+    command:
+    - server
+    - -cert
+    - /fortio_config/trusted.pem
+    - -key
+    - /fortio_config/trusted-key.pem
+    depends_on:
+      fortio-init:
+        condition: service_completed_successfully
+    image: fortio/fortio:1.17.0
+    networks:
+      main:
+        aliases:
+        - fortio
+    ports:
+    - 8079:8079/tcp
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-init:
+    command:
+    - sh
+    - -c
+    - |
+      echo "$$CERT" >/fortio_config/trusted.pem
+      echo "$$KEY" >/fortio_config/trusted-key.pem
+    environment:
+      CERT: |
+        -----BEGIN CERTIFICATE-----
+        MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+        gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+        ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+        dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+        NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+        bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+        KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+        HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+        yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+        Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+        jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+        bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+        9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+        DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+        BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+        AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+        c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+        AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+        OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+        qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+        6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+        kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+        B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+        xjUE8XUu
+        -----END CERTIFICATE-----
+      KEY: |
+        -----BEGIN PRIVATE KEY-----
+        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+        ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+        EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+        Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+        CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+        mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+        DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+        DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+        8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+        Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+        CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+        bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+        SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+        2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+        axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+        uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+        BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+        uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+        2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+        CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+        fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+        cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+        Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+        KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+        YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+        gmLh4w/CcPyb9ZyXceWU/nU=
+        -----END PRIVATE KEY-----
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - fortio-init
+    volumes:
+    - fortio_config:/fortio_config
+  fortio-ready:
+    command:
+    - -wait
+    - http://fortio:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - fortio-ready
+  mock-idp:
+    command:
+    - --provider
+    - ping
+    - --port
+    - "8024"
+    - --root-url
+    - https://mock-idp.localhost.pomerium.io/
+    image: pomerium/mock-idps:${MOCK_IDPS_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - mock-idp
+    ports:
+    - 8024:8024/tcp
+  mock-idp-ready:
+    command:
+    - -wait
+    - http://mock-idp:8024/.well-known/openid-configuration
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - mock-idp-ready
+  pomerium:
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    environment:
+      AUTHENTICATE_SERVICE_URL: https://authenticate.localhost.pomerium.io
+      CERTIFICATE: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVVakNDQXJxZ0F3SUJBZ0lSQUtOYUVxQ21tWmZobWNZZ1p5MDFXQ3N3RFFZSktvWklodmNOQVFFTEJRQXcKZ1lNeEhqQWNCZ05WQkFvVEZXMXJZMlZ5ZENCa1pYWmxiRzl3YldWdWRDQkRRVEVzTUNvR0ExVUVDd3dqWTJGcwpaV0pBWTJGc1pXSXRjR010YkdsdWRYZ2dLRU5oYkdWaUlFUnZlSE5sZVNreE16QXhCZ05WQkFNTUttMXJZMlZ5CmRDQmpZV3hsWWtCallXeGxZaTF3WXkxc2FXNTFlQ0FvUTJGc1pXSWdSRzk0YzJWNUtUQWVGdzB5TVRBNE1UQXgKTnpNeU1UQmFGdzB5TXpFeE1UQXhPRE15TVRCYU1GY3hKekFsQmdOVkJBb1RIbTFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCalpYSjBhV1pwWTJGMFpURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnCktFTmhiR1ZpSUVSdmVITmxlU2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRQzgKSExCQUl6WGtQZWVnbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRAp5VmhEVDBRbEkvTy9FS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2Cld5bCtGb1BEVi92c1ozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXQKak9ic2FRZ0o1TEx4Q1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcQpiWlVERytaaW9BclBtcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkCjlyNnJPQnhweHduVER2SGtCbjZ2QWdNQkFBR2piREJxTUE0R0ExVWREd0VCL3dRRUF3SUZvREFUQmdOVkhTVUUKRERBS0JnZ3JCZ0VGQlFjREFUQWZCZ05WSFNNRUdEQVdnQlNGaGxoWWdFZktUcGxWT2VuZVZHMyszSUUvVFRBaQpCZ05WSFJFRUd6QVpnaGNxTG14dlkyRnNhRzl6ZEM1d2IyMWxjbWwxYlM1cGJ6QU5CZ2txaGtpRzl3MEJBUXNGCkFBT0NBWUVBdWZRQUY3OXM3YzFnbVo5Q0lLQlNHa0hoK1NIMDFDdUtZbm5IaU1vd0hzVGlvRmFVQVFzZC9QNFgKYzJYQnFjMzRlVDNtQ3ZwZ1pqSGJqejZKbG5UWUp4dUx2VnFuVkIzZW10V3JiMWNRdmg4QnBoeHNwVGxTOHVpRQpBRWYvbmd0cHpmQS9mNGxwR2t6clEwY3lQa0VKR3o1MTFxOTdpdHpuOVJaWnpWVFp4TlZGU1AydlZoTk5RVnNXCk94YWtjdllSZ256OEFPUVMzT1BIajJGUWMzaWlic2hjdDVsZUl3WVpGY3hJTkdIUjZLTDYrL0xTZVBOQ0VNbUsKcXltVlBrUUdzSWNVNkdROWZ4YVN1NG1wK0lVQUxQcm9pekVWSThTVms1bk9tM0hJZXorWmZYaHpmbkd4MDZTSQo2TnVvUVFQcVVCZVplWG4yWUZZaGlwZVJkclF4dkEzNi9ZWGEvQWtYQ2VVMHBYeGJ0WEtjdmF0ZnJpNUtuWUpECmtINTlhK2FGa1RzbDQxdGZJMmNuUllWZGRxWFZsM096TGJjZ0FGTG4xV2VDMXh4M3hSWGk3S2xkb2tPbHZndisKQjZuYVdmQ3hSbFdaL2xzbUhhZTRrYzFXSDRLYzduSytJVGI0MEVralY2OC9BN2tyWnNOMVZjcU50cG9tWWtnRQp4alVFOFhVdQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
+      CERTIFICATE_AUTHORITY: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUUxekNDQXorZ0F3SUJBZ0lRWjEzOWNkL3BhUGRrUzJKeUF1N2tFREFOQmdrcWhraUc5dzBCQVFzRkFEQ0IKZ3pFZU1Cd0dBMVVFQ2hNVmJXdGpaWEowSUdSbGRtVnNiM0J0Wlc1MElFTkJNU3d3S2dZRFZRUUxEQ05qWVd4bApZa0JqWVd4bFlpMXdZeTFzYVc1MWVDQW9RMkZzWldJZ1JHOTRjMlY1S1RFek1ERUdBMVVFQXd3cWJXdGpaWEowCklHTmhiR1ZpUUdOaGJHVmlMWEJqTFd4cGJuVjRJQ2hEWVd4bFlpQkViM2h6WlhrcE1CNFhEVEl4TURneE1ERTMKTXpJd09Wb1hEVE14TURneE1ERTNNekl3T1Zvd2dZTXhIakFjQmdOVkJBb1RGVzFyWTJWeWRDQmtaWFpsYkc5dwpiV1Z1ZENCRFFURXNNQ29HQTFVRUN3d2pZMkZzWldKQVkyRnNaV0l0Y0dNdGJHbHVkWGdnS0VOaGJHVmlJRVJ2CmVITmxlU2t4TXpBeEJnTlZCQU1NS20xclkyVnlkQ0JqWVd4bFlrQmpZV3hsWWkxd1l5MXNhVzUxZUNBb1EyRnMKWldJZ1JHOTRjMlY1S1RDQ0FhSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnR1BBRENDQVlvQ2dnR0JBTmJLeU16NQpNVlc2WUtkamgxb0lOMU1uN1BFMnBINVNiSlNwV3hkQUdoZEJrQmtwQWE3T3hhcmpINUtWa0NUU2E3b25jbGE3CnFOdUpaUzZtQm1veEYrUitjUjNqeUdkVUFZbG96bDFqbGZxTElmQy8rZzdWN1ZtT0puOTh0akI0MmZhdHhMbDYKV1BBdzFKRE5zV3RRZmhLaGJjSHV0N1JzRjByTU9PSGN3eXdUUjdMT3lDbUllbDFwY21wVjRoYlZjVDZlVndvUApIWHlKU2E5Y3FhTVE1WHJkb2dhaTRJcVpaSUdMSGVMc1RWdXRPZ0pGWEVldmxYL1FUM3NXb21FY3R6aDM4SnM0CjlEaUFQRDZkNFk3L0NQTFlFZmsyOUpROU5aaHBnRHNpOWh1NUZISFpjWHdmMUlIbHcvQ0JWZ242aitqbXZLS3oKOTBNYTFvcXV2M1c2ZHR0aWQveENjTEd1MlMrOTZUenJ5a21veTVWYWNMdFZFUDQxWW1vVmxzOTFybG83b2xwZQpRV0Zibm1jbzczOVRJLzRoK0hvZG9scGVyUUVSUWw3dUNucEtWUFozV29rS3VSaDVwa3FrUXAvYXJRanR3Y1J0Ckc0M0NyRHBibCt1U2pNQ0F4aGE5NThlVFl2dG9qVE1udkx0c0dJRDFoR1hucWx3KzVLaktyZ1JIclFJREFRQUIKbzBVd1F6QU9CZ05WSFE4QkFmOEVCQU1DQWdRd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RQpGZ1FVaFlaWVdJQkh5azZaVlRucDNsUnQvdHlCUDAwd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFBMUYvYXByCmw2cE5UM01wL014aFVVZ282dXNFSkNyeUdRY0xSZmV4eVFYR04zaHVDbUlyUDU1VkZhOEVUUEF0anNyNlBNZTcKN3Z2RWo4ZUZ1Mkp0S292bFF3TmV3WVU5Y2pBTUNWYUZpTmJyUWEyMGh6aFdjMmpzNmR5aWxkRTYvRFB6YmVkcwpLREF4aEZOcDM1U2x3dFJ0S2sxU3p4SnhzcVN3amZ4SThmcCtSLzB3TzhnMGZXVGRNMmdDcFJ3WU1Od0pFTEVnCitkU2x2SkN3dXUrcnp4TGFsemFQRjFQTVRXNzJPRUxhbC9qNXNEKzJWeXRRNGsrSFVEYnl0MkRuUVQ3WVEzem8KcTAyeDJ1MnNtMVdXL28vdWg4cGpQeGtHUXFMMm1yeVpzNlZIOVZDVTNRa0tORHNzTmQ3MWxyM3dQb0U0WVJIZQpVdnpEMWVEZWVsekJVRk5JcERDamRDc0w1NXlJUHFVc3I2bG1qcEJQTDB2ZWEzM1FUTWJjc1N4dTB1bUdYRGJVCjY2anVVNFoxak9FMHdDbEl2YU82OTlKK0UyZ0JlMWpVTjZBdDZiOEJTb1pxQ3FYWW9ESEdlaTlSQlVkdmdxdG8Ka1Zzb0pmREkvVEZNZWtZZ3BMNVVWWW1MZGZncUxQUFJQOXBRQkxEeDNtc3plQXFudmZUSUNBemZYZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
+      CERTIFICATE_KEY: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUV2UUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQktjd2dnU2pBZ0VBQW9JQkFRQzhITEJBSXpYa1BlZWcKbGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PLwpFS2dDT0ZGeFVEcW9SODJpWTA2U2FjQWpIbmk2K1BPOXRWUmJGVjB3MTRCREFKU3BCK1Z2V3lsK0ZvUERWL3ZzClozMUZ0WXcrRXdxa2JEeC9rYVQ5dXpmK0xKZGxrZjE0blFRajhFa3kvOGQzbVdKYmIvOXRqT2JzYVFnSjVMTHgKQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUAptcW1rYXdVV3czZWtoajgwU0pnL1RLOVBSYU4vVnZjSTFQZ0FkN0xaenRVUmVTbVR5NWhkOXI2ck9CeHB4d25UCkR2SGtCbjZ2QWdNQkFBRUNnZ0VBQjI4aTBBWVVOU2IxSm5XRmJLenJ1VWN0dTN0Q05Yb3ZKZzZLM0JpUFZNa3EKRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBVwo4ZUplcVJMWkVmc1NTSk9YVEc3UmRHc240cUhGSjAwczJaVGxjSUhTUHduRm0rWGpKaTk5VThHNFhzVW9YbzByCkd5KzBWQ3VVN004Z0lDRUhIc3JRTzlYREQzblQyaml1NVRqckt3anV0M0Vtb0pzc0k1YnF4MzMrT0J1NUJwQ1AKQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVApiTGtMRnlXQk5UV1VaMlIvMnd4bXVvQzZtTFp3ODc5TUxDS012azFkb1FLQmdRRGhtd0dhZkpOeW1UaUVRWlJJClNzUXg0c2VxZk9LZmdGQzdvaHFIOWNST091OElKMW83cTJwTTJXNFhpVitTM3dUZFBHbWNhNklPalgyM2lzVkIKMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzNwpheHpsYU1yeEV1M0xJOVVFN050cmRRaUJ5UUtCZ1FEVmRJNmNlSVZCVDZSZ3ZWR3Q4emtMalBJRmpoUUVIQUlwCnVoaXJncXBTNkNYOUJseWYyK280MHptZmozaGU1ckNjRW9CNU1zZU0rRGdGYmNWaDJlL01WbllpTk53NkpDREIKQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleQp1QkhWQnYvNHR3S0JnSHdIdWVQeTVTVTFzMnFTbXpEN1djMkxQZll1M25DT0hOUnJGR2IyNk11UmZ1UmVyaTdyCjJHOFRnb0VTRnljcDBRVElOOCsxSk0wWFlLeE5jSkQ2QjhWMXdLYmJwUXN5bW5lSTFnanV0aUIvSWd3L1BrREsKQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWgpmTjJZZVlieVljYU0xMXAxVmlsdWxWVFZqWTNpL0ZaaURSNFNML0lHSldqTi9Temc0aVhZc0tGbXUrZHVsT1psCmNCQUxwRUtycXBtelhZdHJONmJzdjE4KzVlTzNxR2JLMkRyRXEzZVdWZXYyS29UTW9ieHo3ZysrWEJJV0ptTEEKSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkUwpLcmx0d21vZEhpcVhOYlZrd2JXMUFGUEpiaVlhaTRZRmZLNElBYmlmL1lteGY5Rzc4YU9rcjlacENJek9rRFBaCllwRXdRR1dzQWhFbENGdmM4RS81ZEhFU1NwK3RXdFArTmx1aW1wRnFpRGczL1NVbk13TzJ4SDBuaExhMHplamgKZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9Ci0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K
+      COOKIE_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      DATABROKER_STORAGE_CONNECTION_STRING: redis://redis:6379
+      DATABROKER_STORAGE_TYPE: redis
+      ENVOY_ADMIN_ADDRESS: 0.0.0.0:9901
+      FORWARD_AUTH_URL: https://forward-authenticate.localhost.pomerium.io
+      GOOGLE_CLOUD_SERVERLESS_AUTHENTICATION_SERVICE_ACCOUNT: ewoiYXV0aF9wcm92aWRlcl94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImF1dGhfdXJpIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKImNsaWVudF9lbWFpbCI6ICJyZWRhY3RlZEBwb21lcml1bS1yZWRhY3RlZC5pYW0uZ3NlcnZpY2VhY2NvdW50LmNvbSIsCiJjbGllbnRfaWQiOiAiMTAxMjE1OTkwNDU4MDAwMzM0Mzg3IiwKImNsaWVudF94NTA5X2NlcnRfdXJsIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0IiwKInByaXZhdGVfa2V5IjogIi0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLVxuTUlJRXZRSUJBREFOQmdrcWhraUc5dzBCQVFFRkFBU0NCS2N3Z2dTakFnRUFBb0lCQVFDOEhMQkFJelhrUGVlZ1xubGRVZlJLSzJqUXhTVlpENWcrcXNqQXpwbXJxL0F0bXdlSzFjR2NPdFo2ZU9MK3A4YnJQRHlWaERUMFFsSS9PL1xuRUtnQ09GRnhVRHFvUjgyaVkwNlNhY0FqSG5pNitQTzl0VlJiRlYwdzE0QkRBSlNwQitWdld5bCtGb1BEVi92c1xuWjMxRnRZdytFd3FrYkR4L2thVDl1emYrTEpkbGtmMTRuUVFqOEVreS84ZDNtV0piYi85dGpPYnNhUWdKNUxMeFxuQ1lkSW1rcjc3WDJMTXVEdy8xdHBINjQyR0UyNU5yZ202UUhseUtTZllYbzM4djgzZWJFcWJaVURHK1ppb0FyUFxubXFta2F3VVd3M2VraGo4MFNKZy9USzlQUmFOL1Z2Y0kxUGdBZDdMWnp0VVJlU21UeTVoZDlyNnJPQnhweHduVFxuRHZIa0JuNnZBZ01CQUFFQ2dnRUFCMjhpMEFZVU5TYjFKbldGYkt6cnVVY3R1M3RDTlhvdkpnNkszQmlQVk1rcVxuRFQxWHJKSWdGNVJISE9scjNPc0xFNnU3WHoyY3RkTUw2UHNoaUtUdEl3dEdwaXZnUnBDaUpFc2xtcjJ6aThBV1xuOGVKZXFSTFpFZnNTU0pPWFRHN1JkR3NuNHFIRkowMHMyWlRsY0lIU1B3bkZtK1hqSmk5OVU4RzRYc1VvWG8wclxuR3krMFZDdVU3TThnSUNFSEhzclFPOVhERDNuVDJqaXU1VGpyS3dqdXQzRW1vSnNzSTVicXgzMytPQnU1QnBDUFxuQ1Q0NzNENDNQOXAzcWkvWG5mdnFHU0cyT2o0T2FqVjRmcjBvOUIzS3ZJeGtNZW03V2xJM2p5eTFrQXB5WHFWVFxuYkxrTEZ5V0JOVFdVWjJSLzJ3eG11b0M2bUxadzg3OU1MQ0tNdmsxZG9RS0JnUURobXdHYWZKTnltVGlFUVpSSVxuU3NReDRzZXFmT0tmZ0ZDN29ocUg5Y1JPT3U4SUoxbzdxMnBNMlc0WGlWK1Mzd1RkUEdtY2E2SU9qWDIzaXNWQlxuMnVxTmk5UzRNbkkyL2QyMkdkL0JSOXJ2QncxZUdKb0ticld4MjJmRThRQ0VXVDFBbk8rRHVEMGpDODV5UmxzN1xuYXh6bGFNcnhFdTNMSTlVRTdOdHJkUWlCeVFLQmdRRFZkSTZjZUlWQlQ2Umd2Vkd0OHprTGpQSUZqaFFFSEFJcFxudWhpcmdxcFM2Q1g5Qmx5ZjIrbzQwem1majNoZTVyQ2NFb0I1TXNlTStEZ0ZiY1ZoMmUvTVZuWWlOTnc2SkNEQlxuQlFrRjQwOHBacFNlS1h2TC9veVYva0ltTVRKL3RVRFkwRVh4TXdTUEpCMFdsdGJXcmVWSUhvcGlnWFJDYmFleVxudUJIVkJ2LzR0d0tCZ0h3SHVlUHk1U1UxczJxU216RDdXYzJMUGZZdTNuQ09ITlJyRkdiMjZNdVJmdVJlcmk3clxuMkc4VGdvRVNGeWNwMFFUSU44KzFKTTBYWUt4TmNKRDZCOFYxd0tiYnBRc3ltbmVJMWdqdXRpQi9JZ3cvUGtES1xuQ0w0VlA0RjRkYTVOV1cxeVdnTnlnTG9KdlovNXFpS0tpc0pjMEdXazRIS3o2bUxnek9qUTJMSnhBb0dCQUxIWlxuZk4yWWVZYnlZY2FNMTFwMVZpbHVsVlRWalkzaS9GWmlEUjRTTC9JR0pXak4vU3pnNGlYWXNLRm11K2R1bE9abFxuY0JBTHBFS3JxcG16WFl0ck42YnN2MTgrNWVPM3FHYksyRHJFcTNlV1ZldjJLb1RNb2J4ejdnKytYQklXSm1MQVxuSGhhYTZJaVBrWUQ1eXlWeUhLRGJlWGdiM285ZXFDUjd3N2ZZTGp5L0FvR0FJNEQrTUZraXZ3VUY3aHFmNWVkU1xuS3JsdHdtb2RIaXFYTmJWa3diVzFBRlBKYmlZYWk0WUZmSzRJQWJpZi9ZbXhmOUc3OGFPa3I5WnBDSXpPa0RQWlxuWXBFd1FHV3NBaEVsQ0Z2YzhFLzVkSEVTU3ArdFd0UCtObHVpbXBGcWlEZzMvU1VuTXdPMnhIMG5oTGEwemVqaFxuZ21MaDR3L0NjUHliOVp5WGNlV1UvblU9XG4tLS0tLUVORCBQUklWQVRFIEtFWS0tLS0tXG4iLAoicHJpdmF0ZV9rZXlfaWQiOiAiZTA3ZjdjOTM4NzBjN2UwM2Y4ODM1NjBlY2Q4ZmQwZjRkMjdiMDA4MSIsCiJwcm9qZWN0X2lkIjogInBvbWVyaXVtLXJlZGFjdGVkIiwKInRva2VuX3VyaSI6ICJodHRwOi8vbW9jay1pZHA6ODAyNC90b2tlbiIsCiJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIKfQ==
+      IDP_CLIENT_ID: CLIENT_ID
+      IDP_CLIENT_SECRET: CLIENT_SECRET
+      IDP_PROVIDER: ping
+      IDP_PROVIDER_URL: https://mock-idp.localhost.pomerium.io/
+      JWT_CLAIMS_HEADERS: email,groups,user
+      LOG_LEVEL: info
+      POLICY: Wwp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vbW9jay1pZHAubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly9tb2NrLWlkcDo4MDI0Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZW52b3kubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly9sb2NhbGhvc3Q6OTkwMSIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vdmVyaWZ5LmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoidG8iOiAiaHR0cDovL3ZlcmlmeTo4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiYWxsb3dfd2Vic29ja2V0cyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vd2Vic29ja2V0LWVjaG8ubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHA6Ly93ZWJzb2NrZXQtZWNobzo4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXVpLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJ0byI6ICJodHRwczovL2ZvcnRpbzo4MDgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRsc19jdXN0b21fY2EiOiAiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVVXhla05EUVhvclowRjNTVUpCWjBsUldqRXpPV05rTDNCaFVHUnJVekpLZVVGMU4ydEZSRUZPUW1kcmNXaHJhVWM1ZHpCQ1FWRnpSa0ZFUTBJS1ozcEZaVTFDZDBkQk1WVkZRMmhOVm1KWGRHcGFXRW93U1VkU2JHUnRWbk5pTTBKMFdsYzFNRWxGVGtKTlUzZDNTMmRaUkZaUlVVeEVRMDVxV1ZkNGJBcFphMEpxV1ZkNGJGbHBNWGRaZVRGellWYzFNV1ZEUVc5Uk1rWnpXbGRKWjFKSE9UUmpNbFkxUzFSRmVrMUVSVWRCTVZWRlFYZDNjV0pYZEdwYVdFb3dDa2xIVG1oaVIxWnBVVWRPYUdKSFZtbE1XRUpxVEZkNGNHSnVWalJKUTJoRVdWZDRiRmxwUWtWaU0yaDZXbGhyY0UxQ05GaEVWRWw0VFVSbmVFMUVSVE1LVFhwSmQwOVdiMWhFVkUxNFRVUm5lRTFFUlROTmVrbDNUMVp2ZDJkWlRYaElha0ZqUW1kT1ZrSkJiMVJHVnpGeVdUSldlV1JEUW10YVdGcHNZa2M1ZHdwaVYxWjFaRU5DUkZGVVJYTk5RMjlIUVRGVlJVTjNkMnBaTWtaeldsZEtRVmt5Um5OYVYwbDBZMGROZEdKSGJIVmtXR2RuUzBWT2FHSkhWbWxKUlZKMkNtVklUbXhsVTJ0NFRYcEJlRUpuVGxaQ1FVMU5TMjB4Y2xreVZubGtRMEpxV1ZkNGJGbHJRbXBaVjNoc1dXa3hkMWw1TVhOaFZ6VXhaVU5CYjFFeVJuTUtXbGRKWjFKSE9UUmpNbFkxUzFSRFEwRmhTWGRFVVZsS1MyOWFTV2gyWTA1QlVVVkNRbEZCUkdkblIxQkJSRU5EUVZsdlEyZG5SMEpCVG1KTGVVMTZOUXBOVmxjMldVdGthbWd4YjBsT01VMXVOMUJGTW5CSU5WTmlTbE53VjNoa1FVZG9aRUpyUW10d1FXRTNUM2hoY21wSU5VdFdhME5VVTJFM2IyNWpiR0UzQ25GT2RVcGFVelp0UW0xdmVFWXJVaXRqVWpOcWVVZGtWVUZaYkc5NmJERnFiR1p4VEVsbVF5OHJaemRXTjFadFQwcHVPVGgwYWtJME1tWmhkSGhNYkRZS1YxQkJkekZLUkU1elYzUlJabWhMYUdKalNIVjBOMUp6UmpCeVRVOVBTR04zZVhkVVVqZE1UM2xEYlVsbGJERndZMjF3VmpSb1lsWmpWRFpsVm5kdlVBcElXSGxLVTJFNVkzRmhUVkUxV0hKa2IyZGhhVFJKY1ZwYVNVZE1TR1ZNYzFSV2RYUlBaMHBHV0VWbGRteFlMMUZVTTNOWGIyMUZZM1I2YURNNFNuTTBDamxFYVVGUVJEWmtORmszTDBOUVRGbEZabXN5T1VwUk9VNWFhSEJuUkhOcE9XaDFOVVpJU0ZwaldIZG1NVWxJYkhjdlEwSldaMjQyYWl0cWJYWkxTM29LT1RCTllURnZjWFYyTTFjMlpIUjBhV1F2ZUVOalRFZDFNbE1yT1RaVWVuSjVhMjF2ZVRWV1lXTk1kRlpGVURReFdXMXZWbXh6T1RGeWJHODNiMnh3WlFwUlYwWmlibTFqYnpjek9WUkpMelJvSzBodlpHOXNjR1Z5VVVWU1VXdzNkVU51Y0V0V1VGb3pWMjlyUzNWU2FEVndhM0ZyVVhBdllYSlJhblIzWTFKMENrYzBNME55UkhCaWJDdDFVMnBOUTBGNGFHRTVOVGhsVkZsMmRHOXFWRTF1ZGt4MGMwZEpSREZvUjFodWNXeDNLelZMYWt0eVoxSkljbEZKUkVGUlFVSUtiekJWZDFGNlFVOUNaMDVXU0ZFNFFrRm1PRVZDUVUxRFFXZFJkMFZuV1VSV1VqQlVRVkZJTDBKQlozZENaMFZDTDNkSlFrRkVRV1JDWjA1V1NGRTBSUXBHWjFGVmFGbGFXVmRKUWtoNWF6WmFWbFJ1Y0ROc1VuUXZkSGxDVURBd2QwUlJXVXBMYjFwSmFIWmpUa0ZSUlV4Q1VVRkVaMmRIUWtGQk1VWXZZWEJ5Q213MmNFNVVNMDF3TDAxNGFGVlZaMjgyZFhORlNrTnllVWRSWTB4U1ptVjRlVkZZUjA0emFIVkRiVWx5VURVMVZrWmhPRVZVVUVGMGFuTnlObEJOWlRjS04zWjJSV280WlVaMU1rcDBTMjkyYkZGM1RtVjNXVlU1WTJwQlRVTldZVVpwVG1KeVVXRXlNR2g2YUZkak1tcHpObVI1YVd4a1JUWXZSRkI2WW1Wa2N3cExSRUY0YUVaT2NETTFVMngzZEZKMFMyc3hVM3A0U25oemNWTjNhbVo0U1RobWNDdFNMekIzVHpobk1HWlhWR1JOTW1kRGNGSjNXVTFPZDBwRlRFVm5DaXRrVTJ4MlNrTjNkWFVyY25wNFRHRnNlbUZRUmpGUVRWUlhOekpQUlV4aGJDOXFOWE5FS3pKV2VYUlJOR3NyU0ZWRVlubDBNa1J1VVZRM1dWRXplbThLY1RBeWVESjFNbk50TVZkWEwyOHZkV2c0Y0dwUWVHdEhVWEZNTW0xeWVWcHpObFpJT1ZaRFZUTlJhMHRPUkhOelRtUTNNV3h5TTNkUWIwVTBXVkpJWlFwVmRucEVNV1ZFWldWc2VrSlZSazVKY0VSRGFtUkRjMHcxTlhsSlVIRlZjM0kyYkcxcWNFSlFUREIyWldFek0xRlVUV0pqYzFONGRUQjFiVWRZUkdKVkNqWTJhblZWTkZveGFrOUZNSGREYkVsMllVODJPVGxLSzBVeVowSmxNV3BWVGpaQmREWmlPRUpUYjFweFEzRllXVzlFU0VkbGFUbFNRbFZrZG1keGRHOEthMVp6YjBwbVJFa3ZWRVpOWld0WlozQk1OVlZXV1cxTVpHWm5jVXhRVUZKUU9YQlJRa3hFZUROdGMzcGxRWEZ1ZG1aVVNVTkJlbVpZWnowOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyIsCiJ0bHNfc2VydmVyX25hbWUiOiAiZm9ydGlvLXBpbmcubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vZm9ydGlvOjgwNzkiCn0sCnsKImFsbG93X2FueV9hdXRoZW50aWNhdGVkX3VzZXIiOiB0cnVlLAoiZnJvbSI6ICJ0Y3AraHR0cHM6Ly9yZWRpcy5sb2NhbGhvc3QucG9tZXJpdW0uaW86NjM3OSIsCiJ0byI6ICJ0Y3A6Ly9yZWRpczo2Mzc5Igp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1za2lwLXZlcmlmeS1lbmFibGVkIiwKInRsc19za2lwX3ZlcmlmeSI6IHRydWUsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2tpcC12ZXJpZnktZGlzYWJsZWQiLAoidGxzX3NraXBfdmVyaWZ5IjogZmFsc2UsCiJ0byI6ICJodHRwczovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtc2VydmVyLW5hbWUtZW5hYmxlZCIsCiJ0bHNfc2VydmVyX25hbWUiOiAiaHR0cGRldGFpbHMubG9jYWxob3N0Lm5vdHBvbWVyaXVtLmlvIiwKInRvIjogImh0dHBzOi8vd3JvbmdseS1uYW1lZC1odHRwZGV0YWlsczo4NDQzIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhdGgiOiAiL3Rscy1zZXJ2ZXItbmFtZS1kaXNhYmxlZCIsCiJ0byI6ICJodHRwczovL3dyb25nbHktbmFtZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWVuYWJsZWQiLAoidGxzX2N1c3RvbV9jYSI6ICJMUzB0TFMxQ1JVZEpUaUJEUlZKVVNVWkpRMEZVUlMwdExTMHRDazFKU1VVeVJFTkRRVEJEWjBGM1NVSkJaMGxTUVV4a09VZGhTbEk1TW5GcE4zRk1NV1ZJUjAwMlN6QjNSRkZaU2t0dldrbG9kbU5PUVZGRlRFSlJRWGNLWjFsTmVFaHFRV05DWjA1V1FrRnZWRVpYTVhKWk1sWjVaRU5DYTFwWVdteGlSemwzWWxkV2RXUkRRa1JSVkVWelRVTnZSMEV4VlVWRGQzZHFXVEpHY3dwYVYwcEJXVEpHYzFwWFNYUmpSMDEwWWtkc2RXUllaMmRMUlU1b1lrZFdhVWxGVW5abFNFNXNaVk5yZUUxNlFYaENaMDVXUWtGTlRVdHRNWEpaTWxaNUNtUkRRbXBaVjNoc1dXdENhbGxYZUd4WmFURjNXWGt4YzJGWE5URmxRMEZ2VVRKR2MxcFhTV2RTUnprMFl6SldOVXRVUVdWR2R6QjVUVlJCTkUxVVJYa0tUVlJWTWsxVVFtRkdkekI2VFZSQk5FMVVSWGxOVkZVeVRWUkNZVTFKUjBSTlVqUjNTRUZaUkZaUlVVdEZlRlowWVRKT2JHTnVVV2RhUjFZeVdsZDRkZ3BqUnpGc1ltNVJaMUV3UlhoTVJFRnhRbWRPVmtKQmMwMUpNazVvWWtkV2FWRkhUbWhpUjFacFRGaENha3hYZUhCaWJsWTBTVU5vUkZsWGVHeFphVUpGQ21JemFIcGFXR3R3VFZSTmQwMVJXVVJXVVZGRVJFTndkR0V5VG14amJsRm5XVEpHYzFwWFNrRlpNa1p6V2xkSmRHTkhUWFJpUjJ4MVpGaG5aMHRGVG1nS1lrZFdhVWxGVW5abFNFNXNaVk5yZDJkblIybE5RVEJIUTFOeFIxTkpZak5FVVVWQ1FWRlZRVUUwU1VKcWQwRjNaMmRIUzBGdlNVSm5VVVJYV1hCV1pRcENVMjVsWlRKalFVSlpiMlpUYjFkNFIwMTVSbUZOVVRCdVNtdFpNRlZYVFRsamEzbFZhRGRXWm1kT0t5OWhSbE5YTWxwVGJWaDFkalZrY21Od2FUSXdDbm96Wld4b1VGUmxPVGhpUVU1aWFpc3ZZbWt3TURFMVVWZHVUV1Z1U3pBMVdrczJjVVIwUm5kdkwwaFdReTlaWTJGeWRYVTVOaXN4U2pKMGIyVlhkVVVLZEhsclZ6Tk5RM0JETVhCSVdWTTFaemxwVmtScmNHUnllbTUyV0V0c1dYVlRhV3RxY21vM1N6VjBiMmxVZG5WdE9UZE1lRXRyZFdvMlJGaHFZWEJRUkFvMWRuUmxVMDR4WkZGblR6bERVek56Y1d4amQxbEJObEpxVlVoM1dUSldSV2d5WVdSUU16ZENXbkphZDA4cmVVcHhPWEZHTlhrMVIyeG5hVGhzVGpSakNrdHNTV3hHVlhNdmVGTndVWE40VG1KT1VWaDBUamx0YXpScGJWbHNXa2Q2V1ZsaVltMHJabTlDVmxCUVltOWhOV3BXZDB0RWNGbzJOVzFQY3pkS1IxQUtObmxxS3pkV04xVkNUVVp3Vnl0blMyMUtkR2RvTDJ0clFYZ3hPRFZvT1ROeGQweEdVR000TDFRM2Jpc3JVREZpZFN0bVlXdFlVRWRRUlRJeGNrUmxUQXBRYmxWdGRXTkpXbkJLYnpWT2NGbFdVWFkwVjNaVVMzRXZlazFTT1ZOemNIb3lVRVpLYmtWU1ZHWlVkbkVyUmpGeE0xcE9ZV1pGZW1sUWMwSTViMlZUQ201cWVIZHRZVnBQVTFZd2RsaHhMM0ZsYjNGNE5IWTJUVUo2VmtGWk1DODRVakpNWTNCS05IVm5NRTlhTTNjd1lqSjBObmx2T0RaUU5WRTRRMEYzUlVFS1FXRk9SazFGVFhkRVoxbEVWbEl3VUVGUlNDOUNRVkZFUVdkSlJVMUNTVWRCTVZWa1JYZEZRaTkzVVVsTlFWbENRV1k0UTBGUlFYZElVVmxFVmxJd1R3cENRbGxGUmt4aldUaEZiMDV2WmsxamNuSjRlbmw0U1c0elZ6WmFUMDFXV0UxQk1FZERVM0ZIVTBsaU0wUlJSVUpEZDFWQlFUUkpRbWRSUTFwNlJFTjJDa3RKU0ZnelIzWnFUbE5aTlhjMVlrOXVORVV6ZHpkUlNGQXdPVUZDYWxRdmQzVlVORXhFYTFwSVNrMXRiSEpNYnpOek9HSmpjMUV3YzAxRU1Wa3ZMeThLY3pBM1kzQTBlRmxzY1VRM1FrRXdRV053ZGxsV1dYRTFPSGhMZUhOdlEzZFdXRzFITldORlpVOXZXbTFYWmpOeFdUSnRVemhsVnprMmRrOUdjbVJKWWdwTU5FOUdOSGhaVlU5TlVuRkJUMGRCUVhJMlZteFBOMmRZWVRRd05raDZjbk5CTVdoWlduZHlaVmhvVDFSRFdscFFXazlWYmtGMU1EVlRTRVprWjJGTkNsUktUa0l2YnpBeGRIQjNVV3h5VkhoT2JXWnliM0J2VDNwNWRYWklNSHBWTWxKeVRYTXdLMFZpVDNWRE5FRXlZMUU0TTBSSlJuaDJjVFkzYkhsVk1FRUtjekZSTm5SU1RUQXJWVVJ0U2s5TWVqTlRaR2RPSzBRd01HaGpkWFZxT1RKSFZqUmlTRGhDWm5sVmRqaE9RMWt3ZGtScGFqQlVVMnBxTkdNMFVYUmpOd3BKVUV4VVdqSm5OVFExYjJONmFFNW5RVzFVTjJRclFqVkpibmxtYVZOSlMyVnRXSEZsY3pKcWNHbEJabnBRVG13NVFsWjRjMkZyWTNNdldYcHZXWE14Q2l0eFZHcEJWM1ZoUkhOTGIyaEZiazgwUWtwMWVuWXdlSEpqWlRRd1pXNVNaMWg1UjBkR2RsaDFNbk0wUmxreWRrcHhWRk52Tm5selJGZHVhRWt6VEZjS1pHTm5Oazh5UmpSQlVFTkhSMlUzZW5OMWNXbHhhM0JqYTI1Q1lXSm5la1Z6T1dadlNIRXliV1p2TjFocFJYcGxaRTFPT0VKT2NXWlRZa0U5Q2kwdExTMHRSVTVFSUVORlVsUkpSa2xEUVZSRkxTMHRMUzBLIiwKInRsc19zZXJ2ZXJfbmFtZSI6ICJodHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cHM6Ly91bnRydXN0ZWQtaHR0cGRldGFpbHM6ODQ0MyIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXRoIjogIi90bHMtY3VzdG9tLWNhLWRpc2FibGVkIiwKInRvIjogImh0dHBzOi8vdW50cnVzdGVkLWh0dHBkZXRhaWxzOjg0NDMiCn0sCnsKImNvcnNfYWxsb3dfcHJlZmxpZ2h0IjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWVuYWJsZWQiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiY29yc19hbGxvd19wcmVmbGlnaHQiOiBmYWxzZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9jb3JzLWRpc2FibGVkIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1lbmFibGVkIiwKInByZXNlcnZlX2hvc3RfaGVhZGVyIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicHJlZml4IjogIi9wcmVzZXJ2ZS1ob3N0LWhlYWRlci1kaXNhYmxlZCIsCiJwcmVzZXJ2ZV9ob3N0X2hlYWRlciI6IGZhbHNlLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfYW55X2F1dGhlbnRpY2F0ZWRfdXNlciI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vcmVzdHJpY3RlZC1odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfZG9tYWlucyI6IFsKImRvZ3MudGVzdCIKXSwKImZyb20iOiAiaHR0cHM6Ly9odHRwZGV0YWlscy5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoicGFzc19pZGVudGl0eV9oZWFkZXJzIjogdHJ1ZSwKInByZWZpeCI6ICIvYnktZG9tYWluIiwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93ZWRfdXNlcnMiOiBbCiJ1c2VyMUBkb2dzLnRlc3QiCl0sCiJmcm9tIjogImh0dHBzOi8vaHR0cGRldGFpbHMubG9jYWxob3N0LnBvbWVyaXVtLmlvIiwKInBhc3NfaWRlbnRpdHlfaGVhZGVycyI6IHRydWUsCiJwcmVmaXgiOiAiL2J5LXVzZXIiLAoidG8iOiAiaHR0cDovL3RydXN0ZWQtaHR0cGRldGFpbHM6ODA4MCIKfSwKewoiYWxsb3dfcHVibGljX3VuYXV0aGVudGljYXRlZF9hY2Nlc3MiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2h0dHBkZXRhaWxzLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIlgtQ3VzdG9tLVJlcXVlc3QtSGVhZGVyIjogImN1c3RvbS1yZXF1ZXN0LWhlYWRlci12YWx1ZSIKfSwKInRvIjogImh0dHA6Ly90cnVzdGVkLWh0dHBkZXRhaWxzOjgwODAiCn0sCnsKImFsbG93X3B1YmxpY191bmF1dGhlbnRpY2F0ZWRfYWNjZXNzIjogdHJ1ZSwKImFsbG93X3dlYnNvY2tldHMiOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2VuYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJmcm9tIjogImh0dHBzOi8vZGlzYWJsZWQtd3MtZWNoby5sb2NhbGhvc3QucG9tZXJpdW0uaW8iLAoidG8iOiAiaHR0cDovL3dlYnNvY2tldC1lY2hvOjgwIgp9LAp7CiJhbGxvd19wdWJsaWNfdW5hdXRoZW50aWNhdGVkX2FjY2VzcyI6IHRydWUsCiJlbmFibGVfZ29vZ2xlX2Nsb3VkX3NlcnZlcmxlc3NfYXV0aGVudGljYXRpb24iOiB0cnVlLAoiZnJvbSI6ICJodHRwczovL2Nsb3VkcnVuLmxvY2FsaG9zdC5wb21lcml1bS5pbyIsCiJwYXNzX2lkZW50aXR5X2hlYWRlcnMiOiB0cnVlLAoic2V0X3JlcXVlc3RfaGVhZGVycyI6IHsKIngtaWRwIjogInBpbmciCn0sCiJ0byI6ICJodHRwOi8vdHJ1c3RlZC1odHRwZGV0YWlsczo4MDgwIgp9Cl0=
+      SHARED_SECRET: UYgnt8bxxK5G2sFaNzyqi5Z+OgF8m2akNc0xdQx718w=
+      SIGNING_KEY: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSVBSR1d3TGg3NW5OWG5razM3ekRmTjhvbkx3ZkNpYUxQVEQrbmM4THg1aGNvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa3BCa08wVEttaDRKZFFmTE9lZU1kNTNLbmdhMVdkUVhyNUZjZXBrK2RMVktkVkt4WENHcQpoMW9qdWh1VzExR0lvT3pTOUdvU0tsTlZTUkZXVkVXRHZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
+      SIGNING_KEY_ALGORITHM: ES256
+    image: pomerium/pomerium:${POMERIUM_TAG:-master}
+    networks:
+      main:
+        aliases:
+        - pomerium
+        - authenticate.localhost.pomerium.io
+        - forward-authenticate.localhost.pomerium.io
+  pomerium-ready:
+    command:
+    - -wait
+    - https://pomerium:443/healthz
+    - -timeout
+    - 10m
+    depends_on:
+      fortio-ready:
+        condition: service_completed_successfully
+      mock-idp-ready:
+        condition: service_completed_successfully
+      redis-ready:
+        condition: service_completed_successfully
+      trusted-httpdetails-ready:
+        condition: service_completed_successfully
+      untrusted-httpdetails-ready:
+        condition: service_completed_successfully
+      verify-ready:
+        condition: service_completed_successfully
+      websocket-echo-ready:
+        condition: service_completed_successfully
+      wrongly-named-httpdetails-ready:
+        condition: service_completed_successfully
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - pomerium-ready
+  redis:
+    image: redis:6.2.5-alpine
+    networks:
+      main:
+        aliases:
+        - redis
+  redis-ready:
+    command:
+    - -wait
+    - tcp://redis:6379
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - redis-ready
+  traefik:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      {
+        "accessLog": {
+
+        },
+        "api": {
+          "insecure": true
+        },
+        "entryPoints": {
+          "web": {
+            "address": ":80",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          },
+          "websecure": {
+            "address": ":443",
+            "forwardedheaders": {
+              "insecure": true
+            }
+          }
+        },
+        "global": {
+          "checkNewVersion": false,
+          "sendAnonymousUsage": false
+        },
+        "log": {
+          "level": "DEBUG"
+        },
+        "providers": {
+          "file": {
+            "filename": "traefik-dynamic.yaml"
+          }
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      {
+        "http": {
+          "middlewares": {
+            "authz": {
+              "forwardAuth": {
+                "address": "https://forward-authenticate.localhost.pomerium.io",
+                "authResponseHeaders": [
+                  "x-pomerium-jwt-assertion",
+                  "x-pomerium-claim-email",
+                  "authorization"
+                ],
+                "tls": {
+                  "insecureSkipVerify": true
+                },
+                "trustForwardHeader": true
+              }
+            },
+            "set-request-headers-20": {
+              "headers": {
+                "customRequestHeaders": {
+                  "X-Custom-Request-Header": "custom-request-header-value"
+                }
+              }
+            },
+            "set-request-headers-23": {
+              "headers": {
+                "customRequestHeaders": {
+                  "x-idp": "ping"
+                }
+              }
+            }
+          },
+          "routers": {
+            "route0": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`mock-idp.localhost.pomerium.io`)",
+              "service": "route0",
+              "tls": {
+
+              }
+            },
+            "route1": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`envoy.localhost.pomerium.io`)",
+              "service": "route1",
+              "tls": {
+
+              }
+            },
+            "route10": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-disabled`)",
+              "service": "route10",
+              "tls": {
+
+              }
+            },
+            "route11": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-enabled`)",
+              "service": "route11",
+              "tls": {
+
+              }
+            },
+            "route12": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-custom-ca-disabled`)",
+              "service": "route12",
+              "tls": {
+
+              }
+            },
+            "route13": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-enabled`)",
+              "service": "route13",
+              "tls": {
+
+              }
+            },
+            "route14": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/cors-disabled`)",
+              "service": "route14",
+              "tls": {
+
+              }
+            },
+            "route15": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-enabled`)",
+              "service": "route15",
+              "tls": {
+
+              }
+            },
+            "route16": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/preserve-host-header-disabled`)",
+              "service": "route16",
+              "tls": {
+
+              }
+            },
+            "route17": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`restricted-httpdetails.localhost.pomerium.io`)",
+              "service": "route17",
+              "tls": {
+
+              }
+            },
+            "route18": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-domain`)",
+              "service": "route18",
+              "tls": {
+
+              }
+            },
+            "route19": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && PathPrefix(`/by-user`)",
+              "service": "route19",
+              "tls": {
+
+              }
+            },
+            "route2": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`verify.localhost.pomerium.io`)",
+              "service": "route2",
+              "tls": {
+
+              }
+            },
+            "route20": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-20"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`)",
+              "service": "route20",
+              "tls": {
+
+              }
+            },
+            "route21": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`enabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route21",
+              "tls": {
+
+              }
+            },
+            "route22": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`disabled-ws-echo.localhost.pomerium.io`)",
+              "service": "route22",
+              "tls": {
+
+              }
+            },
+            "route23": {
+              "middlewares": [
+                "authz",
+                "set-request-headers-23"
+              ],
+              "rule": "Host(`cloudrun.localhost.pomerium.io`)",
+              "service": "route23",
+              "tls": {
+
+              }
+            },
+            "route24": {
+              "middlewares": [
+
+              ],
+              "rule": "Host(`authenticate.localhost.pomerium.io`)",
+              "service": "route24",
+              "tls": {
+
+              }
+            },
+            "route3": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`websocket-echo.localhost.pomerium.io`)",
+              "service": "route3",
+              "tls": {
+
+              }
+            },
+            "route4": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ui.localhost.pomerium.io`)",
+              "service": "route4",
+              "tls": {
+
+              }
+            },
+            "route5": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`fortio-ping.localhost.pomerium.io`)",
+              "service": "route5",
+              "tls": {
+
+              }
+            },
+            "route6": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`redis.localhost.pomerium.io:6379`)",
+              "service": "route6",
+              "tls": {
+
+              }
+            },
+            "route7": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-enabled`)",
+              "service": "route7",
+              "tls": {
+
+              }
+            },
+            "route8": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-skip-verify-disabled`)",
+              "service": "route8",
+              "tls": {
+
+              }
+            },
+            "route9": {
+              "middlewares": [
+                "authz"
+              ],
+              "rule": "Host(`httpdetails.localhost.pomerium.io`) && Path(`/tls-server-name-enabled`)",
+              "service": "route9",
+              "tls": {
+
+              }
+            }
+          },
+          "serversTransports": {
+            "insecure": {
+              "insecureSkipVerify": true
+            }
+          },
+          "services": {
+            "route0": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://mock-idp:8024"
+                  }
+                ]
+              }
+            },
+            "route1": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://localhost:9901"
+                  }
+                ]
+              }
+            },
+            "route10": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route11": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route12": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://untrusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route13": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route14": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route15": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route16": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route17": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route18": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route19": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route2": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://verify:80"
+                  }
+                ]
+              }
+            },
+            "route20": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route21": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route22": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route23": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://trusted-httpdetails:8080"
+                  }
+                ]
+              }
+            },
+            "route24": {
+              "loadBalancer": {
+                "passHostHeader": true,
+                "servers": [
+                  {
+                    "url": "https://pomerium:443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route3": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "http://websocket-echo:80"
+                  }
+                ]
+              }
+            },
+            "route4": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8080"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route5": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://fortio:8079"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route6": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "tcp://redis:6379"
+                  }
+                ]
+              }
+            },
+            "route7": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route8": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://trusted-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            },
+            "route9": {
+              "loadBalancer": {
+                "passHostHeader": false,
+                "servers": [
+                  {
+                    "url": "https://wrongly-named-httpdetails:8443"
+                  }
+                ],
+                "serversTransport": "insecure"
+              }
+            }
+          }
+        },
+        "tls": {
+          "certificates": [
+            {
+              "certFile": "_wildcard.localhost.pomerium.io.pem",
+              "keyFile": "_wildcard.localhost.pomerium.io-key.pem"
+            }
+          ]
+        }
+      }
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    depends_on:
+      pomerium:
+        condition: service_started
+    image: traefik:latest
+    networks:
+      main:
+        aliases:
+        - traefik
+        - authenticate.localhost.pomerium.io
+        - mock-idp.localhost.pomerium.io
+    ports:
+    - 80:80/tcp
+    - 443:443/tcp
+  trusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKNaEqCmmZfhmcYgZy01WCswDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTAx
+      NzMyMTBaFw0yMzExMTAxODMyMTBaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8
+      HLBAIzXkPeegldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPD
+      yVhDT0QlI/O/EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+Vv
+      Wyl+FoPDV/vsZ31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9t
+      jObsaQgJ5LLxCYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEq
+      bZUDG+ZioArPmqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd
+      9r6rOBxpxwnTDvHkBn6vAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAufQAF79s7c1gmZ9CIKBSGkHh+SH01CuKYnnHiMowHsTioFaUAQsd/P4X
+      c2XBqc34eT3mCvpgZjHbjz6JlnTYJxuLvVqnVB3emtWrb1cQvh8BphxspTlS8uiE
+      AEf/ngtpzfA/f4lpGkzrQ0cyPkEJGz511q97itzn9RZZzVTZxNVFSP2vVhNNQVsW
+      OxakcvYRgnz8AOQS3OPHj2FQc3iibshct5leIwYZFcxINGHR6KL6+/LSePNCEMmK
+      qymVPkQGsIcU6GQ9fxaSu4mp+IUALProizEVI8SVk5nOm3HIez+ZfXhzfnGx06SI
+      6NuoQQPqUBeZeXn2YFYhipeRdrQxvA36/YXa/AkXCeU0pXxbtXKcvatfri5KnYJD
+      kH59a+aFkTsl41tfI2cnRYVddqXVl3OzLbcgAFLn1WeC1xx3xRXi7KldokOlvgv+
+      B6naWfCxRlWZ/lsmHae4kc1WH4Kc7nK+ITb40EkjV68/A7krZsN1VcqNtpomYkgE
+      xjUE8XUu
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8HLBAIzXkPeeg
+      ldUfRKK2jQxSVZD5g+qsjAzpmrq/AtmweK1cGcOtZ6eOL+p8brPDyVhDT0QlI/O/
+      EKgCOFFxUDqoR82iY06SacAjHni6+PO9tVRbFV0w14BDAJSpB+VvWyl+FoPDV/vs
+      Z31FtYw+EwqkbDx/kaT9uzf+LJdlkf14nQQj8Eky/8d3mWJbb/9tjObsaQgJ5LLx
+      CYdImkr77X2LMuDw/1tpH642GE25Nrgm6QHlyKSfYXo38v83ebEqbZUDG+ZioArP
+      mqmkawUWw3ekhj80SJg/TK9PRaN/VvcI1PgAd7LZztUReSmTy5hd9r6rOBxpxwnT
+      DvHkBn6vAgMBAAECggEAB28i0AYUNSb1JnWFbKzruUctu3tCNXovJg6K3BiPVMkq
+      DT1XrJIgF5RHHOlr3OsLE6u7Xz2ctdML6PshiKTtIwtGpivgRpCiJEslmr2zi8AW
+      8eJeqRLZEfsSSJOXTG7RdGsn4qHFJ00s2ZTlcIHSPwnFm+XjJi99U8G4XsUoXo0r
+      Gy+0VCuU7M8gICEHHsrQO9XDD3nT2jiu5TjrKwjut3EmoJssI5bqx33+OBu5BpCP
+      CT473D43P9p3qi/XnfvqGSG2Oj4OajV4fr0o9B3KvIxkMem7WlI3jyy1kApyXqVT
+      bLkLFyWBNTWUZ2R/2wxmuoC6mLZw879MLCKMvk1doQKBgQDhmwGafJNymTiEQZRI
+      SsQx4seqfOKfgFC7ohqH9cROOu8IJ1o7q2pM2W4XiV+S3wTdPGmca6IOjX23isVB
+      2uqNi9S4MnI2/d22Gd/BR9rvBw1eGJoKbrWx22fE8QCEWT1AnO+DuD0jC85yRls7
+      axzlaMrxEu3LI9UE7NtrdQiByQKBgQDVdI6ceIVBT6RgvVGt8zkLjPIFjhQEHAIp
+      uhirgqpS6CX9Blyf2+o40zmfj3he5rCcEoB5MseM+DgFbcVh2e/MVnYiNNw6JCDB
+      BQkF408pZpSeKXvL/oyV/kImMTJ/tUDY0EXxMwSPJB0WltbWreVIHopigXRCbaey
+      uBHVBv/4twKBgHwHuePy5SU1s2qSmzD7Wc2LPfYu3nCOHNRrFGb26MuRfuReri7r
+      2G8TgoESFycp0QTIN8+1JM0XYKxNcJD6B8V1wKbbpQsymneI1gjutiB/Igw/PkDK
+      CL4VP4F4da5NWW1yWgNygLoJvZ/5qiKKisJc0GWk4HKz6mLgzOjQ2LJxAoGBALHZ
+      fN2YeYbyYcaM11p1VilulVTVjY3i/FZiDR4SL/IGJWjN/Szg4iXYsKFmu+dulOZl
+      cBALpEKrqpmzXYtrN6bsv18+5eO3qGbK2DrEq3eWVev2KoTMobxz7g++XBIWJmLA
+      Hhaa6IiPkYD5yyVyHKDbeXgb3o9eqCR7w7fYLjy/AoGAI4D+MFkivwUF7hqf5edS
+      KrltwmodHiqXNbVkwbW1AFPJbiYai4YFfK4IAbif/Ymxf9G78aOkr9ZpCIzOkDPZ
+      YpEwQGWsAhElCFvc8E/5dHESSp+tWtP+NluimpFqiDg3/SUnMwO2xH0nhLa0zejh
+      gmLh4w/CcPyb9ZyXceWU/nU=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails
+  trusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://trusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - trusted-httpdetails-ready
+  untrusted-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEUjCCArqgAwIBAgIRAKKYU7PSAFxZbhuLUlbv3iAwDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU2MTFaFw0yMzExMTEyMjU2MTFaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg
+      VDM59lGzCRjdUQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHG
+      oryKGDOkRV1SDb3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2v
+      JX4qTwgrqQtLOJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqP
+      qpc6AEFuklmoBHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPw
+      ve8VoGIlx4uvHTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxG
+      mgByfa2rxbNg15PFwF+ZAgMBAAGjbDBqMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBS3GPBKDaHzHK68c8sSJ91umTjFVzAi
+      BgNVHREEGzAZghcqLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG9w0BAQsF
+      AAOCAYEAizMhh+VYIMp07wGn7+rzAE/651yiMC6kZHIOMHilvimyYvCf+Yc0MrcD
+      mVQgqlUpkn/f2SOFsBQonjAACkWlSHah9KStL0iTvOIH+oGLnv3Y9wrKvwJol3KR
+      c/+mO9R9TS71DoX+rTGRY3BNldpMBZF7HsYt/bg0RSpF0zkZarW+PEMmPw6IgIaD
+      RPGpOiQOqIxQn4d6MyiNGS0QmDeGSZvsC07ZcZ+JxsYi4S+yN6GXt11pstiRXjDv
+      zrO3s8TnVsBux7VDdIYfzMxqz+874MbsUUlb4txr3V48UDRLm7VDQ2/F+o0+Y5wt
+      XAnXTn/6GFpjJvPGr0A1QLOvnhR0DZ4Fl97athu44pqeQywDU5LPP3HqrWRXLy3j
+      BPBC4waHayL9Hnh4zQUe/h6hwC5Nxl/gqfB3Aaqr5PWX6rMFss8AYpB81ci+UJdm
+      KSIn/pMoK6TWkCveoQRQOZD8wfwPF4cUUmWcLFwSveZSiniFrAXQqZbO1k6RDhQf
+      havcwKlK
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCgVDM59lGzCRjd
+      UQCyzokqC4sEr7Ln2FpXfHjMWPuNK5vQYccTxto3JlAVXl+oOLHGoryKGDOkRV1S
+      Db3zAxYQNDuYUnraiVgLPrM9NFpHSk/IlACQjRlFRYG0Go3PDR2vJX4qTwgrqQtL
+      OJ5tHnqrt6idtvNp1ISYOIscXf/WIAhh+IuOvas4eie7GETX4eqPqpc6AEFuklmo
+      BHBfMCrGg89WBUTWCZYrHE9BYDL0LG/VwLYn2tDKBrS9iZIlTqPwve8VoGIlx4uv
+      HTdzaVStcRKOXCsbSwXRdt0842d4C1nohQkRHqHoBjQzrJiWJzxGmgByfa2rxbNg
+      15PFwF+ZAgMBAAECggEADTzGefunZTPUFLnSZ/D7jDglwz5KdC/9zYleY+jY5B/8
+      nmjkSfK6I6GLLSh8l2QO8YqQLIqxANglS1gNHdpcYPwfC4WL1S1P0qXboKsI5Sfy
+      jGoD3et4caq6ecdTfAvmLobW8uFRmGE9qHlFQ1cn47OnPVZUpKFCTVslyTLNo70h
+      28gx/lnpgkbeWotJ5GygE/H0jKJlG8/V3+Ppfuq6wypA5ELcGUeMAwmCfUNNlDy3
+      BhXSa6STgL26ar70KZIjTp9B97hIfDWObxgjzMX2JoiWXziszvbfaknfBsmfTm45
+      oUZYO0DuvLdLpxic0GZQwZCT6GzuexxJ9zR/pdahrQKBgQDEiwc0e+M1KaOoIIcw
+      V7pxoGjvd+CC5whS00jSf/rXPSPFxat9Ml5serOzLdRLM/NQ5wB9S7TYc6PJi3Mb
+      8pmbGadIXiGIJY8vX79P/velHT4csgULJAKJF9U65knhaidPPPmXloHOhRWrE8Zq
+      mexVgJZrHLI8197qmi+ctT5rEwKBgQDQ1J84AwI1hEsXHxoSetSznt+ae7pSUb/J
+      byqK9KEp0DLyf8GcS7vxyYGQo0mJDlHaJt56LKv+zdX4wGG85ztbOFVPee6XLKSs
+      I+h7rzc2hKrl+SaI91h1234WsTeJvfUSHyBy9vAwLhd0hplNrt7Tql5Z0VTWHmFE
+      2XbEwcTUIwKBgQDBpioHMDmBW/F/6ezJWOa+pco+h+KRl4i/8qVBog9Im1jvt/9r
+      b4FRaOQ9mt4c6qbGA5Sb30fkLKwoHFniI3ntM616xCRNvJQDnVcmPpVJ/jIAm/YU
+      L/q/kNfrHJOWobzxeaaCESz8imv7D5Tj25zb8cJC7xc+k4Nzq09WG83QOQKBgG28
+      LOZ7/j8tA2BlAYhQb1Dr3UgKWEBFoOgyuEJIhh+4vezb4VtGGL7XSnQ8ubmBgtWF
+      s0a0DrVYaGXMgg+H2pL2qS2YPx3FYcrrG5FS40qMsFkkcXFruFpGOp2mBi8lWJBr
+      NtvykwheUAj1ab1+dKz5S5ca/t99G1PYiiaeQ9XNAoGAVXk4HvdUc5q+BNiYvKUS
+      M2/TDU3cYY72mPCEw7G6Kpn6zMaakQcA1+Z8LkYcLaQKRD/66n99WWT+BcY+QXtC
+      0ZPHjeepDL8q+yXRY8zlcgAukg18Ta5yD1J1014y8UIV+HY8ongTni1sI8N+vKd4
+      +TF2C2Cynf5vQr5man7ShPw=
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails
+  untrusted-httpdetails-ready:
+    command:
+    - -wait
+    - http://untrusted-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - untrusted-httpdetails-ready
+  verify:
+    depends_on:
+      verify-init:
+        condition: service_completed_successfully
+    environment:
+      SSL_CERT_FILE: /verify_config/ca.pem
+    image: pomerium/verify:${VERIFY_TAG:-latest}
+    networks:
+      main:
+        aliases:
+        - verify
+    volumes:
+    - verify_config:/verify_config
+  verify-init:
+    command:
+    - sh
+    - -c
+    - |-
+      echo '-----BEGIN CERTIFICATE-----
+      MIIE1zCCAz+gAwIBAgIQZ139cd/paPdkS2JyAu7kEDANBgkqhkiG9w0BAQsFADCB
+      gzEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMSwwKgYDVQQLDCNjYWxl
+      YkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTEzMDEGA1UEAwwqbWtjZXJ0
+      IGNhbGViQGNhbGViLXBjLWxpbnV4IChDYWxlYiBEb3hzZXkpMB4XDTIxMDgxMDE3
+      MzIwOVoXDTMxMDgxMDE3MzIwOVowgYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9w
+      bWVudCBDQTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXggKENhbGViIERv
+      eHNleSkxMzAxBgNVBAMMKm1rY2VydCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2Fs
+      ZWIgRG94c2V5KTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANbKyMz5
+      MVW6YKdjh1oIN1Mn7PE2pH5SbJSpWxdAGhdBkBkpAa7OxarjH5KVkCTSa7oncla7
+      qNuJZS6mBmoxF+R+cR3jyGdUAYlozl1jlfqLIfC/+g7V7VmOJn98tjB42fatxLl6
+      WPAw1JDNsWtQfhKhbcHut7RsF0rMOOHcwywTR7LOyCmIel1pcmpV4hbVcT6eVwoP
+      HXyJSa9cqaMQ5Xrdogai4IqZZIGLHeLsTVutOgJFXEevlX/QT3sWomEctzh38Js4
+      9DiAPD6d4Y7/CPLYEfk29JQ9NZhpgDsi9hu5FHHZcXwf1IHlw/CBVgn6j+jmvKKz
+      90Ma1oquv3W6dttid/xCcLGu2S+96Tzrykmoy5VacLtVEP41YmoVls91rlo7olpe
+      QWFbnmco739TI/4h+HodolperQERQl7uCnpKVPZ3WokKuRh5pkqkQp/arQjtwcRt
+      G43CrDpbl+uSjMCAxha958eTYvtojTMnvLtsGID1hGXnqlw+5KjKrgRHrQIDAQAB
+      o0UwQzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+      FgQUhYZYWIBHyk6ZVTnp3lRt/tyBP00wDQYJKoZIhvcNAQELBQADggGBAA1F/apr
+      l6pNT3Mp/MxhUUgo6usEJCryGQcLRfexyQXGN3huCmIrP55VFa8ETPAtjsr6PMe7
+      7vvEj8eFu2JtKovlQwNewYU9cjAMCVaFiNbrQa20hzhWc2js6dyildE6/DPzbeds
+      KDAxhFNp35SlwtRtKk1SzxJxsqSwjfxI8fp+R/0wO8g0fWTdM2gCpRwYMNwJELEg
+      +dSlvJCwuu+rzxLalzaPF1PMTW72OELal/j5sD+2VytQ4k+HUDbyt2DnQT7YQ3zo
+      q02x2u2sm1WW/o/uh8pjPxkGQqL2mryZs6VH9VCU3QkKNDssNd71lr3wPoE4YRHe
+      UvzD1eDeelzBUFNIpDCjdCsL55yIPqUsr6lmjpBPL0vea33QTMbcsSxu0umGXDbU
+      66juU4Z1jOE0wClIvaO699J+E2gBe1jUN6At6b8BSoZqCqXYoDHGei9RBUdvgqto
+      kVsoJfDI/TFMekYgpL5UVYmLdfgqLPPRP9pQBLDx3mszeAqnvfTICAzfXg==
+      -----END CERTIFICATE-----
+      ' > /verify_config/ca.pem
+    image: busybox:latest
+    networks:
+      main:
+        aliases:
+        - verify-init
+    volumes:
+    - verify_config:/verify_config
+  verify-ready:
+    command:
+    - -wait
+    - http://verify:80/
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - verify-ready
+  websocket-echo:
+    command:
+    - --port
+    - "80"
+    - tee
+    image: pvtmert/websocketd:latest
+    networks:
+      main:
+        aliases:
+        - websocket-echo
+  websocket-echo-ready:
+    command:
+    - -wait
+    - tcp://websocket-echo:80
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - websocket-echo-ready
+  wrongly-named-httpdetails:
+    command:
+    - sh
+    - -c
+    - |
+      cat <<-END_OF_HTTPDETAILS | tee /app/fullchain.pem
+      -----BEGIN CERTIFICATE-----
+      MIIEWDCCAsCgAwIBAgIRAK1MkqoHP+DPILewhMcnnu4wDQYJKoZIhvcNAQELBQAw
+      gYMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEsMCoGA1UECwwjY2Fs
+      ZWJAY2FsZWItcGMtbGludXggKENhbGViIERveHNleSkxMzAxBgNVBAMMKm1rY2Vy
+      dCBjYWxlYkBjYWxlYi1wYy1saW51eCAoQ2FsZWIgRG94c2V5KTAeFw0yMTA4MTEy
+      MTU0MzRaFw0yMzExMTEyMjU0MzRaMFcxJzAlBgNVBAoTHm1rY2VydCBkZXZlbG9w
+      bWVudCBjZXJ0aWZpY2F0ZTEsMCoGA1UECwwjY2FsZWJAY2FsZWItcGMtbGludXgg
+      KENhbGViIERveHNleSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV
+      DWPhOpNWAYNTQZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM
+      3cvyRs40dygZeogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV
+      6ttf6y0+4Nq1hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3E
+      lxIYQsCr85FyW8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC
+      8X2vHBBIbnZipb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3
+      OIkJji4rpJqxG1Z7MvPzAgMBAAGjcjBwMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUE
+      DDAKBggrBgEFBQcDATAfBgNVHSMEGDAWgBSFhlhYgEfKTplVOeneVG3+3IE/TTAo
+      BgNVHREEITAfgh1pbnZhbGlkLmxvY2FsaG9zdC5wb21lcml1bS5pbzANBgkqhkiG
+      9w0BAQsFAAOCAYEABsSByXWA7e8hpKWZK4APWzkvDwiTGrDDE7k0hueJksTZ5Nqw
+      fRdGoUpweWIYzAv1etPAr+B2gsZM/jVRidaGDI1tKPytZ3pP6mQ52CVXkeJQytPr
+      rNDnP3Lbpbs8PHoHw3PVxIyRps1ZbZkgbUsXrSvpp/l+ZObbGQjr3Fdx5oXI6a1V
+      NNC39LkPhjTKtcG+H8dO5GRuDb/9PrzrnDwnl6CoORbEjTKRIFuA+vkFBRjyuccr
+      GQiMNmMxy5CMOsK+Od4+8qhv2ZgnREHyBnjFFhgVLFJ2PwUxk3N4GIzCC8tsD+vb
+      +YJgCS7n6JmcB9SFeyRy+qpolnfEaMvRwnJl6Evj17VCBy7x0gEO6B4lILPpziN8
+      VVhSuRsC0V8aXJJx89mwrg9pzN9w771rFVOCrAEdZei34/yfo8VyBbIR1gUxkRNJ
+      crTI9pT0PK+9OWQ57HtnGmFsPtWT8r7P8xukAPy50wSLF3InjEo8VR2df+V7DVVU
+      aTjNbuaG1NLNyWLH
+      -----END CERTIFICATE-----
+
+      END_OF_HTTPDETAILS
+      cat <<-END_OF_HTTPDETAILS | tee /app/privkey.pem
+      -----BEGIN PRIVATE KEY-----
+      MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDVDWPhOpNWAYNT
+      QZ4BR5ZU13HqRg/6B49duFcHPY+hkbQPSZdN+GZjCeRVIK8iAkgM3cvyRs40dygZ
+      eogu9LYo6AN/h6cVCF9ENg5jo7/PjK5/6aIf8/Ss22tCuhUL7UHV6ttf6y0+4Nq1
+      hRQcbyIPij89nmO+mT4Fhs9gNSsj2y0gQQWqN2lGhhBnnaCUxh3ElxIYQsCr85Fy
+      W8wWtPxn6mdFHc/iSUh0edeiExWsbPTdfEAj93J5bidXAi27uxTC8X2vHBBIbnZi
+      pb9zmZxBjDjslEnN4vVc9weW5N3nKcu+7QXJdiHFP32YSET2Opu3OIkJji4rpJqx
+      G1Z7MvPzAgMBAAECggEBAM3XhRO7+1QSXCaZdCZ6WuWXzojxrkf8++gpzXPCZ75L
+      vvMyP8xmXc38Za5VyL+MAr7joENxY5NPON/9AgyUBFdbat3RW323vAt0Ssy8Dfti
+      ScpuGWTT2CcWS/iJPwJp9bzPj6qJ1wo0Rzsv23FpcjgfcuB+4pHpDwJZ8IxcclTN
+      jv5XdmanN0Ai2ONDkIHQyvMTsYAX99OK7nXIs3OW7s4wsm8Wg+loCqTvojTzWuwE
+      TZNFonHAZ81jkrYfNjz+sM/tPuOYD+vWQ89+1IeQKFw1U0iBpF1VvhA7UeQZMeI8
+      S1NpDQTQW0kxmUAlLj7ldnIvknT/x0lKzoafVpk47/kCgYEA+SxnMLHe3Wxb4Kkf
+      7Gwktbth/wlWzUWzQ7c0TdhfEDjcRB7SeGIjrL4/HPyXEsCcGIj84TEob1EA0KVP
+      l6Jeqh5t/sr9da+uLFf6H41yZUaTccoyclnjHsqT+WLTtiTKqf7cXACg5NKbJwUT
+      ldCEu+4Ovur+8Ax6s/mGWNEzar0CgYEA2uOmD+SCIhj16P+3GnpZ0UzyDhUKedTy
+      LisZznroF6RI3BHzNT+YotHORDMiJtmX0slFcInAWaB3htLPbHmvredjlsH35eHW
+      B6wkWmbniJEovPysWdg7xjrj8DoL2dcm6liM1KpSo9k6XWJu36//xF4RTnL8JPEH
+      RPuBWmBXHG8CgYBjJy886lr0I61//eztKK+G/bTmRvIapzTJqnqOy54wl1/XX6iD
+      LRJjKCV3RHBdjvXOsZxnhCdB/KrlXBMLFRq0eX1t2Zr4nNsjXDL1IVU3Rdlge4SN
+      ioVdeGFf6Nq0bXmUIg3QMpPT2pbQ9S0w/ZQEMJv/jwW5wk2FlrLGXyElxQKBgQC3
+      skUzITp1Ey2NFM290uB93m1llBLum9+DD3jg6BTPgngC+K17Cpw2SI0qfx8yK3pW
+      08MK5xAeJ6Un6NNa3eSptX7GjpJUwmq0lasMkz/MRMZDlGmwHOBNRC729D/t2bo3
+      AYlvEGG6UBvDM1CJOVMUoT008Rrahczr/4ZXKnLw0QKBgExc+SXb5IRJIMHEQLkg
+      E7va23sR7x4j75mK6HnSwAM3jKx4GDgpkY1EO+rh+99mq/bIouL8ob/PG7A5RtKp
+      +Sgpqk5N6NpSFMaubsu1EQhqT5pmy0dN5KXecR4s1IylPvth/h3tdXPKGcLMD2M2
+      EN59YIA1o4qWjJsfEiuQ6x7M
+      -----END PRIVATE KEY-----
+
+      END_OF_HTTPDETAILS
+      node ./index.js
+    image: mendhak/http-https-echo:19
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails
+  wrongly-named-httpdetails-ready:
+    command:
+    - -wait
+    - http://wrongly-named-httpdetails:8080
+    - -timeout
+    - 10m
+    image: jwilder/dockerize:0.6.1
+    networks:
+      main:
+        aliases:
+        - wrongly-named-httpdetails-ready
+volumes:
+  fortio_config: {}
+  verify_config: {}
diff --git a/integration/tpl/backends/traefik.libsonnet b/integration/tpl/backends/traefik.libsonnet
new file mode 100644
index 000000000..6a206bb05
--- /dev/null
+++ b/integration/tpl/backends/traefik.libsonnet
@@ -0,0 +1,180 @@
+local utils = import '../utils.libsonnet';
+local Routes = (import './routes.libsonnet').Routes;
+
+local StaticConfig() =
+  {
+    global: {
+      checkNewVersion: false,
+      sendAnonymousUsage: false,
+    },
+    log: {
+      level: 'DEBUG',
+    },
+    accessLog: {},
+    entryPoints: {
+      web: {
+        address: ':80',
+        forwardedheaders: {
+          insecure: true,
+        },
+      },
+      websecure: {
+        address: ':443',
+        forwardedheaders: {
+          insecure: true,
+        },
+      },
+    },
+    api: {
+      insecure: true,
+    },
+    providers: {
+      file: {
+        filename: 'traefik-dynamic.yaml',
+      },
+    },
+  };
+
+local Rule(route) =
+  local url = utils.ParseURL(route.from);
+  std.join(
+    ' && ',
+    ['Host(`' + url.host + '`)'] +
+    (if std.objectHas(route, 'prefix') then
+       ['PathPrefix(`' + route.prefix + '`)'] else []) +
+    (if std.objectHas(route, 'path') then
+       ['Path(`' + route.path + '`)'] else [])
+  );
+
+local DynamicConfig(mode, idp, dns_suffix='') =
+  {
+    local routes = Routes(mode, idp, dns_suffix) + [
+      {
+        from: 'https://authenticate.localhost.pomerium.io',
+        to: 'https://pomerium' + dns_suffix + ':443',
+        allow_public_unauthenticated_access: true,
+        tls_skip_verify: true,
+        preserve_host_header: true,
+      },
+    ],
+
+    tls: {
+      certificates: [{
+        certFile: '_wildcard.localhost.pomerium.io.pem',
+        keyFile: '_wildcard.localhost.pomerium.io-key.pem',
+      }],
+    },
+    http: {
+      serversTransports: {
+        insecure: {
+          insecureSkipVerify: true,
+        },
+      },
+      routers: {
+        ['route%d' % i]: {
+          service: 'route%d' % i,
+          rule: Rule(routes[i]),
+          tls: {},
+          middlewares:
+            (if routes[i].from == 'https://authenticate.localhost.pomerium.io' then
+               []
+             else
+               ['authz']) +
+            (if std.objectHas(routes[i], 'set_request_headers') then
+               ['set-request-headers-%d' % i]
+             else
+               []),
+        }
+        for i in std.range(0, std.length(routes) - 1)
+      },
+      services: {
+        ['route%d' % i]: {
+          loadBalancer:
+            {
+              servers: [{
+                url: routes[i].to,
+              }],
+            } +
+            (if std.startsWith(routes[i].to, 'https://') then
+               { serversTransport: 'insecure' }
+             else
+               {}) +
+            (if std.objectHas(routes[i], 'preserve_host_header') && routes[i].preserve_host_header then
+               { passHostHeader: true }
+             else
+               { passHostHeader: false }),
+        }
+        for i in std.range(0, std.length(routes) - 1)
+      },
+      middlewares: {
+        authz: {
+          forwardAuth: {
+            address: 'https://forward-authenticate.localhost.pomerium.io',
+            trustForwardHeader: true,
+            authResponseHeaders: ['x-pomerium-jwt-assertion', 'x-pomerium-claim-email', 'authorization'],
+            tls: {
+              insecureSkipVerify: true,
+            },
+          },
+        },
+      } + {
+        ['set-request-headers-%d' % i]: {
+          headers: {
+            customRequestHeaders: {
+              [k]: routes[i].set_request_headers[k]
+              for k in std.objectFields(routes[i].set_request_headers)
+            },
+          },
+        }
+        for i in std.range(0, std.length(routes) - 1)
+        if std.objectHas(routes[i], 'set_request_headers')
+      },
+    },
+  };
+
+local Command(mode, idp, dns_suffix='') =
+  [
+    'sh',
+    '-c',
+    |||
+      cat <<-'END_OF_TRAEFIK' | tee traefik.yaml
+      %s
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee traefik-dynamic.yaml
+      %s
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io.pem
+      %s
+      END_OF_TRAEFIK
+      cat <<-'END_OF_TRAEFIK' | tee _wildcard.localhost.pomerium.io-key.pem
+      %s
+      END_OF_TRAEFIK
+
+      traefik -configFile=traefik.yaml
+    ||| % [
+      std.manifestJsonEx(StaticConfig(), '  '),
+      std.manifestJsonEx(DynamicConfig(mode, idp, dns_suffix), '  '),
+      importstr '../files/trusted.pem',
+      importstr '../files/trusted-key.pem',
+    ],
+  ];
+
+function(mode, idp, dns_suffix='') {
+  local image = 'traefik:latest',
+  compose: {
+    services:
+      utils.ComposeService('traefik', {
+        image: image,
+        depends_on: {
+          pomerium: {
+            condition: 'service_started',
+          },
+        },
+        command: Command(mode, idp, dns_suffix),
+        ports: [
+          '80:80/tcp',
+          '443:443/tcp',
+        ],
+      }, ['authenticate.localhost.pomerium.io', 'mock-idp.localhost.pomerium.io']),
+  },
+}
diff --git a/integration/tpl/clusters/auth0-traefik/compose.yml.jsonnet b/integration/tpl/clusters/auth0-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..a19389909
--- /dev/null
+++ b/integration/tpl/clusters/auth0-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('auth0')
diff --git a/integration/tpl/clusters/azure-traefik/compose.yml.jsonnet b/integration/tpl/clusters/azure-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..e74fb7dd7
--- /dev/null
+++ b/integration/tpl/clusters/azure-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('azure')
diff --git a/integration/tpl/clusters/github-traefik/compose.yml.jsonnet b/integration/tpl/clusters/github-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..b23e87890
--- /dev/null
+++ b/integration/tpl/clusters/github-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('github')
diff --git a/integration/tpl/clusters/gitlab-traefik/compose.yml.jsonnet b/integration/tpl/clusters/gitlab-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..09d5b1994
--- /dev/null
+++ b/integration/tpl/clusters/gitlab-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('gitlab')
diff --git a/integration/tpl/clusters/google-traefik/compose.yml.jsonnet b/integration/tpl/clusters/google-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..be0212fb5
--- /dev/null
+++ b/integration/tpl/clusters/google-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('google')
diff --git a/integration/tpl/clusters/oidc-traefik/compose.yml.jsonnet b/integration/tpl/clusters/oidc-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..e5df2e962
--- /dev/null
+++ b/integration/tpl/clusters/oidc-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('oidc')
diff --git a/integration/tpl/clusters/okta-traefik/compose.yml.jsonnet b/integration/tpl/clusters/okta-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..d16f6e0c0
--- /dev/null
+++ b/integration/tpl/clusters/okta-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('okta')
diff --git a/integration/tpl/clusters/onelogin-traefik/compose.yml.jsonnet b/integration/tpl/clusters/onelogin-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..c2aadaa47
--- /dev/null
+++ b/integration/tpl/clusters/onelogin-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('onelogin')
diff --git a/integration/tpl/clusters/ping-traefik/compose.yml.jsonnet b/integration/tpl/clusters/ping-traefik/compose.yml.jsonnet
new file mode 100644
index 000000000..01992474f
--- /dev/null
+++ b/integration/tpl/clusters/ping-traefik/compose.yml.jsonnet
@@ -0,0 +1 @@
+(import '../../deployments/traefik.libsonnet')('ping')
diff --git a/integration/tpl/deployments/traefik.libsonnet b/integration/tpl/deployments/traefik.libsonnet
new file mode 100644
index 000000000..de98f2781
--- /dev/null
+++ b/integration/tpl/deployments/traefik.libsonnet
@@ -0,0 +1,17 @@
+local utils = import '../utils.libsonnet';
+
+function(idp) utils.Merge([
+  (import '../backends/fortio.libsonnet')().compose,
+  (import '../backends/httpdetails.libsonnet')().compose,
+  (import '../backends/mock-idp.libsonnet')(idp).compose,
+  (import '../backends/pomerium.libsonnet')('traefik', idp).compose,
+  (import '../backends/redis.libsonnet')().compose,
+  (import '../backends/traefik.libsonnet')('single', idp).compose,
+  (import '../backends/verify.libsonnet')('traefik').compose,
+  (import '../backends/websocket-echo.libsonnet')().compose,
+  {
+    networks: {
+      main: {},
+    },
+  },
+])