mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-28 18:06:34 +02:00
39 lines
1 KiB
YAML
39 lines
1 KiB
YAML
authenticate:
|
|
ingress:
|
|
tls:
|
|
secretName: pomerium-tls
|
|
existingTLSSecret: pomerium-tls
|
|
idp:
|
|
provider: "google"
|
|
clientID: YOUR_CLIENT_ID
|
|
clientSecret: YOUR_SECRET
|
|
proxied: false
|
|
|
|
proxy:
|
|
existingTLSSecret: pomerium-tls
|
|
|
|
databroker:
|
|
existingTLSSecret: pomerium-tls
|
|
|
|
authorize:
|
|
existingTLSSecret: pomerium-tls
|
|
|
|
ingressController:
|
|
enabled: true
|
|
|
|
ingress:
|
|
enabled: false
|
|
|
|
config:
|
|
rootDomain: localhost.pomerium.io
|
|
existingCASecret: pomerium-tls
|
|
generateTLS: false # On by default, disabled when cert-manager or another solution is in place.
|
|
# The policy block isn't required when using the Pomerium Ingress Controller, as routes are defined
|
|
# by the addition of Ingress Resources.
|
|
# routes:
|
|
# # This will be our testing app, to confirm that Pomerium is authenticating and routing traffic.
|
|
# - from: https://authenticate.localhost.pomerium.io
|
|
# to: https://pomerium-authenticate.pomerium.svc.cluster.local
|
|
# preserve_host_header: true
|
|
# allow_public_unauthenticated_access: true
|
|
# policy:
|