mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-02 20:06:03 +02:00
31 lines
No EOL
736 B
YAML
31 lines
No EOL
736 B
YAML
authenticate:
|
|
idp:
|
|
provider: "google"
|
|
clientID: YOUR_CLIENT_ID
|
|
clientSecret: YOUR_SECRET
|
|
# Required for group data
|
|
# https://www.pomerium.com/configuration/#identity-provider-service-account
|
|
serviceAccount: YOUR_SERVICE_ACCOUNT
|
|
service:
|
|
annotations:
|
|
cloud.google.com/app-protocols: '{"https":"HTTPS"}'
|
|
|
|
proxy:
|
|
service:
|
|
annotations:
|
|
cloud.google.com/app-protocols: '{"https":"HTTPS"}'
|
|
|
|
service:
|
|
type: NodePort
|
|
|
|
config:
|
|
rootDomain: corp.beyondperimeter.com
|
|
policy:
|
|
- from: https://hello.corp.beyondperimeter.com
|
|
to: http://nginx.default.svc.cluster.local:80
|
|
allowed_domains:
|
|
- gmail.com
|
|
|
|
ingress:
|
|
annotations:
|
|
kubernetes.io/ingress.allow-http: "false" |