20 lines
759 B
Text
20 lines
759 B
Text
|
#!/usr/bin/with-contenv bash
|
||
|
# shellcheck shell=bash
|
||
|
|
||
|
/oauth2-proxy \
|
||
|
--api-route '^/api/v2' \
|
||
|
--client-id "$OAUTH2_CLIENT_ID" \
|
||
|
--client-secret "NO_SECRET_NEEDED" \
|
||
|
--code-challenge-method 'S256' \
|
||
|
--cookie-secret "$(python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(32)).decode())')" \
|
||
|
--cookie-secure "true" \
|
||
|
--email-domain '*' \
|
||
|
--http-address "0.0.0.0:$OAUTH2_PROXY_PORT" \
|
||
|
--oidc-issuer-url "$OAUTH2_ISSUER_URL" \
|
||
|
--provider "oidc" \
|
||
|
--provider-display-name "OpenID Connect" \
|
||
|
--redirect-url "$OAUTH2_PUBLIC_URL/oauth2/callback" \
|
||
|
--scope "openid email profile" \
|
||
|
--upstream "http://127.0.0.1:$WEBUI_PORT" \
|
||
|
--custom-templates-dir /etc/oauth2-proxy/templates > /dev/null
|