From df09d16646214b2e431d3f7983a03896ddf6a475 Mon Sep 17 00:00:00 2001
From: drcannoli <github.m92b5@mailsilo.ca>
Date: Sat, 10 Sep 2022 03:25:23 -0400
Subject: [PATCH] add auth

---
 cluster/apps/media/redacted-streams/helm-release.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/cluster/apps/media/redacted-streams/helm-release.yaml b/cluster/apps/media/redacted-streams/helm-release.yaml
index 6ace836..c788d42 100644
--- a/cluster/apps/media/redacted-streams/helm-release.yaml
+++ b/cluster/apps/media/redacted-streams/helm-release.yaml
@@ -41,6 +41,14 @@ spec:
           cert-manager.io/cluster-issuer: letsencrypt-production
           external-dns/is-public: "true"
           external-dns.alpha.kubernetes.io/target: "ipv4.${SECRET_DOMAIN}"
+          nginx.ingress.kubernetes.io/auth-response-headers: >-
+            Set-Cookie,X-authentik-username,X-authentik-groups,X-authentik-email,X-authentik-name,X-authentik-uid
+          nginx.ingress.kubernetes.io/auth-signin: >-
+            https://redacted.milomon.ca//outpost.goauthentik.io/start?rd=$escaped_request_uri
+          nginx.ingress.kubernetes.io/auth-snippet: |
+            proxy_set_header X-Forwarded-Host $http_host;
+          nginx.ingress.kubernetes.io/auth-url: >-
+            http://ak-outpost-redacted.networking.svc.cluster.local:9000/outpost.goauthentik.io/auth/nginx
         hosts:
           - host: redacted.${SECRET_DOMAIN}
             paths: