Traefik-forward-auth needs step-ca vars in config-hook

Question

Traefik-forward-auth needs step-ca vars in config-hook

Opened this issue 4 months ago · 1 comments

Traefik-forward-auth uses step-ca vars in .env-dist, but you can only configure them by manually editing your instance's .env file. We should add them to Makefile's config-hook.

Or perhaps instead of asking user to enter them, Makefile can pull the step-ca values from the traefik .env file of the same context-instance, since traefik-forward-auth is being installed on that traefik.

Answer 1 · 2024-06-14T19:08:10.000Z

Having an external step-ca server should be the common scenario, so I don't think it should pull it from the context. Example questions:

? Does the authentication provider require a custom Certificate Authoriy (Step-CA)? (y/N)

TRAEFIK_FORWARD_AUTH_STEP_CA_ENDPOINT: Enter the Step-CA endpoint:
: ca.example.com

TRAEFIK_FORWARD_AUTH_STEP_CA_FINGERPRINT: Enter the Step-CA fingerprint:
: xxxxx

? Should the default Certificate Authority list (system provided) be cleared? (y/N)