Traefik-forward-auth needs step-ca vars in config-hook
Opened this issue · 1 comments
mcmikemn commented
Traefik-forward-auth uses step-ca vars in .env-dist, but you can only configure them by manually editing your instance's .env file. We should add them to Makefile's config-hook.
Or perhaps instead of asking user to enter them, Makefile can pull the step-ca values from the traefik .env file of the same context-instance, since traefik-forward-auth is being installed on that traefik.
EnigmaCurry commented
Having an external step-ca server should be the common scenario, so I don't think it should pull it from the context. Example questions:
? Does the authentication provider require a custom Certificate Authoriy (Step-CA)? (y/N)
TRAEFIK_FORWARD_AUTH_STEP_CA_ENDPOINT: Enter the Step-CA endpoint:
: ca.example.com
TRAEFIK_FORWARD_AUTH_STEP_CA_FINGERPRINT: Enter the Step-CA fingerprint:
: xxxxx
? Should the default Certificate Authority list (system provided) be cleared? (y/N)