Skip to content
Snippets Groups Projects
Normal view Permalink
oauth2-proxy.service.j2 1.1 KiB
Newer Older
  • Learn to ignore specific revisions
    • Lukas Koenen's avatar
    feat: oauth2 role
    Lukas Koenen committed
    1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 
    [Unit]
After=network-online.target
Wants=network-online.target

[Service]
Type=simple
ExecStart=docker run \
          --name {{ oauth2_container_name }} \
          --entrypoint "" \
          --network host \
          --volume {{ oauth2_cert_directory }}:/etc/tls/private \
          quay.io/oauth2-proxy/oauth2-proxy:{{ oauth2_version }}\
          oauth2-proxy \
          --https-address={{ oauth2_listen_address }} \
          --tls-cert-file=/etc/tls/private/fullchain.pem \
          --tls-key-file=/etc/tls/private/privkey.pem \
          --upstream={{ oauth2_upstream }} \
    Lukas Koenen's avatar
    fix: enquote secrets and ids  
    Lukas Koenen committed
    18 19 20 
              --cookie-secret="{{ oauth2_cookie_secret }}" \
          --client-secret="{{ oauth2_client_secret }}" \
          --client-id="{{ oauth2_client_id }}" \
    Lukas Koenen's avatar
    feat: oauth2 role
    Lukas Koenen committed
    21 22 23 24 25 26 27 28 29 30 
              --provider={{ oauth2_client_provider }} \
          --redirect-url={{ oauth2_redirect_url }} \
          --oidc-issuer-url={{ oauth2_oidc_issuer_url }} \
          --email-domain={{ oauth2_email_domain }} \
          {{ oauth2_command_line_options }}
ExecStop=docker container rm \
         --force {{ oauth2_container_name }}

[Install]
WantedBy=multi-user.target