Skip to content

Instantly share code, notes, and snippets.

@ipedrazas

ipedrazas/gist:d520db08fe5f1dbb11c314ec50c0e6a3

Created March 15, 2018 16:08
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save ipedrazas/d520db08fe5f1dbb11c314ec50c0e6a3 to your computer and use it in GitHub Desktop.
Save ipedrazas/d520db08fe5f1dbb11c314ec50c0e6a3 to your computer and use it in GitHub Desktop.
Download ZIP
oauth sidecar
Raw
gistfile1.txt
- name: oauth2-proxy
image: a5huynh/oauth2_proxy
args:
- "-upstream=http://localhost:5601/"
- "-provider=github"
- "-cookie-secure=true"
- "-cookie-expire=168h0m"
- "-cookie-refresh=60m"
- "-cookie-secret=SECRET COOKIE"
- "-cookie-domain=kibana.fromatob.com"
- "-http-address=0.0.0.0:4180"
- "-redirect-url=https://kibana.fromatob.com/oauth2/callback"
- "-github-org=fromAtoB"
- "-email-domain=*"
- "-client-id=github oauth ID"
- "-client-secret=github oauth secret"
ports:
- containerPort: 4180
Raw
gistfile2.txt
https://github.com/bitly/oauth2_proxy
Raw
gistfile3.txt
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: kibana
namespace: default
spec:
replicas: 1
revisionHistoryLimit: 2
template:
metadata:
labels:
app: kibana
spec:
containers:
- image: kibana:5.0.1
imagePullPolicy: Always
name: kibana
env:
- name: ELASTICSEARCH_URL
value: "http://elasticsearch:9200"
resources:
limits:
cpu: 200m
memory: 200Mi
requests:
cpu: 50m
memory: 100Mi
ports:
- containerPort: 5601
- name: oauth2-proxy
image: a5huynh/oauth2_proxy
args:
- "-upstream=http://localhost:5601/"
- "-provider=github"
- "-cookie-secure=true"
- "-cookie-expire=168h0m"
- "-cookie-refresh=60m"
- "-cookie-secret=SECRET COOKIE"
- "-cookie-domain=kibana.fromatob.com"
- "-http-address=0.0.0.0:4180"
- "-redirect-url=https://kibana.fromatob.com/oauth2/callback"
- "-github-org=fromAtoB"
- "-email-domain=*"
- "-client-id=github oauth ID"
- "-client-secret=github oauth secret"
ports:
- containerPort: 4180
---
apiVersion: v1
kind: Service
metadata:
name: kibana
namespace: default
spec:
ports:
- port: 80
targetPort: 4180
protocol: TCP
selector:
app: kibana
Raw
gistfile4.txt
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: kibana
namespace: default
annotations:
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.class: "nginx"
spec:
tls:
- hosts:
- kibana.fromatob.com
secretName: kibana-tls
rules:
- host: kibana.fromatob.com
http:
paths:
- path: /
backend:
serviceName: kibana
servicePort: 80
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment