27 lines
No EOL
955 B
Text
27 lines
No EOL
955 B
Text
# --- 1. Provider Configuration ---
|
|
provider = "google"
|
|
client_id = "908518725447-1pbdp071t2b07p66fv0n845n3nrbeu0k.apps.googleusercontent.com"
|
|
client_secret = "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"
|
|
scope = "openid profile email"
|
|
|
|
# provider = "github"
|
|
# client_id = "Ov23liA8Pj1NqKm5HgqR"
|
|
# client_secret = "3b5015ef53b81d94ff9414a55be1252508d70795"
|
|
# scope = "user:email"
|
|
|
|
# --- 2. OAuth2 Proxy Configuration ---
|
|
upstreams = "static://200"
|
|
http_address = "0.0.0.0:4180"
|
|
redirect_url = "https://auth.diukman.com/oauth2/callback"
|
|
|
|
set_xauthrequest = true
|
|
# --- 3. Cookie Configuration ---
|
|
cookie_secret = "0MuGA07eq7PqfEBQXV_mkRxPsHb4VsuwlEka5A4dExg="
|
|
cookie_domains = [ ".diukman.com", "diukman.com" ]
|
|
cookie_httponly = true
|
|
cookie_secure = true
|
|
cookie_samesite = "none"
|
|
# --- 5. Email Whitelisting ---
|
|
authenticated_emails_file = "/etc/allowed_emails.txt"
|
|
# --- 6. Domain redirection Whitelisting ---
|
|
whitelist_domains = [ "*.diukman.com", "diukman.com" ] |