snapshot of caddy with oauth security plugin

docker-compose.vouch.yml

@@ -0,0 +1,59 @@
+services:
+    vouch:
+        image: quay.io/vouch/vouch-proxy:alpine-0.41.0
+        container_name: vouch
+        ports:
+        - 9090:9090
+        environment:
+            # Google
+            # - OAUTH_PROVIDER=google
+            # - OAUTH_CLIENT_ID=889676430308-ivr6b4fmneivn70ri2ugm1gkbgoh5qdq.apps.googleusercontent.com
+            # - OAUTH_CLIENT_SECRET=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
+            # - https://www.googleapis.com/oauth2/v3/userinfo
+
+            # Google
+            # - OAUTH_PROVIDER=oidc
+            # - OAUTH_CLIENT_ID=889676430308-ivr6b4fmneivn70ri2ugm1gkbgoh5qdq.apps.googleusercontent.com
+            # - OAUTH_CLIENT_SECRET=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
+            # - OAUTH_AUTH_URL=https://accounts.google.com/o/oauth2/auth
+            # - OAUTH_TOKEN_URL=https://accounts.google.com/o/oauth2/token
+            # - OAUTH_USER_INFO_URL=https://www.googleapis.com/oauth2/v3/userinfo
+
+            # Amazon
+            # - OAUTH_PROVIDER=oidc
+            # - OAUTH_CLIENT_ID=793k18vvmiooosv5j4dd0bkqi
+            # - OAUTH_CLIENT_SECRET=ccpsr589kufadbmi7ac6kgi3gaftc4cqkm3pi627tsidmbsk1lj
+            # - OAUTH_AUTH_URL=https://veenboer.auth.eu-central-1.amazoncognito.com/oauth2/authorize
+            # - OAUTH_TOKEN_URL=https://veenboer.auth.eu-central-1.amazoncognito.com/oauth2/token
+            # - OAUTH_USER_INFO_URL=https://veenboer.auth.eu-central-1.amazoncognito.com/oauth2/userInfo
+
+            # Microsoft
+            # - OAUTH_PROVIDER=oidc
+            # - OAUTH_CLIENT_ID=2483d0ed-95a1-4ca1-ae72-a79ca6defd96
+            # - OAUTH_CLIENT_SECRET=x8V8Q~vklpp75~xwMRzAuNa4NQ7K8gNEAAsx-cTZ
+            # - OAUTH_AUTH_URL=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
+            # - OAUTH_TOKEN_URL=https://login.microsoftonline.com/common/oauth2/v2.0/token
+            # - OAUTH_USER_INFO_URL=https://graph.microsoft.com/oidc/userinfo
+
+            # Authentik
+            - OAUTH_PROVIDER=oidc
+            - OAUTH_CLIENT_ID=MJJ44TzracJ8J24xVsUvO12KvAbzxiev9G0t9sYl
+            - OAUTH_CLIENT_SECRET=vrUGfNfqzooKujOyvTLDZffOTakEgNeCIlILaBU2aF9QtaDHJWaYVY3MLGlkF2jlFFn4W0a1eSJcZpJMxojO4i7U6b9CqbdTr5Al2LvK3FQnFbViUn2MN0qKibv8VVO1
+            - OAUTH_AUTH_URL=https://authentik.rik.veenboer.xyz/application/o/authorize/
+            - OAUTH_TOKEN_URL=https://authentik.rik.veenboer.xyz/application/o/token/
+            - OAUTH_USER_INFO_URL=https://authentik.rik.veenboer.xyz/application/o/userinfo/
+
+            # General
+            - OAUTH_CALLBACK_URL=https://vouch.rik.veenboer.xyz/auth
+            - OAUTH_SCOPES=openid,profile,email
+            - VOUCH_COOKIE_DOMAIN=veenboer.xyz
+            - VOUCH_ALLOWALLUSERS=true
+            - VOUCH_HEADERS_CLAIMS=email,preferred_username
+            - VOUCH_LOGLEVEL=debug
+
+            # Unused
+            # - VOUCH_COOKIE_SECURE=false
+            # - VOUCH_HEADERS_CLAIMS=sub,name,email
+            # - OAUTH_CLAIMS=sub,name,email
+            # - VOUCH_HEADERS_IDTOKEN=X-Vouch-IdP-IdToken
+        restart: unless-stopped