summaryrefslogtreecommitdiff
path: root/src/oathkeeper_adm_rules.jsonnet
blob: 10610774eae3b415a6f9040414513f7a023990d1 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

local main = import "../includes/main.jsonnet";
local oathkeeper = import "../includes/oathkeeper.jsonnet";

local Endpoint(name, remote) = {
  local sub_domain = name + "." + main.admin.domain,
  id: main.admin.domain + ":" + name,
  upstream: {
    preserve_host: false,
    url: remote
  },
  match: {
    url: "https://" + sub_domain + "/<.*>",
    methods: oathkeeper.allHttpMethods,
  },
  authenticators: [oathkeeper.authenticators.cookieSession, oathkeeper.authenticators.oauth2ClientCredentials],
  authorizer: oathkeeper.authorizers.keto(sub_domain),
  mutators: [oathkeeper.mutators.idToken, oathkeeper.mutators.header],
  errors: [oathkeeper.errors.redirect],
};

[
    Endpoint("prometheus", "http://stairway.internal.random.sh:9090"),
    Endpoint("alertmanager", "http://stairway.internal.random.sh:9093"),
    Endpoint("blackbox", "http://stairway.internal.random.sh:9115"),
    Endpoint("loki", "http://loki.internal.random.sh:3100"),
    Endpoint("grafana", "http://grafana.internal.random.sh:3000"),
    Endpoint("kratos-admin-ui", "http://kratos-admin-ui.internal.random.sh"),
    Endpoint("kratos-admin-api", "https://kratos.admin.sso.internal.random.sh"),
    Endpoint("kratos-api", "https://kratos.sso.internal.random.sh"),
    Endpoint("opa", "http://opa.internal.random.sh:8181"),
    Endpoint("stairway-pushgateway", "https://stairway-pushgateway.adm.random.sh/")
]
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 07:58:37 +0000