From 32dd761dc44f00fbc69aa039597590d47c84d5c9 Mon Sep 17 00:00:00 2001
From: DeveloperDurp <DeveloperDurp@durp.info>
Date: Wed, 19 Mar 2025 04:51:22 -0500
Subject: [PATCH] update

---
 dmz/traefik/templates/middleware.yaml | 35 +++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 dmz/traefik/templates/middleware.yaml

diff --git a/dmz/traefik/templates/middleware.yaml b/dmz/traefik/templates/middleware.yaml
new file mode 100644
index 0000000..dfa36c4
--- /dev/null
+++ b/dmz/traefik/templates/middleware.yaml
@@ -0,0 +1,35 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+    name: authentik-proxy-provider
+    namespace: traefik
+spec:
+  forwardAuth:
+    address: http://ak-outpost-master-embedded-outpost.authentik.svc.cluster.local:9000/outpost.goauthentik.io/auth/traefik?rd=$scheme://$http_host$request_uri
+    trustForwardHeader: true
+    authResponseHeaders:
+      - X-authentik-username
+      - X-authentik-groups
+      - X-authentik-email
+      - X-authentik-name
+      - X-authentik-uid
+      - X-authentik-jwt
+      - X-authentik-meta-jwks
+      - X-authentik-meta-outpost
+      - X-authentik-meta-provider
+      - X-authentik-meta-app
+      - X-authentik-meta-version
+
+---
+
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: whitelist
+  namespace: traefik
+spec:
+  ipWhiteList:
+    sourceRange:
+      - 192.168.0.0/16
+      - 172.16.0.0/12
+      - 10.0.0.0/8