From 24fbaad0409f2214655a0a6abeb59faf50ff5fe5 Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Sun, 7 Dec 2025 13:03:29 -0300
Subject: [PATCH] auth: forward-auth via external auth host (svc traffic flaky)

---
 infrastructure/longhorn/ui-ingress/middleware.yaml | 2 +-
 services/vault/middleware.yaml                     | 2 +-
 services/zot/middleware.yaml                       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/infrastructure/longhorn/ui-ingress/middleware.yaml b/infrastructure/longhorn/ui-ingress/middleware.yaml
index abc2a64..3bf2ff5 100644
--- a/infrastructure/longhorn/ui-ingress/middleware.yaml
+++ b/infrastructure/longhorn/ui-ingress/middleware.yaml
@@ -30,7 +30,7 @@ metadata:
   namespace: longhorn-system
 spec:
   forwardAuth:
-    address: http://oauth2-proxy.sso.svc.cluster.local:4180/oauth2/auth
+    address: https://auth.bstein.dev/oauth2/auth
     trustForwardHeader: true
     authResponseHeaders:
       - Authorization
diff --git a/services/vault/middleware.yaml b/services/vault/middleware.yaml
index 0f4388e..8a39bf9 100644
--- a/services/vault/middleware.yaml
+++ b/services/vault/middleware.yaml
@@ -6,7 +6,7 @@ metadata:
   namespace: vault
 spec:
   forwardAuth:
-    address: http://oauth2-proxy.sso.svc.cluster.local:4180/oauth2/auth
+    address: https://auth.bstein.dev/oauth2/auth
     trustForwardHeader: true
     authResponseHeaders:
       - Authorization
diff --git a/services/zot/middleware.yaml b/services/zot/middleware.yaml
index a7a294d..cc76d5f 100644
--- a/services/zot/middleware.yaml
+++ b/services/zot/middleware.yaml
@@ -34,7 +34,7 @@ metadata:
   namespace: zot
 spec:
   forwardAuth:
-    address: http://oauth2-proxy.sso.svc.cluster.local:4180/oauth2/auth
+    address: https://auth.bstein.dev/oauth2/auth
     trustForwardHeader: true
     authResponseHeaders:
       - Authorization