From 4a089876bac49abcc306e68b436b46633808eb75 Mon Sep 17 00:00:00 2001
From: Brad Stein <Brad.Stein@gmail.com>
Date: Sun, 7 Dec 2025 11:25:29 -0300
Subject: [PATCH] auth: use internal oauth2-proxy svc for forward-auth

---
 infrastructure/longhorn/ui-ingress/middleware.yaml | 2 +-
 services/vault/middleware.yaml                     | 2 +-
 services/zot/middleware.yaml                       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/infrastructure/longhorn/ui-ingress/middleware.yaml b/infrastructure/longhorn/ui-ingress/middleware.yaml
index 3bf2ff5..abc2a64 100644
--- a/infrastructure/longhorn/ui-ingress/middleware.yaml
+++ b/infrastructure/longhorn/ui-ingress/middleware.yaml
@@ -30,7 +30,7 @@ metadata:
   namespace: longhorn-system
 spec:
   forwardAuth:
-    address: https://auth.bstein.dev/oauth2/auth
+    address: http://oauth2-proxy.sso.svc.cluster.local:4180/oauth2/auth
     trustForwardHeader: true
     authResponseHeaders:
       - Authorization
diff --git a/services/vault/middleware.yaml b/services/vault/middleware.yaml
index 8a39bf9..0f4388e 100644
--- a/services/vault/middleware.yaml
+++ b/services/vault/middleware.yaml
@@ -6,7 +6,7 @@ metadata:
   namespace: vault
 spec:
   forwardAuth:
-    address: https://auth.bstein.dev/oauth2/auth
+    address: http://oauth2-proxy.sso.svc.cluster.local:4180/oauth2/auth
     trustForwardHeader: true
     authResponseHeaders:
       - Authorization
diff --git a/services/zot/middleware.yaml b/services/zot/middleware.yaml
index cc76d5f..a7a294d 100644
--- a/services/zot/middleware.yaml
+++ b/services/zot/middleware.yaml
@@ -34,7 +34,7 @@ metadata:
   namespace: zot
 spec:
   forwardAuth:
-    address: https://auth.bstein.dev/oauth2/auth
+    address: http://oauth2-proxy.sso.svc.cluster.local:4180/oauth2/auth
     trustForwardHeader: true
     authResponseHeaders:
       - Authorization