[Feature Request] Read whitelist/blacklist from environment dynamically

thomseddon / traefik-forward-auth

Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy

MIT License

2.17k stars 410 forks source link

[Feature Request] Read whitelist/blacklist from environment dynamically #177

Open dirtycajunrice opened 4 years ago

dirtycajunrice commented 4 years ago

The lists currently are read on init and static afterwards. If the whitelist is passed in as a secret reference in k8s it is able to be updated on the fly. This allows for secret updates without rotating the pod.

thomseddon commented 4 years ago

I like this 👍

colonelpopcorn commented 3 years ago

I like it too, but am not currently running a k8s cluster. Would something like this be on the roadmap for docker-swarm or docker via labels, as well?

EDIT: Also, would it work to have a per-service whitelist/blacklist? I want to be able to have admin-only services protected along-side non-admin services. Not sure if this is on the roadmap.