docs: update configuration deployment

2024-11-09 04:52:05 +01:00
parent 8730fcd98e
commit ea1dbf26bd
5 changed files with 69 additions and 12 deletions
--- a/examples/goma.yml
+++ b/examples/goma.yml
@@ -6,7 +6,7 @@ gateway:
  # Proxy read timeout
  readTimeout: 15
  # Proxy idle timeout
-  idleTimeout: 60
+  idleTimeout: 30
  ## SSL Certificate file
  sslCertFile: '' #cert.pem
  ## SSL Private Key file
@@ -23,6 +23,7 @@ gateway:
  disableDisplayRouteOnStart: false
  # disableKeepAlive allows enabling and disabling KeepALive server
  disableKeepAlive: false
+  # Block common exploits | detect SQL injection, and simple XSS attempts
  blockCommonExploits: false
  # interceptErrors intercepts backend errors based on defined the status codes
  interceptErrors:
@@ -43,7 +44,7 @@ gateway:
  ##### Define routes
  routes:
    # Example of a route | 1
-    - name: Public
+    - name: Public  # Name is optional
    # host Domain/host based request routing
      host: "" # Host is optional
      path: /public
@@ -51,6 +52,7 @@ gateway:
      # e.g rewrite: /store to /
      rewrite: /
      destination:  https://example.com
+      # Limit HTTP methods allowed for this route
      methods: [POST, PUT, GET]
      #DisableHeaderXForward Disable X-forwarded header.
      # [X-Forwarded-Host, X-Forwarded-For, Host, Scheme ]
@@ -81,6 +83,7 @@ gateway:
      path: /protected
      rewrite: /
      destination:  https://example.com
+      methods: []
      healthCheck:
      cors: {}
      middlewares:
@@ -138,4 +141,44 @@ middlewares:
      - /v2/swagger-ui/*
      - /api-docs/*
      - /internal/*
-      - /actuator/*
+      - /actuator/*
+      - name: oauth-google
+        type: oauth
+        paths:
+          - /protected
+          - /example-of-oauth
+        rule:
+          clientId: xxx
+          clientSecret: xxx
+          provider: google
+          endpoint:
+            userInfoUrl: ""
+          redirectUrl: http://localhost:8080/callback
+          redirectPath: ""
+          cookiePath: ""
+          scopes:
+            - https://www.googleapis.com/auth/userinfo.email
+            - https://www.googleapis.com/auth/userinfo.profile
+          state: randomStateString
+          jwtSecret: your-strong-jwt-secret | It's optional
+      - name: oauth-authentik
+        type: oauth
+        paths:
+          - /protected
+          - /example-of-oauth
+        rule:
+          clientId: xxx
+          clientSecret: xxx
+          provider: custom
+          endpoint:
+            authUrl: https://authentik.example.com/application/o/authorize/
+            tokenUrl: https://authentik.example.com/application/o/token/
+            userInfoUrl: https://authentik.example.com/application/o/userinfo/
+          redirectUrl: http://localhost:8080/callback
+          redirectPath: ""
+          cookiePath: ""
+          scopes:
+            - email
+            - openid
+          state: randomStateString
+          jwtSecret: your-strong-jwt-secret | It's optional