fix node-red combined with whawty-sso nginx/auth

author: Christian Pointner <equinox@spreadspace.org> 2023-12-28 12:44:29 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2023-12-28 12:44:29 +0100
commit: b36376c1540b74c201848dd8e8c69a3ad1f3ae6a (patch)
tree: 54809a0e4651673dfc56a8c34a26cef2246690a2
parent: nginx/whawty-sso: use less generic name for auth_requests (diff)
1 files changed, 23 insertions, 24 deletions
diff --git a/inventory/host_vars/ch-apps/node-red.yml b/inventory/host_vars/ch-apps/node-red.yml
index 157043d1..249e7f7a 100644
--- a/inventory/host_vars/ch-apps/node-red.yml
+++ b/inventory/host_vars/ch-apps/node-red.yml
@@ -36,33 +36,32 @@ node_red_instances:
       location_extra_directives: |
         auth_request_set $username $upstream_http_x_username;
         proxy_set_header X-Username $username;
-        proxy_set_header Authorization "";
     custom_image:
       dockerfile: |
         RUN npm install passport-trusted-header
     extra_settings: |
       adminAuth: {
-        type: "strategy",
-        strategy: {
-            name: "trusted-header",
-            label: "SSO login",
-            autoLogin: true,
-            strategy: require("passport-trusted-header").Strategy,
-            options: {
-                headers: ['x-username'],
-                verify: function(requestHeaders, done) {
-                    var username = requestHeaders['x-username']
-                    if(username === '') {
-                         done("x-username HTTP-Header is empty", null)
-                    }
-                    done(null, { username: username });
-                }
-            },
-        },
-        users: [
-           { username: "equinox", permissions: ["*"] }
-        ],
-        default: {
-           permissions: "read"
-        }
+          type: "strategy",
+          strategy: {
+              name: "trusted-header",
+              label: "SSO login",
+              autoLogin: true,
+              strategy: require("passport-trusted-header").Strategy,
+              options: {
+                  headers: ['x-username'],
+                  verify: function(requestHeaders, done) {
+                      var username = requestHeaders['x-username']
+                      if(username === '') {
+                          done("x-username HTTP-Header is empty", null)
+                      }
+                      done(null, { username: username });
+                  }
+              },
+          },
+          users: [
+              { username: "equinox", permissions: ["*"] }
+          ],
+          default: {
+              permissions: "read"
+          }
       }
author	Christian Pointner <equinox@spreadspace.org>	2023-12-28 12:44:29 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2023-12-28 12:44:29 +0100
commit	b36376c1540b74c201848dd8e8c69a3ad1f3ae6a (patch)
tree	54809a0e4651673dfc56a8c34a26cef2246690a2
parent	nginx/whawty-sso: use less generic name for auth_requests (diff)