image:
  repository: tccr.io/truecharts/traefik-forward-auth
  pullPolicy: IfNotPresent
  tag: latest@sha256:edd7eb812cb38e59d32b5a00398b57a78506db2390cbe295f5df590a38a5d44e

workload:
  main:
    podSpec:
      containers:
        main:
          args: []
          envFrom:
            - secretRef:
                name: tfa-secrets

service:
  main:
    ports:
      main:
        targetPort: 4181
        port: 4181

tfaAppOptions:
  secret: something-random
  port: 4181
  logLevel: warn
  logFormat: text

tfaAuthOptions:
  authHost:
  urlPath: /_oauth
  defaultAction: auth
  defaultProvider: google
  domain: []
  whitelist: []
  rules: []

tfaCookieOptions:
  cookieDomain: []
  cookieName: _forward_auth
  csrfCookieName: _forward_auth_csrf
  lifetime: 43200
  insecureCookie: false

tfaGoogleOptions:
  clientId: "changeme"
  clientSecret: "changeme"
  prompt: "changeme"

tfaOidcOptions:
  issuerUrl: "changeme"
  clientId: "changeme"
  clientSecret: "changeme"
  resource: "changeme"

tfaOauthOptions:
  authUrl: "changeme"
  tokenUrl: "changeme"
  userUrl: "changeme"
  clientId: "changeme"
  clientSecret: "changeme"
  scopes: "changeme"
  tokenStyle: header
  resource: "changeme"