From 38a49cb76460308f4335bf59baf78c723601ae50 Mon Sep 17 00:00:00 2001
From: Luke Murphy <lukewm@riseup.net>
Date: Mon, 11 May 2020 00:10:29 +0200
Subject: [PATCH] Rip out tfa for now

---
 configs/prod/forward.ini.tmpl | 13 -------------
 docker-compose.prod.yml       | 36 -----------------------------------
 2 files changed, 49 deletions(-)
 delete mode 100644 configs/prod/forward.ini.tmpl

diff --git a/configs/prod/forward.ini.tmpl b/configs/prod/forward.ini.tmpl
deleted file mode 100644
index 63a48cb..0000000
--- a/configs/prod/forward.ini.tmpl
+++ /dev/null
@@ -1,13 +0,0 @@
-secret = {{ secret "secret-nonce-v1" }}
-
-default-provider = oidc
-
-providers.oidc.issuer-url = {{ secret "oidc-issuer-url-v1" }}
-providers.oidc.client-id = {{ secret "oidc-client-id-v1" }}
-providers.oidc.client-secret = {{ secret "oidc-client-secret-v1" }}
-
-log-level = error
-
-cookie-domain = swarm.autonomic.zone
-
-auth-host = auth.swarm.autonomic.zone
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 909ab4d..980f459 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -35,29 +35,6 @@ services:
         - "traefik.http.routers.traefik.service=api@internal"
         - "traefik.http.routers.traefik.middlewares=keycloak@file"
 
-  traefik-forward-auth:
-    image: thomseddon/traefik-forward-auth:2
-    configs:
-      - source: forward-ini-prod-v1
-        target: /etc/forward.ini
-    networks:
-      - proxy
-    environment:
-      - CONFIG=/etc/forward.ini
-    secrets:
-      - oidc-client-id-v1
-      - oidc-client-secret-v1
-      - oidc-issuer-url-v1
-      - secret-nonce-v1
-    deploy:
-      labels:
-        - "traefik.enable=true"
-        - "traefik.http.services.tfa.loadBalancer.server.port=4181"
-        - "traefik.http.routers.tfa.rule=Host(`auth.swarm.autonomic.zone`)"
-        - "traefik.http.routers.tfa.entrypoints=web-secure"
-        - "traefik.http.routers.tfa.tls.certresolver=staging"
-        - "traefik.http.routers.tfa.middlewares=keycloak@file"
-
 networks:
   proxy:
     external: true
@@ -67,19 +44,6 @@ configs:
     file: configs/prod/traefik.yml
   file-provider-prod-v1:
     file: configs/prod/file-provider.yml
-  forward-ini-prod-v1:
-    file: configs/prod/forward.ini.tmpl
-    template_driver: golang
-
-secrets:
-  secret-nonce-v1:
-    external: true
-  oidc-issuer-url-v1:
-    external: true
-  oidc-client-id-v1:
-    external: true
-  oidc-client-secret-v1:
-    external: true
 
 volumes:
   letsencrypt: