diff --git a/backend/app/services/scheduler/schedule_tenant.py b/backend/app/services/scheduler/schedule_tenant.py index d7bfd85..1534f48 100644 --- a/backend/app/services/scheduler/schedule_tenant.py +++ b/backend/app/services/scheduler/schedule_tenant.py @@ -209,10 +209,24 @@ def _generate_tenant_route_yaml(tenant, is_active: bool) -> str: " vmis-strip-admin:", " stripPrefix:", ' prefixes: ["/admin"]', + f" {code}-oidc-redirect:", + " redirectRegex:", + ' regex: ".*"', + f' replacement: "https://{domain}/apps/user_oidc/login/1"', + " permanent: false", "", ] lines += [ " routers:", + f" {code}-login:", + f' rule: "Host(`{domain}`) && Path(`/login`)"', + f" service: {code}-drive", + " entryPoints: [websecure]", + f" middlewares: [{code}-oidc-redirect]", + " tls:", + " certResolver: letsencrypt", + " priority: 300", + "", f" {code}-admin:", f' rule: "Host(`{domain}`) && PathPrefix(`/admin`)"', f" service: {code}-vmis", @@ -255,7 +269,23 @@ def _generate_tenant_route_yaml(tenant, is_active: bool) -> str: ] else: lines += [ + " middlewares:", + f" {code}-oidc-redirect:", + " redirectRegex:", + ' regex: ".*"', + f' replacement: "https://{domain}/apps/user_oidc/login/1"', + " permanent: false", + "", " routers:", + f" {code}-login:", + f' rule: "Host(`{domain}`) && Path(`/login`)"', + f" service: {code}-drive", + " entryPoints: [websecure]", + f" middlewares: [{code}-oidc-redirect]", + " tls:", + " certResolver: letsencrypt", + " priority: 300", + "", f" {code}-drive:", f' rule: "Host(`{domain}`)"', f" service: {code}-drive",