Removes forward authentication middleware and related config (#6)

k8s-deploy/lightrag-minimal/templates/forwardauth-middleware.yaml

@@ -1,28 +0,0 @@
-{{- if and .Values.ingress.enabled .Values.ingress.forwardAuth.enabled }}
-apiVersion: traefik.io/v1alpha1 # Use traefik.containo.us/v1alpha1 if using older Traefik
-kind: Middleware
-metadata:
-  # Use the helper for the Middleware resource name
-  name: {{ .Values.ingress.forwardAuth.name | quote }}
-  # Middleware MUST be in the same namespace as the Ingress that uses it
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "lightrag-minimal.labels" . | nindent 4 }}
-spec:
-  forwardAuth:
-    # Required fields from values.yaml
-    address: {{ .Values.ingress.forwardAuth.address | quote }}
-    trustForwardHeader: {{ .Values.ingress.forwardAuth.trustForwardHeader | default true }}
-
-    # Optional headers to send to the authentication service
-    {{- if .Values.ingress.forwardAuth.authRequestHeaders }}
-    authRequestHeaders:
-      {{- toYaml .Values.ingress.forwardAuth.authRequestHeaders | nindent 6 }}
-    {{- end }}
-
-    # Optional headers to copy from the authentication service's response
-    {{- if .Values.ingress.forwardAuth.authResponseHeaders }}
-    authResponseHeaders:
-      {{- toYaml .Values.ingress.forwardAuth.authResponseHeaders | nindent 6 }}
-    {{- end }}
-{{- end }}

k8s-deploy/lightrag-minimal/templates/strip-headers-middleware.yaml

@@ -1,15 +0,0 @@
-{{- /* Create strip-headers Middleware only if ingress is enabled */}}
-{{- if and .Values.ingress.enabled .Values.ingress.forwardAuth.enabled }}
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: strip-headers
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "lightrag-minimal.labels" . | nindent 4 }}
-spec:
-  headers:
-    customRequestHeaders:
-      Authorization: ""  # Empty value removes header
-      Cookie: ""
-{{- end }}

k8s-deploy/lightrag-minimal/values.yaml

@@ -27,14 +27,6 @@ ingress:
         - path: /
           pathType: Prefix
   tls: []
-  forwardAuth:
-    enabled: false
-    # name: forwardauth
-    # address: http://forwardauth:8080
-    # trustForwardHeader: true
-    # authRequestHeaders:
-    #   - "Cookie"
-    #   - "Authorization"
 
 # Resource limits and requests
 resources:

k8s-deploy/lightrag/templates/forwardauth-middleware.yaml

@@ -1,28 +0,0 @@
-{{- if and .Values.ingress.enabled .Values.ingress.forwardAuth.enabled }}
-apiVersion: traefik.io/v1alpha1 # Use traefik.containo.us/v1alpha1 if using older Traefik
-kind: Middleware
-metadata:
-  # Use the helper for the Middleware resource name
-  name: {{ .Values.ingress.forwardAuth.name | quote }}
-  # Middleware MUST be in the same namespace as the Ingress that uses it
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "lightrag.labels" . | nindent 4 }}
-spec:
-  forwardAuth:
-    # Required fields from values.yaml
-    address: {{ .Values.ingress.forwardAuth.address | quote }}
-    trustForwardHeader: {{ .Values.ingress.forwardAuth.trustForwardHeader | default true }}
-
-    # Optional headers to send to the authentication service
-    {{- if .Values.ingress.forwardAuth.authRequestHeaders }}
-    authRequestHeaders:
-      {{- toYaml .Values.ingress.forwardAuth.authRequestHeaders | nindent 6 }}
-    {{- end }}
-
-    # Optional headers to copy from the authentication service's response
-    {{- if .Values.ingress.forwardAuth.authResponseHeaders }}
-    authResponseHeaders:
-      {{- toYaml .Values.ingress.forwardAuth.authResponseHeaders | nindent 6 }}
-    {{- end }}
-{{- end }}

k8s-deploy/lightrag/templates/strip-headers-middleware.yaml

@@ -1,15 +0,0 @@
-{{- /* Create strip-headers Middleware only if ingress is enabled */}}
-{{- if and .Values.ingress.enabled .Values.ingress.forwardAuth.enabled }}
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: strip-headers
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "lightrag.labels" . | nindent 4 }}
-spec:
-  headers:
-    customRequestHeaders:
-      Authorization: ""  # Empty value removes header
-      Cookie: ""
-{{- end }}

k8s-deploy/lightrag/values.yaml

@@ -23,14 +23,6 @@ ingress:
         - path: /
           pathType: Prefix
   tls: []
-  forwardAuth:
-    enabled: false
-    # name: forwardauth
-    # address: http://forwardauth:8080
-    # trustForwardHeader: true
-    # authRequestHeaders:
-    #   - "Cookie"
-    #   - "Authorization"
 
 resources:
   limits: