add longhorn oauth2 proxy

deploy/longhorn/oauth2-proxy-longhorn.yaml

@@ -0,0 +1,38 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: oauth2-proxy-longhorn
+  namespace: longhorn-system
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: oauth2-proxy-longhorn
+  template:
+    metadata:
+      labels:
+        app: oauth2-proxy-longhorn
+    spec:
+      containers:
+      - name: oauth2-proxy
+        image: quay.io/oauth2-proxy/oauth2-proxy:v7.8.1
+        args:
+          - --provider=keycloak
+          - --client-id=longhorn
+          - --client-secret=0U2QuP1QMAXln8bzwJ3aJMIvaH9t2QvJ
+          - --cookie-secret=lDE7du7SlDuG1UySIZUhcHfuk5HlgFlgDWdHD_PQ9UI=
+          - --oidc-issuer-url=https://sso.beatrice.wtf/realms/panic-haus
+          - --cookie-domain=longhorn.panic.haus
+          - --email-domain=*
+          - --http-address=0.0.0.0:4180
+          - --redirect-url=https://longhorn.panic.haus/oauth2/callback
+          -  --upstream=http://longhorn-frontend.longhorn-system.svc.cluster.local:80
+          - --scope=openid
+          - --login-url=https://sso.beatrice.wtf/realms/panic-haus/protocol/openid-connect/auth
+          - --validate-url=https://sso.beatrice.wtf/realms/panic-haus/protocol/openid-connect/userinfo
+          - --redeem-url=https://sso.beatrice.wtf/realms/panic-haus/protocol/openid-connect/token
+          - --skip-auth-regex=^(?:https?:\/\/)?longhorn\.panic\.haus\/(favicon\.ico|.*\.(?:js|css)(\.map)?)$|^\/(favicon\.ico|.*\.(?:js|css)(\.map)?)$
+        ports:
+          - name: http
+            containerPort: 4180
+            protocol: TCP