Single-Sign On Configuration
nginx-ingress has support for OIDC auth using an OAUTH2 proxy. Official documentation can be found at https://kubernetes.github.io/ingress-nginx/examples/auth/oauth-external-auth/.
This documentation speaks of https://github.com/bitly/oauth2_proxy, however this is no longer maintained. The repo lists a couple of examples of OAUTH2 proxies, with an official hard-fork being https://github.com/pusher/oauth2_proxy.
The use of this documentation as well as the OIDC/OAUTH2 proxy means that services running on docker can be seamlessly protected by SSO, including the dashboard (and API?), removing the need for (current lab's) RP01, which was handling SSO.
This would be a good solution, but would require moving from Traefik to NGINX-Ingress.