Furthermore, Alpha Config now fully supports configuring the Server struct using YAML.

// Server represents the configuration for the Proxy HTTP(S) configuration.
type Server struct {
    // BindAddress is the address on which to serve traffic.
    BindAddress string `yaml:"bindAddress,omitempty"`

    // SecureBindAddress is the address on which to serve secure traffic.
    SecureBindAddress string `yaml:"secureBindAddress,omitempty"`

    // TLS contains the information for loading the certificate and key for the
    // secure traffic and further configuration for the TLS server.
    TLS *TLS `yaml:"tls,omitempty"`
}

// TLS contains the information for loading a TLS certificate and key
// as well as an optional minimal TLS version that is acceptable.
type TLS struct {
    // Key is the TLS key data to use.
    Key *SecretSource `yaml:"key,omitempty"`
    // Cert is the TLS certificate data to use.
    Cert *SecretSource `yaml:"cert,omitempty"`
    // MinVersion is the minimal TLS version that is acceptable.
    MinVersion string `yaml:"minVersion,omitempty"`
    // CipherSuites is a list of TLS cipher suites that are allowed.
    CipherSuites []string `yaml:"cipherSuites,omitempty"`
}

More about how to use Alpha Config can be found in the documentation.

Example Alpha configuration: https://github.com/oauth2-proxy/oauth2-proxy/blob/955ab6b/contrib/local-environment/oauth2-proxy-alpha-config.yaml

We are committed to Semantic Versioning and usually avoid breaking changes without a major version release. Advancing Alpha Config toward its Beta stage required this exception, and even for the Alpha Config we try to keep breaking changes in v7 to a minium. Thank you for understanding the need for this step to prepare the project for future maintainability and future improvements like structured logging.

Breaking Changes

Changes since v7.14.0

• #3309 fix: Return 302 redirect from AuthOnly endpoint when skip-provider-button is true (@StefanMarkmann)
• #3302 fix: static upstreams failing validation due to passHostHeader and proxyWebSockets defaults being set incorrectly (@sourava01 / @tuunit)
• #3312 chore(deps): upgrade to go1.25.6 and latest dependencies (@tuunit)