Skip to content

Commit b2a871f

Browse files
clepskiclepski
committed
chore: Readd auth path and remove extra nginx routes
1 parent a0e2fbc commit b2a871f

File tree

3 files changed

+4
-32
lines changed

3 files changed

+4
-32
lines changed

compas/docker-compose-postgresql.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,8 @@ services:
3535
- "8089:8080"
3636
# - "8080:8080"
3737
environment:
38-
- KC_HOSTNAME=http://${COMPAS_HOSTNAME}
39-
# - KC_HTTP_RELATIVE_PATH=auth
38+
- KC_HOSTNAME=http://${COMPAS_HOSTNAME}/auth/
39+
- KC_HTTP_RELATIVE_PATH=auth
4040
- KC_HTTP_ENABLED=true
4141
- KC_PROXY_HEADERS=xforwarded
4242
volumes:

compas/reverse-proxy/authenticate.include

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
access_by_lua_block {
22
local opts = {
33
redirect_uri = "http://##COMPAS_HOSTNAME##/redirect_uri",
4-
discovery = "http://keycloak:8080/realms/compas/.well-known/openid-configuration",
4+
discovery = "http://keycloak:8080/auth/realms/compas/.well-known/openid-configuration",
55
client_id = "openscd",
66
redirect_uri_scheme = "http",
77
logout_path = "/logout",
8-
redirect_after_logout_uri = "http://##COMPAS_HOSTNAME##/realms/compas/protocol/openid-connect/logout?redirect_uri=http%3A%2F%2F##COMPAS_HOSTNAME##%2F",
8+
redirect_after_logout_uri = "http://##COMPAS_HOSTNAME##/auth/realms/compas/protocol/openid-connect/logout?redirect_uri=http%3A%2F%2F##COMPAS_HOSTNAME##%2F",
99
redirect_after_logout_with_id_token_hint = false,
1010
session_contents = {id_token=true, access_token=true},
1111
renew_access_token_on_expiry = true,

compas/reverse-proxy/nginx.conf

Lines changed: 0 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -63,34 +63,6 @@ http {
6363
proxy_redirect off;
6464
}
6565

66-
# Forwarding to KeyCloak container 2.
67-
location /realms/ {
68-
proxy_set_header X-Real-IP $remote_addr;
69-
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
70-
proxy_set_header X-Forwarded-Proto $scheme;
71-
proxy_set_header X-Forwarded-Port $server_port;
72-
73-
proxy_pass http://keycloak:8080/realms/;
74-
75-
proxy_set_header Host $http_host;
76-
proxy_cache_bypass $http_upgrade;
77-
proxy_redirect off;
78-
}
79-
80-
# Forwarding to KeyCloak container resources.
81-
location /resources/ {
82-
proxy_set_header X-Real-IP $remote_addr;
83-
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
84-
proxy_set_header X-Forwarded-Proto $scheme;
85-
proxy_set_header X-Forwarded-Port $server_port;
86-
87-
proxy_pass http://keycloak:8080/resources/;
88-
89-
proxy_set_header Host $http_host;
90-
proxy_cache_bypass $http_upgrade;
91-
proxy_redirect off;
92-
}
93-
9466
# Forwarding to the SCL Validator Service container (websockets).
9567
location /compas-scl-data-service/scl-ws/ {
9668
include /etc/nginx/include/authenticate.include;

0 commit comments

Comments
 (0)