diff --git a/docker-compose.yml b/docker-compose.yml index edb8406a..59e2568b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -227,7 +227,7 @@ services: environment: - DSN=cockroach://root@cockroach:26257/defaultdb?sslmode=disable&max_conns=20&max_idle_conns=4 - LOG_LEVEL=trace - - SERVE_PUBLIC_BASE_URL=https://siasky.xyz/secure/.ory/kratos/public/ + - SERVE_PUBLIC_BASE_URL=http://127.0.0.1/secure/.ory/kratos/public/ - SQA_OPT_OUT=true command: serve -c /etc/config/kratos/kratos.yml volumes: @@ -256,8 +256,8 @@ services: - PORT=4435 - SECURITY_MODE=jwks - PROJECT_NAME=Skynet - - BASE_URL=https://siasky.xyz/secure/ - - KRATOS_BROWSER_URL=https://siasky.xyz/secure/.ory/kratos/public + - BASE_URL=http://127.0.0.1/secure/ + - KRATOS_BROWSER_URL=http://127.0.0.1/secure/.ory/kratos/public - JWKS_URL=http://oathkeeper:4456/.well-known/jwks.json - KRATOS_PUBLIC_URL=http://kratos:4433/ - KRATOS_ADMIN_URL=http://kratos:4434/ diff --git a/docker/kratos/config/kratos.yml b/docker/kratos/config/kratos.yml index de9f57bd..250cbe8c 100644 --- a/docker/kratos/config/kratos.yml +++ b/docker/kratos/config/kratos.yml @@ -4,16 +4,16 @@ dsn: memory serve: public: - base_url: https://siasky.xyz/secure/ + base_url: http://127.0.0.1/secure/ cors: enabled: true admin: - base_url: https://siasky.xyz/admin/ + base_url: http://127.0.0.1/admin/ selfservice: - default_browser_return_url: https://siasky.xyz + default_browser_return_url: http://127.0.0.1/ whitelisted_return_urls: - - https://siasky.xyz + - http://127.0.0.1/ methods: password: @@ -21,33 +21,33 @@ selfservice: flows: error: - ui_url: https://siasky.xyz/secure/error + ui_url: http://127.0.0.1/secure/error settings: - ui_url: https://siasky.xyz/secure/settings + ui_url: http://127.0.0.1/secure/settings privileged_session_max_age: 15m recovery: enabled: true - ui_url: https://siasky.xyz/secure/recovery + ui_url: http://127.0.0.1/secure/recovery verification: enabled: true - ui_url: https://siasky.xyz/secure/verify + ui_url: http://127.0.0.1/secure/verify after: - default_browser_return_url: https://siasky.xyz + default_browser_return_url: http://127.0.0.1/ logout: after: - default_browser_return_url: https://siasky.xyz/secure/auth/login + default_browser_return_url: http://127.0.0.1/secure/auth/login login: - ui_url: https://siasky.xyz/secure/auth/login + ui_url: http://127.0.0.1/secure/auth/login lifespan: 10m registration: lifespan: 10m - ui_url: https://siasky.xyz/secure/auth/registration + ui_url: http://127.0.0.1/secure/auth/registration after: password: hooks: diff --git a/docker/kratos/oathkeeper/access-rules.yml b/docker/kratos/oathkeeper/access-rules.yml index 6aa6111f..0abe8619 100644 --- a/docker/kratos/oathkeeper/access-rules.yml +++ b/docker/kratos/oathkeeper/access-rules.yml @@ -50,8 +50,7 @@ errors: - handler: redirect config: - #to: http://oathkeeper:4455/auth/login - to: https://siasky.xyz/secure/auth/login + to: http://127.0.0.1/secure/auth/login - id: "accounts" upstream: diff --git a/docker/kratos/oathkeeper/oathkeeper.yml b/docker/kratos/oathkeeper/oathkeeper.yml index e31ef77c..f957313d 100644 --- a/docker/kratos/oathkeeper/oathkeeper.yml +++ b/docker/kratos/oathkeeper/oathkeeper.yml @@ -30,11 +30,9 @@ errors: redirect: enabled: true config: - #to: http://oathkeeper:4455/auth/login - to: https://siasky.xyz/secure/auth/login + to: http://127.0.0.1/secure/auth/login when: - - - error: + - error: - unauthorized - forbidden request: @@ -81,11 +79,9 @@ mutators: id_token: enabled: true config: - #issuer_url: http://oathkeeper:4455/ - issuer_url: https://siasky.xyz/ + issuer_url: http://oathkeeper:4455/ jwks_url: file:///etc/config/oathkeeper/id_token.jwks.json claims: | { "session": {{ .Extra | toJson }} } - diff --git a/docker/nginx/conf.d/client.conf b/docker/nginx/conf.d/client.conf index 66e348fe..0aaa6195 100644 --- a/docker/nginx/conf.d/client.conf +++ b/docker/nginx/conf.d/client.conf @@ -349,6 +349,7 @@ server { location /secure { rewrite /secure/(.*) /$1 break; + proxy_redirect http://127.0.0.1/ /; proxy_pass http://oathkeeper:4455; }