try proxy redirect

docker-compose.yml

@@ -227,7 +227,7 @@ services:
     environment:
       - DSN=cockroach://root@cockroach:26257/defaultdb?sslmode=disable&max_conns=20&max_idle_conns=4
       - LOG_LEVEL=trace
-      - SERVE_PUBLIC_BASE_URL=https://siasky.xyz/secure/.ory/kratos/public/
+      - SERVE_PUBLIC_BASE_URL=http://127.0.0.1/secure/.ory/kratos/public/
       - SQA_OPT_OUT=true
     command: serve -c /etc/config/kratos/kratos.yml
     volumes:
@@ -256,8 +256,8 @@ services:
       - PORT=4435
       - SECURITY_MODE=jwks
       - PROJECT_NAME=Skynet
-      - BASE_URL=https://siasky.xyz/secure/
+      - BASE_URL=http://127.0.0.1/secure/
-      - KRATOS_BROWSER_URL=https://siasky.xyz/secure/.ory/kratos/public
+      - KRATOS_BROWSER_URL=http://127.0.0.1/secure/.ory/kratos/public
       - JWKS_URL=http://oathkeeper:4456/.well-known/jwks.json
       - KRATOS_PUBLIC_URL=http://kratos:4433/
       - KRATOS_ADMIN_URL=http://kratos:4434/

docker/kratos/config/kratos.yml

@@ -4,16 +4,16 @@ dsn: memory
 
 serve:
   public:
-    base_url: https://siasky.xyz/secure/
+    base_url: http://127.0.0.1/secure/
     cors:
       enabled: true
   admin:
-    base_url: https://siasky.xyz/admin/
+    base_url: http://127.0.0.1/admin/
 
 selfservice:
-  default_browser_return_url: https://siasky.xyz
+  default_browser_return_url: http://127.0.0.1/
   whitelisted_return_urls:
-    - https://siasky.xyz
+    - http://127.0.0.1/
 
   methods:
     password:
@@ -21,33 +21,33 @@ selfservice:
 
   flows:
     error:
-      ui_url: https://siasky.xyz/secure/error
+      ui_url: http://127.0.0.1/secure/error
 
     settings:
-      ui_url: https://siasky.xyz/secure/settings
+      ui_url: http://127.0.0.1/secure/settings
       privileged_session_max_age: 15m
 
     recovery:
       enabled: true
-      ui_url: https://siasky.xyz/secure/recovery
+      ui_url: http://127.0.0.1/secure/recovery
 
     verification:
       enabled: true
-      ui_url: https://siasky.xyz/secure/verify
+      ui_url: http://127.0.0.1/secure/verify
       after:
-        default_browser_return_url: https://siasky.xyz
+        default_browser_return_url: http://127.0.0.1/
 
     logout:
       after:
-        default_browser_return_url: https://siasky.xyz/secure/auth/login
+        default_browser_return_url: http://127.0.0.1/secure/auth/login
 
     login:
-      ui_url: https://siasky.xyz/secure/auth/login
+      ui_url: http://127.0.0.1/secure/auth/login
       lifespan: 10m
 
     registration:
       lifespan: 10m
-      ui_url: https://siasky.xyz/secure/auth/registration
+      ui_url: http://127.0.0.1/secure/auth/registration
       after:
         password:
           hooks:

docker/kratos/oathkeeper/access-rules.yml

@@ -50,8 +50,7 @@
   errors:
     - handler: redirect
       config:
-        #to: http://oathkeeper:4455/auth/login
+        to: http://127.0.0.1/secure/auth/login
-        to: https://siasky.xyz/secure/auth/login
 
 - id: "accounts"
   upstream:

docker/kratos/oathkeeper/oathkeeper.yml

@@ -30,11 +30,9 @@ errors:
     redirect:
       enabled: true
       config:
-        #to: http://oathkeeper:4455/auth/login
+        to: http://127.0.0.1/secure/auth/login
-        to: https://siasky.xyz/secure/auth/login
         when:
-          -
+          - error:
-            error:
               - unauthorized
               - forbidden
             request:
@@ -81,11 +79,9 @@ mutators:
   id_token:
     enabled: true
     config:
-      #issuer_url: http://oathkeeper:4455/
+      issuer_url: http://oathkeeper:4455/
-      issuer_url: https://siasky.xyz/
       jwks_url: file:///etc/config/oathkeeper/id_token.jwks.json
       claims: |
         {
           "session": {{ .Extra | toJson }}
         }
-

docker/nginx/conf.d/client.conf

@@ -349,6 +349,7 @@ server {
 
 	location /secure {
 		rewrite /secure/(.*) /$1 break;
+		proxy_redirect http://127.0.0.1/ /;
 		proxy_pass http://oathkeeper:4455;
 	}