LumeWeb
/
skynet-webportal
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

access rules

This commit is contained in:
Karol Wypchlo 2020-12-15 17:22:31 +01:00
parent 850a9e8bc1
commit 81838aa0e8
2 changed files with 23 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
docker/kratos/oathkeeper/access-rules.yml
View File

@ -1,5 +1,4 @@
- - id: "ory:kratos:public"
id: "ory:kratos:public"
upstream: upstream:
preserve_host: true preserve_host: true
url: "http://kratos:4433" url: "http://kratos:4433"
@ -13,15 +12,13 @@
- DELETE - DELETE
- PATCH - PATCH
authenticators: authenticators:
- - handler: noop
handler: noop
authorizer: authorizer:
handler: allow handler: allow
mutators: mutators:
- handler: noop - handler: noop
- - id: "ory:kratos-selfservice-ui-node:anonymous"
id: "ory:kratos-selfservice-ui-node:anonymous"
upstream: upstream:
preserve_host: true preserve_host: true
url: "http://kratos-selfservice-ui-node:4435" url: "http://kratos-selfservice-ui-node:4435"
@ -30,16 +27,13 @@
methods: methods:
- GET - GET
authenticators: authenticators:
- - handler: anonymous
handler: anonymous
authorizer: authorizer:
handler: allow handler: allow
mutators: mutators:
- - handler: noop
handler: noop
- - id: "ory:kratos-selfservice-ui-node:protected"
id: "ory:kratos-selfservice-ui-node:protected"
upstream: upstream:
preserve_host: true preserve_host: true
url: "http://kratos-selfservice-ui-node:4435" url: "http://kratos-selfservice-ui-node:4435"
@ -48,8 +42,7 @@
methods: methods:
- GET - GET
authenticators: authenticators:
- - handler: cookie_session
handler: cookie_session
authorizer: authorizer:
handler: allow handler: allow
mutators: mutators:
@ -60,3 +53,19 @@
#to: http://oathkeeper:4455/auth/login #to: http://oathkeeper:4455/auth/login
to: https://siasky.xyz/secure/auth/login to: https://siasky.xyz/secure/auth/login
- id: "accounts"
upstream:
preserve_host: true
url: "http://accounts:3000"
match:
url: "http://oathkeeper:4455/<{user}>"
methods:
- GET
authenticators:
- handler: cookie_session
authorizer:
handler: allow
mutators:
- handler: id_token
errors:
- handler: json

10
docker/nginx/conf.d/client.conf
View File

@ -352,16 +352,6 @@ server {
proxy_pass http://oathkeeper:4455; proxy_pass http://oathkeeper:4455;
} }
#location /secure/self-service {
# rewrite /secure/self-service/(.*) /$1 break;
# proxy_pass http://oathkeeper:4455;
#}
location /accounts {
rewrite /accounts/(.*) /$1 break;
proxy_pass http://accounts:3000;
}
# include custom locations, specific to the server # include custom locations, specific to the server
include /etc/nginx/conf.d/server-override/*; include /etc/nginx/conf.d/server-override/*;
} }