LumeWeb
/
skynet-webportal
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "use secure subdomain" 

This reverts commit d8003fdd85f37049ac2c7074495f180f2fcfa1b5.
This commit is contained in:
Karol Wypchlo 2020-12-15 16:29:30 +01:00
parent 8a65e1aadf
commit e2d7397d05
4 changed files with 32 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docker-compose.yml
View File

@ -227,7 +227,7 @@ services:
environment:
- DSN=cockroach://root@cockroach:26257/defaultdb?sslmode=disable&max_conns=20&max_idle_conns=4
- LOG_LEVEL=trace
- SERVE_PUBLIC_BASE_URL=https://secure.siasky.xyz/.ory/kratos/public/
- SERVE_PUBLIC_BASE_URL=https://siasky.xyz/secure/.ory/kratos/public/
- SQA_OPT_OUT=true
command: serve -c /etc/config/kratos/kratos.yml
volumes:
@ -256,8 +256,8 @@ services:
- PORT=4435
- SECURITY_MODE=jwks
- PROJECT_NAME=Skynet
- BASE_URL=https://secure.siasky.xyz
- KRATOS_BROWSER_URL=https://secure.siasky.xyz/.ory/kratos/public
- BASE_URL=https://siasky.xyz/secure/
- KRATOS_BROWSER_URL=https://siasky.xyz/secure/.ory/kratos/public
- JWKS_URL=http://oathkeeper:4456/.well-known/jwks.json
- KRATOS_PUBLIC_URL=http://kratos:4433/
- KRATOS_ADMIN_URL=http://kratos:4434/

18
docker/kratos/config/kratos.yml
View File

@ -4,7 +4,7 @@ dsn: memory
serve:
public:
base_url: https://secure.siasky.xyz
base_url: https://siasky.xyz/secure/
cors:
enabled: true
admin:
@ -21,33 +21,33 @@ selfservice:
flows:
error:
ui_url: https://secure.siasky.xyz/error
ui_url: https://siasky.xyz/secure/error
settings:
ui_url: https://secure.siasky.xyz/settings
ui_url: https://siasky.xyz/secure/settings
privileged_session_max_age: 15m
recovery:
enabled: true
ui_url: https://secure.siasky.xyz/recovery
ui_url: https://siasky.xyz/secure/recovery
verification:
enabled: true
ui_url: https://secure.siasky.xyz/verify
ui_url: https://siasky.xyz/secure/verify
after:
default_browser_return_url: https://siasky.xyz
logout:
after:
default_browser_return_url: https://secure.siasky.xyz/auth/login
default_browser_return_url: https://siasky.xyz/secure/auth/login
login:
ui_url: https://secure.siasky.xyz/auth/login
ui_url: https://siasky.xyz/secure/auth/login
lifespan: 10m
registration:
lifespan: 10m
ui_url: https://secure.siasky.xyz/auth/registration
ui_url: https://siasky.xyz/secure/auth/registration
after:
password:
hooks:
@ -64,7 +64,7 @@ secrets:
session:
cookie:
domain: secure.siasky.xyz
domain: siasky.xyz
hashers:
argon2:

24
docker/kratos/oathkeeper/access-rules.yml
View File

@ -1,4 +1,5 @@
- id: "ory:kratos:public"
-
id: "ory:kratos:public"
upstream:
preserve_host: true
url: "http://kratos:4433"
@ -12,13 +13,15 @@
- DELETE
- PATCH
authenticators:
- handler: noop
-
handler: noop
authorizer:
handler: allow
mutators:
- handler: noop
- id: "ory:kratos-selfservice-ui-node:anonymous"
-
id: "ory:kratos-selfservice-ui-node:anonymous"
upstream:
preserve_host: true
url: "http://kratos-selfservice-ui-node:4435"
@ -27,13 +30,16 @@
methods:
- GET
authenticators:
- handler: anonymous
-
handler: anonymous
authorizer:
handler: allow
mutators:
- handler: noop
-
handler: noop
- id: "ory:kratos-selfservice-ui-node:protected"
-
id: "ory:kratos-selfservice-ui-node:protected"
upstream:
preserve_host: true
url: "http://kratos-selfservice-ui-node:4435"
@ -42,7 +48,8 @@
methods:
- GET
authenticators:
- handler: cookie_session
-
handler: cookie_session
authorizer:
handler: allow
mutators:
@ -51,4 +58,5 @@
- handler: redirect
config:
#to: http://oathkeeper:4455/auth/login
to: https://secure.siasky.xyz/auth/login
to: https://siasky.xyz/secure/auth/login

6
docker/kratos/oathkeeper/oathkeeper.yml
View File

@ -31,9 +31,10 @@ errors:
enabled: true
config:
#to: http://oathkeeper:4455/auth/login
to: https://secure.siasky.xyz/auth/login
to: https://siasky.xyz/secure/auth/login
when:
- error:
-
error:
- unauthorized
- forbidden
request:
@ -87,3 +88,4 @@ mutators:
{
"session": {{ .Extra | toJson }}
}