117 lines
2.4 KiB
YAML
117 lines
2.4 KiB
YAML
- id: "ory:kratos:public"
|
|
upstream:
|
|
preserve_host: true
|
|
url: "http://kratos:4433"
|
|
strip_path: /.ory/kratos/public
|
|
match:
|
|
url: "http://oathkeeper:4455/.ory/kratos/public/<**>"
|
|
methods:
|
|
- GET
|
|
- POST
|
|
- PUT
|
|
- DELETE
|
|
- PATCH
|
|
authenticators:
|
|
- handler: noop
|
|
authorizer:
|
|
handler: allow
|
|
mutators:
|
|
- handler: noop
|
|
|
|
- id: "dashboard:anonymous"
|
|
upstream:
|
|
preserve_host: true
|
|
url: "http://dashboard:3000"
|
|
match:
|
|
url: "http://oathkeeper:4455/<{_next/**,auth/**,recovery,verify,error,favicon.ico}{/,}>"
|
|
methods:
|
|
- GET
|
|
authenticators:
|
|
- handler: anonymous
|
|
authorizer:
|
|
handler: allow
|
|
mutators:
|
|
- handler: noop
|
|
|
|
- id: "dashboard:protected"
|
|
upstream:
|
|
preserve_host: true
|
|
url: "http://dashboard:3000"
|
|
match:
|
|
url: "http://oathkeeper:4455/<{,api/**,settings,uploads,downloads,payments}>"
|
|
methods:
|
|
- GET
|
|
- POST
|
|
- PUT
|
|
- DELETE
|
|
- PATCH
|
|
authenticators:
|
|
- handler: cookie_session
|
|
authorizer:
|
|
handler: allow
|
|
mutators:
|
|
- handler: id_token
|
|
- handler: header
|
|
config:
|
|
headers:
|
|
X-User: "{{ print .Subject }}"
|
|
errors:
|
|
- handler: redirect
|
|
config:
|
|
to: http://127.0.0.1/auth/login
|
|
|
|
- id: "accounts:anonymous"
|
|
upstream:
|
|
preserve_host: true
|
|
url: "http://accounts:3000"
|
|
match:
|
|
url: "http://oathkeeper<{,:4455}>/<{health,stripe/prices,stripe/webhook}>"
|
|
methods:
|
|
- GET
|
|
- POST
|
|
authenticators:
|
|
- handler: anonymous
|
|
authorizer:
|
|
handler: allow
|
|
mutators:
|
|
- handler: noop
|
|
|
|
- id: "accounts:public"
|
|
upstream:
|
|
preserve_host: true
|
|
url: "http://accounts:3000"
|
|
match:
|
|
url: "http://oathkeeper<{,:4455}>/<{user/limits}>"
|
|
methods:
|
|
- GET
|
|
authenticators:
|
|
- handler: cookie_session
|
|
- handler: noop
|
|
authorizer:
|
|
handler: allow
|
|
mutators:
|
|
- handler: id_token
|
|
|
|
- id: "accounts:protected"
|
|
upstream:
|
|
preserve_host: true
|
|
url: "http://accounts:3000"
|
|
match:
|
|
url: "http://oathkeeper<{,:4455}>/<{login,logout,user,user/uploads,user/uploads/*,user/downloads,user/stats}>"
|
|
methods:
|
|
- GET
|
|
- POST
|
|
- PUT
|
|
- DELETE
|
|
- PATCH
|
|
authenticators:
|
|
- handler: cookie_session
|
|
authorizer:
|
|
handler: allow
|
|
mutators:
|
|
- handler: id_token
|
|
errors:
|
|
- handler: redirect
|
|
config:
|
|
to: http://127.0.0.1/auth/login
|