towk/opaal
1
0
Fork 0
mirror of https://github.com/davidallendj/opaal.git synced 2025-12-20 11:37:01 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updated config files

Browse source
This commit is contained in:
David Allen 2024-02-26 09:18:51 -07:00
parent 747ca162ed
commit a3f0caf4ff
No known key found for this signature in database
GPG key ID: 1D2A29322FBB6FCB
3 changed files with 43 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

22
docker/configs/hydra/hydra.yml
View file

@ -1,13 +1,17 @@
serve: serve:
cookies: cookies:
same_site_mode: Lax same_site_mode: Lax
names:
login_csrf: login
consent_csrf: consent
session: session
urls: urls:
self: self:
issuer: http://127.0.0.1:4444 issuer: http://127.0.0.1:4444
consent: http://127.0.0.1:3000/consent consent: http://127.0.0.1:4455/consent
login: http://127.0.0.1:3000/login login: http://127.0.0.1:4455/login
logout: http://127.0.0.1:3000/logout logout: http://127.0.0.1:4455/logout
secrets: secrets:
system: system:
@ -19,4 +23,14 @@ oidc:
- pairwise - pairwise
- public - public
pairwise: pairwise:
salt: youReallyNeedToChangeThis salt: youReallyNeedToChangeThis
oauth2:
grant:
jwt:
jti_optional: true
iat_optional: true
max_ttl: 1h
log:
leak_sensitive_values: true

17
docker/configs/kratos/kratos.yml
View file

@ -7,6 +7,21 @@ serve:
base_url: http://127.0.0.1:4433/ base_url: http://127.0.0.1:4433/
cors: cors:
enabled: true enabled: true
allowed_origins:
- http://127.0.0.1
allowed_methods:
- POST
- GET
- PUT
- PATCH
- DELETE
allowed_headers:
- Authorization
- Cookie
- Content-Type
exposed_headers:
- Content-Type
- Set-Cookie
admin: admin:
base_url: http://kratos:4434/ base_url: http://kratos:4434/
@ -27,7 +42,7 @@ selfservice:
provider: generic provider: generic
client_id: 7527e7b4-c96a-4df0-8fc5-00fde18bb65d client_id: 7527e7b4-c96a-4df0-8fc5-00fde18bb65d
client_secret: gto_cc5uvpb5lsdczkwnbarvwmbpv5kcjwg7nhbc75zt65yrfh2ldenq client_secret: gto_cc5uvpb5lsdczkwnbarvwmbpv5kcjwg7nhbc75zt65yrfh2ldenq
issuer_url: http://git.towk.local issuer_url: http://127.0.0.1:3000
mapper_url: "base64://bG9jYWwgY2xhaW1zID0gewogIGVtYWlsX3ZlcmlmaWVkOiBmYWxzZQp9ICsgc3RkLmV4dFZhcignY2xhaW1zJyk7Cgp7CiAgaWRlbnRpdHk6IHsKICAgIHRyYWl0czogewogICAgICAvLyBBbGxvd2luZyB1bnZlcmlmaWVkIGVtYWlsIGFkZHJlc3NlcyBlbmFibGVzIGFjY291bnQKICAgICAgLy8gZW51bWVyYXRpb24gYXR0YWNrcywgZXNwZWNpYWxseSBpZiB0aGUgdmFsdWUgaXMgdXNlZCBmb3IKICAgICAgLy8gZS5nLiB2ZXJpZmljYXRpb24gb3IgYXMgYSBwYXNzd29yZCBsb2dpbiBpZGVudGlmaWVyLgogICAgICAvLwogICAgICAvLyBUaGVyZWZvcmUgd2Ugb25seSByZXR1cm4gdGhlIGVtYWlsIGlmIGl0IChhKSBleGlzdHMgYW5kIChiKSBpcyBtYXJrZWQgdmVyaWZpZWQKICAgICAgLy8gYnkgR2l0TGFiLgogICAgICBbaWYgImVtYWlsIiBpbiBjbGFpbXMgJiYgY2xhaW1zLmVtYWlsX3ZlcmlmaWVkIHRoZW4gImVtYWlsIiBlbHNlIG51bGxdOiBjbGFpbXMuZW1haWwsCiAgICB9LAogIH0sCn0K" mapper_url: "base64://bG9jYWwgY2xhaW1zID0gewogIGVtYWlsX3ZlcmlmaWVkOiBmYWxzZQp9ICsgc3RkLmV4dFZhcignY2xhaW1zJyk7Cgp7CiAgaWRlbnRpdHk6IHsKICAgIHRyYWl0czogewogICAgICAvLyBBbGxvd2luZyB1bnZlcmlmaWVkIGVtYWlsIGFkZHJlc3NlcyBlbmFibGVzIGFjY291bnQKICAgICAgLy8gZW51bWVyYXRpb24gYXR0YWNrcywgZXNwZWNpYWxseSBpZiB0aGUgdmFsdWUgaXMgdXNlZCBmb3IKICAgICAgLy8gZS5nLiB2ZXJpZmljYXRpb24gb3IgYXMgYSBwYXNzd29yZCBsb2dpbiBpZGVudGlmaWVyLgogICAgICAvLwogICAgICAvLyBUaGVyZWZvcmUgd2Ugb25seSByZXR1cm4gdGhlIGVtYWlsIGlmIGl0IChhKSBleGlzdHMgYW5kIChiKSBpcyBtYXJrZWQgdmVyaWZpZWQKICAgICAgLy8gYnkgR2l0TGFiLgogICAgICBbaWYgImVtYWlsIiBpbiBjbGFpbXMgJiYgY2xhaW1zLmVtYWlsX3ZlcmlmaWVkIHRoZW4gImVtYWlsIiBlbHNlIG51bGxdOiBjbGFpbXMuZW1haWwsCiAgICB9LAogIH0sCn0K"
scope: scope:
- read_user - read_user

9
docker/docker-compose.yaml
View file

@ -77,11 +77,20 @@ services:
kratos-selfservice-ui-node: kratos-selfservice-ui-node:
image: oryd/kratos-selfservice-ui-node:v1.1.0 image: oryd/kratos-selfservice-ui-node:v1.1.0
environment: environment:
- PORT=4455
- SECURITY_MODE=
- HYDRA_ADMIN_URL=http://127.0.0.1:4445/
- KRATOS_PUBLIC_URL=http://kratos:4433/ - KRATOS_PUBLIC_URL=http://kratos:4433/
- KRATOS_BROWSER_URL=http://127.0.0.1:4433/ - KRATOS_BROWSER_URL=http://127.0.0.1:4433/
- COOKE_SECRET=1234567890
- CSRF_COOKIE_NAME=_OPENCHAMI-CSRF
- CSRF_COOKIE_SECRET=OCHAMI1234
- COOKIE_SECRET=testTESTtestTESTtestTEST
networks: networks:
- internal - internal
restart: on-failure restart: on-failure
ports:
- "4455:4455"
kratos: kratos:
depends_on: depends_on:
- kratos-migrate - kratos-migrate