fix(infra): resolve CORS error and Nginx 502 Bad Gateway

- Update Hydra and Kratos CORS config to specify allowed origins explicitly instead of using wildcard with allow_credentials: true - Fix Nginx upstream resolution for Oathkeeper to use correct container hostname (ory_oathkeeper)
2026-04-24 11:59:49 +09:00
parent cfba44cec2
commit 8e28a9d74b
4 changed files with 29 additions and 4 deletions
--- a/docker/ory/hydra/hydra.yml
+++ b/docker/ory/hydra/hydra.yml
@@ -7,7 +7,15 @@ serve:
        cors:
            enabled: true
            allowed_origins:
-                - "*"
+                - http://localhost:5173
+                - http://localhost:5174
+                - http://localhost:5175
+                - http://localhost:5000
+                - https://ssologin.hmac.kr
+                - https://sso-test.hmac.kr
+                - https://app.brsw.kr
+                - https://sss.hmac.kr
+                - https://sso.hmac.kr
            allowed_methods:
                - POST
                - GET
@@ -37,7 +45,15 @@ serve:
        cors:
            enabled: true
            allowed_origins:
-                - "*"
+                - http://localhost:5173
+                - http://localhost:5174
+                - http://localhost:5175
+                - http://localhost:5000
+                - https://ssologin.hmac.kr
+                - https://sso-test.hmac.kr
+                - https://app.brsw.kr
+                - https://sss.hmac.kr
+                - https://sso.hmac.kr
            allowed_methods:
                - POST
                - GET