forked from baron/baron-sso
fix(infra): resolve CORS error and Nginx 502 Bad Gateway
- Update Hydra and Kratos CORS config to specify allowed origins explicitly instead of using wildcard with allow_credentials: true - Fix Nginx upstream resolution for Oathkeeper to use correct container hostname (ory_oathkeeper)
This commit is contained in:
@@ -7,7 +7,15 @@ serve:
|
|||||||
cors:
|
cors:
|
||||||
enabled: true
|
enabled: true
|
||||||
allowed_origins:
|
allowed_origins:
|
||||||
- "*"
|
- http://localhost:5173
|
||||||
|
- http://localhost:5174
|
||||||
|
- http://localhost:5175
|
||||||
|
- http://localhost:5000
|
||||||
|
- https://ssologin.hmac.kr
|
||||||
|
- https://sso-test.hmac.kr
|
||||||
|
- https://app.brsw.kr
|
||||||
|
- https://sss.hmac.kr
|
||||||
|
- https://sso.hmac.kr
|
||||||
allowed_methods:
|
allowed_methods:
|
||||||
- POST
|
- POST
|
||||||
- GET
|
- GET
|
||||||
@@ -37,7 +45,15 @@ serve:
|
|||||||
cors:
|
cors:
|
||||||
enabled: true
|
enabled: true
|
||||||
allowed_origins:
|
allowed_origins:
|
||||||
- "*"
|
- http://localhost:5173
|
||||||
|
- http://localhost:5174
|
||||||
|
- http://localhost:5175
|
||||||
|
- http://localhost:5000
|
||||||
|
- https://ssologin.hmac.kr
|
||||||
|
- https://sso-test.hmac.kr
|
||||||
|
- https://app.brsw.kr
|
||||||
|
- https://sss.hmac.kr
|
||||||
|
- https://sso.hmac.kr
|
||||||
allowed_methods:
|
allowed_methods:
|
||||||
- POST
|
- POST
|
||||||
- GET
|
- GET
|
||||||
|
|||||||
@@ -8,8 +8,17 @@ serve:
|
|||||||
cors:
|
cors:
|
||||||
enabled: true
|
enabled: true
|
||||||
allowed_origins:
|
allowed_origins:
|
||||||
|
- http://localhost:5173
|
||||||
|
- http://localhost:5174
|
||||||
|
- http://localhost:5175
|
||||||
|
- http://localhost:5000
|
||||||
- http://backend:3000
|
- http://backend:3000
|
||||||
- http://baron_backend:3000
|
- http://baron_backend:3000
|
||||||
|
- https://ssologin.hmac.kr
|
||||||
|
- https://sso-test.hmac.kr
|
||||||
|
- https://app.brsw.kr
|
||||||
|
- https://sss.hmac.kr
|
||||||
|
- https://sso.hmac.kr
|
||||||
admin:
|
admin:
|
||||||
base_url: http://localhost:4434/
|
base_url: http://localhost:4434/
|
||||||
|
|
||||||
|
|||||||
@@ -156,4 +156,4 @@
|
|||||||
"authorizer": { "handler": "allow" },
|
"authorizer": { "handler": "allow" },
|
||||||
"mutators": [{ "handler": "noop" }]
|
"mutators": [{ "handler": "noop" }]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ server {
|
|||||||
resolver 127.0.0.11 valid=10s ipv6=off;
|
resolver 127.0.0.11 valid=10s ipv6=off;
|
||||||
set $backend_upstream http://baron_backend:3000;
|
set $backend_upstream http://baron_backend:3000;
|
||||||
set $userfront_upstream http://baron_userfront:5000;
|
set $userfront_upstream http://baron_userfront:5000;
|
||||||
set $oathkeeper_upstream http://oathkeeper:4455;
|
set $oathkeeper_upstream http://ory_oathkeeper:4455;
|
||||||
|
|
||||||
error_log /dev/stderr warn;
|
error_log /dev/stderr warn;
|
||||||
access_log /var/log/nginx/access.log json_combined;
|
access_log /var/log/nginx/access.log json_combined;
|
||||||
|
|||||||
Reference in New Issue
Block a user