forked from baron/baron-sso
kratos SSOT 재설계
This commit is contained in:
@@ -1,6 +1,8 @@
|
||||
APP_ENV=dev
|
||||
APP_ENV=stage
|
||||
BACKEND_LOG_LEVEL=debug
|
||||
CLIENT_LOG_DEBUG=true
|
||||
WORKS_ADMIN_API_BASE_URL=https://www.worksapis.com
|
||||
WORKS_ADMIN_OAUTH_TOKEN_URL=REDACTED
|
||||
TZ=Asia/Seoul
|
||||
IDP_PROVIDER=ory
|
||||
|
||||
@@ -16,6 +18,7 @@ CLICKHOUSE_PASSWORD=REDACTED
|
||||
BACKEND_PORT=3000
|
||||
ADMINFRONT_PORT=5173
|
||||
DEVFRONT_PORT=5174
|
||||
ORGFRONT_PORT=
|
||||
USERFRONT_PORT=5000
|
||||
|
||||
OATHKEEPER_API_URL=http://oathkeeper:4456
|
||||
@@ -26,10 +29,11 @@ DB_NAME=baron_sso
|
||||
COOKIE_SECRET=REDACTED
|
||||
JWT_SECRET=REDACTED
|
||||
REDIS_ADDR=redis:6389
|
||||
CORS_ALLOWED_ORIGINS='*'
|
||||
CORS_ALLOWED_ORIGINS=https://sso.hmac.kr
|
||||
AUDIT_WORKER_COUNT=5
|
||||
AUDIT_QUEUE_SIZE=2000
|
||||
PROFILE_CACHE_TTL=
|
||||
PROFILE_CACHE_TTL=30m
|
||||
ORGFRONT_ORGCHART_CACHE_TTL_SECONDS=3600
|
||||
NAVER_CLOUD_ACCESS_KEY=REDACTED
|
||||
NAVER_CLOUD_SECRET_KEY=REDACTED
|
||||
NAVER_CLOUD_SERVICE_ID=ncp:sms:kr:364022321777:baroncs
|
||||
@@ -38,19 +42,15 @@ AWS_REGION=ap-northeast-2
|
||||
AWS_ACCESS_KEY_ID=REDACTED
|
||||
AWS_SECRET_ACCESS_KEY=REDACTED
|
||||
AWS_SES_SENDER=support@baroncs.co.kr
|
||||
# ADMIN_EMAIL=admin@hmac.kr
|
||||
ADMIN_EMAIL=su-@samaneng.com
|
||||
ADMIN_EMAIL=admin@hmac.kr
|
||||
ADMIN_PASSWORD=REDACTED
|
||||
USERFRONT_URL=http://localhost:5000
|
||||
# USERFRONT_URL=http://172.16.9.189:5000
|
||||
ADMINFRONT_URL=http://localhost:5173
|
||||
DEVFRONT_URL=http://localhost:5174
|
||||
VITE_ORGCHART_URL=http://localhost:5175
|
||||
ORGFRONT_URL=http://localhost:5175
|
||||
USERFRONT_URL=https://sso.hmac.kr
|
||||
ADMINFRONT_URL=https://sadmin.hmac.kr
|
||||
DEVFRONT_URL=https://sdev.hmac.kr
|
||||
ORGFRONT_URL=https://sorg.hmac.kr
|
||||
BACKEND_PUBLIC_URL=${USERFRONT_URL}
|
||||
BACKEND_URL=${USERFRONT_URL}
|
||||
# OATHKEEPER_PUBLIC_URL=http://172.16.9.189:5000
|
||||
OATHKEEPER_PUBLIC_URL=http://localhost:5000
|
||||
OATHKEEPER_PUBLIC_URL=https://sso.hmac.kr
|
||||
|
||||
ORY_POSTGRES_TAG=17-trixie
|
||||
ORY_POSTGRES_USER=ory
|
||||
@@ -60,15 +60,16 @@ KRATOS_DB=ory_kratos
|
||||
HYDRA_DB=ory_hydra
|
||||
KETO_DB=ory_keto
|
||||
KRATOS_VERSION=v26.2.0-distroless
|
||||
KRATOS_UI_NODE_VERSION=v26.2.0
|
||||
HYDRA_VERSION=v26.2.0-distroless
|
||||
KETO_VERSION=v26.2.0-distroless
|
||||
ORY_SDK_URL=http://kratos:4433
|
||||
KRATOS_PUBLIC_URL=http://kratos:4433
|
||||
KRATOS_ADMIN_URL=http://kratos:4434
|
||||
KRATOS_BROWSER_URL=http://localhost:5000/auth
|
||||
KRATOS_UI_URL=http://localhost:5000
|
||||
KRATOS_BROWSER_URL=https://sso.hmac.kr/auth
|
||||
KRATOS_UI_URL=https://sso.hmac.kr
|
||||
HYDRA_ADMIN_URL=http://hydra:4445
|
||||
HYDRA_PUBLIC_URL=http://localhost:5000/oidc
|
||||
HYDRA_PUBLIC_URL=https://sso.hmac.kr/oidc
|
||||
JWKS_URL=http://oathkeeper:4456/.well-known/jwks.json
|
||||
OATHKEEPER_VERSION=v26.2.0
|
||||
OATHKEEPER_UID=1001
|
||||
@@ -80,40 +81,17 @@ OATHKEEPER_HEALTH_ENABLED=true
|
||||
CSRF_COOKIE_NAME=REDACTED
|
||||
CSRF_COOKIE_SECRET=REDACTED
|
||||
|
||||
# Frontend OIDC configs for Staging
|
||||
VITE_OIDC_AUTHORITY=http://localhost:5000/oidc
|
||||
ADMINFRONT_CALLBACK_URLS=http://localhost:5173/auth/callback
|
||||
DEVFRONT_CALLBACK_URLS=http://localhost:5174/auth/callback
|
||||
ORGFRONT_CALLBACK_URLS=http://localhost:5175/auth/callback
|
||||
# Frontend/Ory URL configs for Staging
|
||||
VITE_OIDC_AUTHORITY=https://sso.hmac.kr/oidc
|
||||
ADMINFRONT_CALLBACK_URLS=https://sadmin.hmac.kr/auth/callback
|
||||
DEVFRONT_CALLBACK_URLS=https://sdev.hmac.kr/auth/callback
|
||||
ORGFRONT_CALLBACK_URLS=https://sorg.hmac.kr/auth/callback
|
||||
KRATOS_ALLOWED_RETURN_URLS_JSON=
|
||||
KRATOS_ALLOWED_RETURN_URLS_EXTRA=
|
||||
# OATHKEEPER_INTROSPECT_CLIENT_ID=
|
||||
# OATHKEEPER_INTROSPECT_CLIENT_SECRET=
|
||||
|
||||
#Worksmobile
|
||||
SAMAN_DOMAIN_ID=300285955
|
||||
HANMAC_DOMAIN_ID=300286336
|
||||
GPDTDC_DOMAIN_ID=300286337
|
||||
BARONGROUP_DOMAIN_ID=300286645
|
||||
HALLA_DOMAIN_ID=300293726
|
||||
SAMAN_TENANT_ID=300285955
|
||||
SAMAN_SCIM_LONGLIVE_TOKEN=REDACTED
|
||||
WORKS_ADMIN_OAUTH_CLIENT_ID=JrD1iPz73ugTFV5XL_zO
|
||||
WORKS_ADMIN_OAUTH_CLIENT_SECRET=REDACTED
|
||||
WORKS_ADMIN_OAUTH_CLIENT_SERVICE_ACCOUNT=e3n9j.serviceaccount@samaneng.com
|
||||
WORKS_ADMIN_OAUTH_CLIENT_PRIVATE_KEY_FILE=REDACTED
|
||||
WORKS_DEFAULT_DOMAIN_SAMAN=samaneng.com
|
||||
WORKS_DEFAULT_DOMAIN_HANMAC=hanmaceng.co.kr
|
||||
WORKS_DEFAULT_DOMAIN_GPDTDC=baroncs.co.kr
|
||||
WORKS_DEFAULT_DOMAIN_BARONGROUP=brsw.kr
|
||||
WORKS_DEFAULT_DOMAIN_HALLA=hallasanup.com
|
||||
WORKS_ADMIN_API_BASE_URL=https://www.worksapis.com
|
||||
WORKS_ADMIN_OAUTH_TOKEN_URL=REDACTED
|
||||
|
||||
WORKS_DRIVE_OAUTH_CLIENT_ID=9JapAnmjI9M_1SqDp4Uj
|
||||
WORKS_DRIVE_OAUTH_CLIENT_SECRET=REDACTED
|
||||
WORKS_DRIVE_OAUTH_CLIENT_SERVICE_ACCOUNT=h4bq6.serviceaccount@samaneng.com
|
||||
WORKS_DRIVE_OAUTH_CLIENT_PRIVATE_KEY_FILE=REDACTED
|
||||
WORKS_DRIVE_APP_PASSWORD=REDACTED
|
||||
WORKS_DRIVE_OAUTH_REDIRECT_URI=https://drive.hmac.kr/works/callback
|
||||
WORKS_DRIVE_OAUTH_REFRESH_TOKEN=REDACTED
|
||||
WORKS_DRIVE_SHARED_DRIVE_ID=@2001000000540386
|
||||
WORKS_DRIVE_PARENT_FILE_ID=QDIwMDEwMDAwMDA1NDAzODZ8MzQ3MjYxMzYwMzE0NjY2NDk2OXxEfDA
|
||||
# Monitoring & Alerts
|
||||
SMS_WEBHOOK_PORT=8080
|
||||
MONITOR_RECIPIENT_PHONES=01012345678,01098765432
|
||||
LOKI_URL=http://llm_gateway_loki:3100/loki/api/v1/push
|
||||
|
||||
Reference in New Issue
Block a user