inteligr8/env-docker-alfresco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/aims' into aps-aims

Browse Source
This commit is contained in:
Brian Long 2021-04-19 08:24:15 -04:00
commit 1bd9da2339
5 changed files with 64 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.env
View File

@ -4,3 +4,4 @@ ALFRESCO_LICENSE_DIR=~/alfresco/license
PROXY_PROTOCOL=http PROXY_PROTOCOL=http
PROXY_HOST=localhost PROXY_HOST=localhost
PROXY_PORT=8080 PROXY_PORT=8080
IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080

2
docker-compose.yml
View File

@ -72,7 +72,7 @@ services:
proxy: proxy:
build: ./nginx-ingress build: ./nginx-ingress
image: local/nginx-ingress:acs image: local/nginx-ingress:aps-aims
ports: ports:
- 8080:8080 - 8080:8080
depends_on: depends_on:

47
keycloak-alfresco-realm.json Normal file
View File

@ -0,0 +1,47 @@
{
"realm": "alfresco",
"enabled": true,
"sslRequired": "external",
"registrationAllowed": false,
"roles": {
"realm": [ {
"name": "user",
"description": "User privileges"
}, {
"name": "admin",
"description": "Administrator privileges"
} ]
},
"clients": [
{
"clientId": "alfresco",
"name": "Alfresco Products",
"enabled": true,
"alwaysDisplayInConsole": false,
"redirectUris": [ "*" ],
"standardFlowEnabled": true,
"implicitFlowEnabled": true,
"directAccessGrantsEnabled": false,
"publicClient": true,
"protocol": "openid-connect",
"attributes": {
"login_theme": "alfresco"
}
}
],
"requiredCredentials": [ "password" ],
"users": [
{
"username": "admin",
"email": "admin@app.activiti.com",
"enabled": true,
"credentials" : [
{
"type" : "password",
"value" : "admin"
}
],
"realmRoles": [ "user", "admin" ]
}
]
}

4
nginx-ingress/entrypoint.sh
View File

@ -8,6 +8,10 @@ if [[ $APS_ADMIN_URL ]]; then
sed -i s%http:\/\/activiti-admin:8080%"$APS_ADMIN_URL"%g /etc/nginx/nginx.conf sed -i s%http:\/\/activiti-admin:8080%"$APS_ADMIN_URL"%g /etc/nginx/nginx.conf
fi fi
if [[ $AIMS_URL ]]; then
sed -i s%http:\/\/identity:8080%"$AIMS_URL"%g /etc/nginx/nginx.conf
fi
if [[ $ACCESS_LOG ]]; then if [[ $ACCESS_LOG ]]; then
sed -i s%\#ENV_ACCESS_LOG%"access_log $ACCESS_LOG;"%g /etc/nginx/nginx.conf sed -i s%\#ENV_ACCESS_LOG%"access_log $ACCESS_LOG;"%g /etc/nginx/nginx.conf
fi fi

12
nginx-ingress/nginx.conf
View File

@ -19,7 +19,10 @@ http {
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off; proxy_redirect off;
proxy_buffering off; # proxy_buffering off;
proxy_buffer_size 64k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@ -55,5 +58,12 @@ http {
# If using external proxy / load balancer (for initial redirect if no trailing slash) # If using external proxy / load balancer (for initial redirect if no trailing slash)
absolute_redirect off; absolute_redirect off;
} }
location /auth/ {
proxy_pass http://identity:8080;
# If using external proxy / load balancer (for initial redirect if no trailing slash)
absolute_redirect off;
}
} }
} }