inteligr8/env-docker-alfresco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updates after some acs-enterprise testing

Browse Source
This commit is contained in:
Brian Long 2021-01-14 11:17:01 -05:00
parent b124cd027c
commit 44b6f26f4f
4 changed files with 15 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.env
View File

@ -3,3 +3,4 @@ EXTERNAL_RESOURCE_DIR=~
PROXY_PROTOCOL=http PROXY_PROTOCOL=http
PROXY_HOST=localhost PROXY_HOST=localhost
PROXY_PORT=8080 PROXY_PORT=8080
IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080

6
docker-compose.yml
View File

@ -11,9 +11,13 @@ services:
environment: environment:
KEYCLOAK_USER: admin KEYCLOAK_USER: admin
KEYCLOAK_PASSWORD: admin KEYCLOAK_PASSWORD: admin
KEYCLOAK_HOSTNAME: ${PROXY_HOST} KEYCLOAK_HOSTNAME: auth.example.org
KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json
KEYCLOAK_STATISTICS: enabled KEYCLOAK_STATISTICS: enabled
networks:
default:
aliases:
- "auth.example.org"
volumes: volumes:
- ./keycloak-alfresco-realm.json:/tmp/keycloak-alfresco-realm.json:ro - ./keycloak-alfresco-realm.json:/tmp/keycloak-alfresco-realm.json:ro

19
keycloak-alfresco-realm.json
View File

@ -10,16 +10,7 @@
}, { }, {
"name": "admin", "name": "admin",
"description": "Administrator privileges" "description": "Administrator privileges"
} ], } ]
"client": {
"alfresco": [
{
"name": "administrator",
"composite": false,
"clientRole": true
}
]
}
}, },
"clients": [ "clients": [
{ {
@ -28,6 +19,9 @@
"enabled": true, "enabled": true,
"alwaysDisplayInConsole": false, "alwaysDisplayInConsole": false,
"redirectUris": [ "*" ], "redirectUris": [ "*" ],
"standardFlowEnabled": true,
"implicitFlowEnabled": true,
"directAccessGrantsEnabled": false,
"publicClient": true, "publicClient": true,
"protocol": "openid-connect", "protocol": "openid-connect",
"attributes": { "attributes": {
@ -46,10 +40,7 @@
"value" : "password" "value" : "password"
} }
], ],
"realmRoles": [ "user" ], "realmRoles": [ "user", "admin" ]
"clientRoles": {
"alfresco": ["administrator"]
}
} }
] ]
} }

5
nginx-ingress/nginx.conf
View File

@ -19,7 +19,10 @@ http {
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off; proxy_redirect off;
proxy_buffering off; # proxy_buffering off;
proxy_buffer_size 64k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;