updates after some acs-enterprise testing

2021-01-14 11:17:01 -05:00 · 2021-01-14 11:17:01 -05:00 · 44b6f26f4f
commit 44b6f26f4f
parent b124cd027c
4 changed files with 15 additions and 16 deletions
--- a/.env
+++ b/.env
@ -3,3 +3,4 @@ EXTERNAL_RESOURCE_DIR=~
 PROXY_PROTOCOL=http
 PROXY_HOST=localhost
 PROXY_PORT=8080
+IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -11,9 +11,13 @@ services:
        environment:
            KEYCLOAK_USER: admin
            KEYCLOAK_PASSWORD: admin
-            KEYCLOAK_HOSTNAME: ${PROXY_HOST}
+            KEYCLOAK_HOSTNAME: auth.example.org
            KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json
            KEYCLOAK_STATISTICS: enabled
+        networks:
+            default:
+                aliases:
+                    - "auth.example.org"
        volumes:
            - ./keycloak-alfresco-realm.json:/tmp/keycloak-alfresco-realm.json:ro
    
--- a/keycloak-alfresco-realm.json
+++ b/keycloak-alfresco-realm.json
@ -10,16 +10,7 @@
    }, {
      "name": "admin",
      "description": "Administrator privileges"
-    } ],
-    "client": {
-      "alfresco": [
-        {
-          "name": "administrator",
-          "composite": false,
-          "clientRole": true
-        }
-      ]
-    }
+    } ]
  },
  "clients": [
    {
@ -28,6 +19,9 @@
      "enabled": true,
      "alwaysDisplayInConsole": false,
      "redirectUris": [ "*" ],
+      "standardFlowEnabled": true,
+      "implicitFlowEnabled": true,
+      "directAccessGrantsEnabled": false,
      "publicClient": true,
      "protocol": "openid-connect",
      "attributes": {
@ -46,10 +40,7 @@
          "value" : "password"
        }
      ],
-      "realmRoles": [ "user" ],
-      "clientRoles": {
-        "alfresco": ["administrator"]
-      }
+      "realmRoles": [ "user", "admin" ]
    }
  ]
 }
--- a/nginx-ingress/nginx.conf
+++ b/nginx-ingress/nginx.conf
@ -19,7 +19,10 @@ http {

        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;
-        proxy_buffering off;
+#        proxy_buffering off;
+        proxy_buffer_size	64k;
+        proxy_buffers		4 256k;
+        proxy_busy_buffers_size	256k;
        proxy_set_header Host              $http_host;
        proxy_set_header X-Real-IP         $remote_addr;
        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;