Merge branch 'proxy' into aims

changed admin username ot alfresco defaults
updates after some acs-enterprise testing
2021-04-02 09:12:59 -04:00 · 2021-01-14 11:40:42 -05:00 · 2021-01-14 11:17:01 -05:00 · 2021-01-14 09:39:34 -05:00 · 2021-01-13 17:01:06 -05:00
5 changed files with 87 additions and 2 deletions
--- a/.env
+++ b/.env
@@ -1,3 +1,4 @@
 PROXY_PROTOCOL=http
 PROXY_HOST=localhost
 PROXY_PORT=8080
 IDENTITY_SERVICE_BASEURL=http://auth.example.org:8080
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,8 +4,27 @@
 version: "2"
 services:
    identity:
        image: alfresco/alfresco-identity-service:1.3
        user: jboss
        environment:
            KEYCLOAK_USER: admin
            KEYCLOAK_PASSWORD: admin
            KEYCLOAK_HOSTNAME: auth.example.org
            KEYCLOAK_IMPORT: /tmp/keycloak-alfresco-realm.json
            KEYCLOAK_STATISTICS: enabled
        networks:
            default:
                aliases:
                    - "auth.example.org"
        volumes:
            - ./keycloak-alfresco-realm.json:/tmp/keycloak-alfresco-realm.json:ro
    proxy:
        build: ./nginx-ingress
-        image: local/nginx-ingress:base
+        image: local/nginx-ingress:aims
        ports:
            - 8080:8080
        depends_on:
            - identity
--- a/keycloak-alfresco-realm.json
+++ b/keycloak-alfresco-realm.json
@@ -0,0 +1,47 @@
 {
  "realm": "alfresco",
  "enabled": true,
  "sslRequired": "external",
  "registrationAllowed": false,
  "roles": {
    "realm": [ {
      "name": "user",
      "description": "User privileges"
    }, {
      "name": "admin",
      "description": "Administrator privileges"
    } ]
  },
  "clients": [
    {
      "clientId": "alfresco",
      "name": "Alfresco Products",
      "enabled": true,
      "alwaysDisplayInConsole": false,
      "redirectUris": [ "*" ],
      "standardFlowEnabled": true,
      "implicitFlowEnabled": true,
      "directAccessGrantsEnabled": false,
      "publicClient": true,
      "protocol": "openid-connect",
      "attributes": {
        "login_theme": "alfresco"
      }
    }
  ],
  "requiredCredentials": [ "password" ],
  "users": [
    {
      "username": "admin",
      "email": "admin@app.activiti.com",
      "enabled": true,
      "credentials" : [
        {
          "type" : "password",
          "value" : "admin"
        }
      ],
      "realmRoles": [ "user", "admin" ]
    }
  ]
 }
--- a/nginx-ingress/entrypoint.sh
+++ b/nginx-ingress/entrypoint.sh
@@ -1,5 +1,9 @@
 #!/bin/sh
 if [[ $AIMS_URL ]]; then
  sed -i s%http:\/\/identity:8080%"$AIMS_URL"%g /etc/nginx/nginx.conf
 fi
 if [[ $ACCESS_LOG ]]; then
  sed -i s%\#ENV_ACCESS_LOG%"access_log $ACCESS_LOG;"%g /etc/nginx/nginx.conf
 fi
--- a/nginx-ingress/nginx.conf
+++ b/nginx-ingress/nginx.conf
@@ -19,11 +19,25 @@ http {
        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
        proxy_redirect off;
-        proxy_buffering off;
+#        proxy_buffering off;
        proxy_buffer_size	64k;
        proxy_buffers		4 256k;
        proxy_busy_buffers_size	256k;
        proxy_set_header Host              $http_host;
        proxy_set_header X-Real-IP         $remote_addr;
        proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass_header Set-Cookie;
        location / {
            return 301 $scheme://$http_host/auth;
        }
        location /auth/ {
            proxy_pass http://identity:8080;
            # If using external proxy / load balancer (for initial redirect if no trailing slash)
            absolute_redirect off;
        }
    }
 }
Author	SHA1	Message	Date
brian	f23cda3fd1	Merge branch 'proxy' into aims	2021-04-02 09:12:59 -04:00
Brian Long	b4be2e251c	changed admin username ot alfresco defaults	2021-01-14 11:40:42 -05:00
Brian Long	44b6f26f4f	updates after some acs-enterprise testing	2021-01-14 11:17:01 -05:00
Brian Long	b124cd027c	added default admin.1 user	2021-01-14 09:39:34 -05:00
Brian Long	919d842d61	added identity service	2021-01-13 17:01:06 -05:00