fiware-idm
fiware-idm copied to clipboard
ging
Unable to integrate fiware keyrock with Nginx reverse proxy server
Hi,
I want to access fiware keyrock using nginx, i.e. https://<nginx-ip>/idm . But while doing so, I am able to open my homepage for fiware keyrock but after that If I click on sign in or forgot password or any other button on homepage, then I get 404 Not found error wherein, this happens because the URL changes fromhttps://nginx-ip/idm/sign_up to https://nginx-ip/sign_up.
However, if I manually write idm following nginx-ip like - https://nginx-ip/idm/sign_up then the page loads properly.
The snapshot 1: Loading the front page , i.e homepage of fiware keyrock using nginx-ip
The snapshot 2: when clicking on any button like sign up on fiware keyrock:
Snapshot 3: when i manually write idm preceding sign_up in the URL:
I would request the fiware keyrock community members to please guide me through this issue.
Hi @aalonsog @apozohue10 @agaldemas , request you to please guide me on this issue.
Even though it is actually an issue to be solved, I temporarily solved the problem by using the port instead of the path to redirect requests through nginx. Thus, if a new request arrives from port 3000 it is for the IdM for sure and it is redirected to the IdM (I used nginx to support https)
Even though it is actually an issue to be solved, I temporarily solved the problem by using the port instead of the path to redirect requests through nginx. Thus, if a new request arrives from port 3000 it is for the IdM for sure and it is redirected to the IdM (I used nginx to support https)
@tmontanaro Can you please share your nginx conf file and any relevant changes you made at fiware keyrock end? I want to run fiware keyrock on non-root location and not on /.
It is almost the default configuration:
- Configure nginx:
-
sudo nano /etc/nginx/sites-enabled/default
server { listen 443; ssl on; ssl_certificate /etc/ssl/certs/localhost.crt; ssl_certificate_key /etc/ssl/private/localhost.key; ssl_session_timeout 5m; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; ssl_prefer_server_ciphers on; location / { proxy_pass http://localhost:3000/; } } -
- Configure Keyrock
-
nano docker-compose.yml
version: "3.5" services: keyrock: image: fiware/idm:7.6.0 container_name: fiware-keyrock hostname: keyrock networks: default: ipv4_address: 172.18.1.5 depends_on: - mysql-db ports: - "3000:3000" environment: - DEBUG=idm:* - IDM_DB_HOST=mysql-db - IDM_HOST=http://localhost:3000 - IDM_PORT=3000 # Development use only # Use Docker Secrets for Sensitive Data - IDM_DB_PASS=secret - IDM_DB_USER=root - IDM_ADMIN_USER=admin - [email protected] - IDM_ADMIN_PASS=1234 mysql-db: restart: always image: mysql:5.7 hostname: mysql-db container_name: db-mysql expose: - "3306" ports: - "3306:3306" networks: default: ipv4_address: 172.18.1.6 environment: # Development use only # Use Docker Secrets for Sensitive Data - "MYSQL_ROOT_PASSWORD=secret" - "MYSQL_ROOT_HOST=172.18.1.5" volumes: - mysql-db:/var/lib/mysql networks: default: ipam: config: - subnet: 172.18.1.0/24 volumes: mysql-db: ~ -
Hi @iamarnavgarg , @apozohue10
Are there any updates on this?
Does keyrock support configurable context path? I could not find anything in the docs nor in the configuration file
Thank you in advance, Tom
