From 41ce56ac09c23eb912ca330cb06baf5f2eef2b0c Mon Sep 17 00:00:00 2001 From: gluap Date: Fri, 19 May 2023 11:02:06 +0200 Subject: [PATCH 1/2] restore `.env` which was lost (probably due to gitignore) --- deployment/.env | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 deployment/.env diff --git a/deployment/.env b/deployment/.env new file mode 100644 index 0000000..713182a --- /dev/null +++ b/deployment/.env @@ -0,0 +1,49 @@ +################################################### +# Keycloak +################################################### + +OBS_KEYCLOAK_URI=login.example.com + +# Postgres + +OBS_KEYCLOAK_POSTGRES_USER=obs +OBS_KEYCLOAK_POSTGRES_PASSWORD=<> +OBS_KEYCLOAK_POSTGRES_DB=obs +OBS_POSTGRES_MAX_OVERFLOW=20 +OBS_POSTGRES_POOL_SIZE=40 + +# KeyCloak + +OBS_KEYCLOAK_POSTGRES_HOST=postgres-keycloak +OBS_KEYCLOAK_ADMIN_USER=admin +OBS_KEYCLOAK_ADMIN_PASSWORD=<> +OBS_KEYCLOAK_REALM=obs +OBS_KEYCLOAK_PORTAL_REDIRECT_URI=https://portal.example.com/* + +################################################### +# Portal +################################################### + +OBS_PORTAL_URI=portal.example.com + +# Postgres + osm2pgsql + +OBS_POSTGRES_HOST=postgres +OBS_POSTGRES_USER=obs +OBS_POSTGRES_PASSWORD=<> +OBS_POSTGRES_DB=obs + +# Portal + +OBS_HOST=0.0.0.0 +OBS_PORT=3000 +OBS_SECRET=<> +OBS_POSTGRES_URL=postgresql+asyncpg://obs:<>@postgres/obs +OBS_KEYCLOAK_URL=https://login.example.com/auth/realms/obs/ +OBS_KEYCLOAK_CLIENT_ID=portal +OBS_KEYCLOAK_CLIENT_SECRET=<> +OBS_DEDICATED_WORKER="True" +OBS_DATA_DIR=/data +OBS_PROXIES_COUNT=1 + +################################################### From edc3c37abb140a7c2154c70a2331093ce71513ea Mon Sep 17 00:00:00 2001 From: gluap Date: Fri, 19 May 2023 11:29:15 +0200 Subject: [PATCH 2/2] fix openid logout (wasn't working with old keycloak anyhow, but this works at least with new keycloak) --- api/obs/api/routes/login.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/obs/api/routes/login.py b/api/obs/api/routes/login.py index 1c4e80a..53ef8a1 100644 --- a/api/obs/api/routes/login.py +++ b/api/obs/api/routes/login.py @@ -170,4 +170,4 @@ async def logout(req): auth_req = client.construct_EndSessionRequest(state=session["state"]) logout_url = auth_req.request(client.end_session_endpoint) - return redirect(logout_url + f"&redirect_uri={req.ctx.api_url}/logout") + return redirect(logout_url + f"&post_logout_redirect_uri={req.ctx.api_url}/logout")