EDUCATIC
/
digitaldemocratic
mirror of https://gitlab.com/digitaldemocratic/digitaldemocratic
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'master' of https://gitlab.com/isard/isard-sso

darta 2022-01-24 07:37:34 +00:00
parent ea428a2109 6bf0f24cef
commit d1ecb411e4
3 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
admin/src/saml_scripts/moodle_saml.py
View File

@ -197,7 +197,7 @@ class MoodleSaml:
config = { config = {
"idpmetadata": self.parse_idp_metadata(), "idpmetadata": self.parse_idp_metadata(),
"certs_locked": "1", "certs_locked": "1",
"duallogin": "1", "duallogin": "0",
"idpattr": "username", "idpattr": "username",
"autocreate": "1", "autocreate": "1",
"anyauth": "1", "anyauth": "1",

20
docker/api/default.conf
View File

@ -7,7 +7,7 @@ server {
server_name localhost; server_name localhost;
root /api/api/static/; root /api/api/static/;
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
@ -15,14 +15,14 @@ server {
location /avatar { location /avatar {
proxy_pass http://127.0.0.1:7039/avatar; proxy_pass http://127.0.0.1:7039/avatar;
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
location /restart { location /restart {
proxy_pass http://127.0.0.1:7039/restart; proxy_pass http://127.0.0.1:7039/restart;
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
@ -31,7 +31,7 @@ server {
alias /api/api/static/templates/user_menu_header.json; alias /api/api/static/templates/user_menu_header.json;
default_type application/json; default_type application/json;
index user_menu_header.json; index user_menu_header.json;
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
@ -40,7 +40,7 @@ server {
alias /api/api/static/templates/user_menu_header.html; alias /api/api/static/templates/user_menu_header.html;
default_type text/html; default_type text/html;
index user_menu_header.html; index user_menu_header.html;
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
@ -49,7 +49,7 @@ server {
alias /api/api/static/templates/header.json; alias /api/api/static/templates/header.json;
default_type application/json; default_type application/json;
index header.json; index header.json;
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
@ -58,7 +58,7 @@ server {
alias /api/api/static/templates/header.html; alias /api/api/static/templates/header.html;
default_type text/html; default_type text/html;
index header.html; index header.html;
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
@ -67,15 +67,15 @@ server {
alias /api/api/static/templates/header_nextcloud.html; alias /api/api/static/templates/header_nextcloud.html;
default_type text/html; default_type text/html;
index header_nextcloud.html index header_nextcloud.html
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
location / { location / {
try_files $uri $uri/ try_files $uri $uri/
expires max; expires 1m;
log_not_found off; log_not_found off;
access_log off; access_log off;
} }
} }

6
docker/haproxy/haproxy.conf
View File

@ -49,7 +49,11 @@ frontend website
acl is_api hdr_beg(host) api. acl is_api hdr_beg(host) api.
acl is_admin hdr_beg(host) admin. acl is_admin hdr_beg(host) admin.
acl is_root path -i /
http-request deny if is_pad is_root
use_backend letsencrypt if { path_beg /.well-known/acme-challenge/ } use_backend letsencrypt if { path_beg /.well-known/acme-challenge/ }
use_backend be_api if is_nextcloud { path_beg /avatar/ }
use_backend be_nextcloud if is_nextcloud use_backend be_nextcloud if is_nextcloud
use_backend be_moodle if is_moodle use_backend be_moodle if is_moodle
use_backend be_jitsi if is_jitsi use_backend be_jitsi if is_jitsi
@ -75,6 +79,8 @@ backend be_api
acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
# Nextcloud use /avatar/username/32 /avatar/username/64 and /avatar/username/128
http-request set-path %[path,regsub(\"^(/avatar/[^/]+).*\",\"\1\")]
server api isard-sso-api:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none server api isard-sso-api:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none
backend be_ipa backend be_ipa