cameleer/cameleer-saas
2
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: move Logto to auth.localhost subdomain to avoid /assets path conflict
All checks were successful
CI / build (push) Successful in 39s
Details
CI / docker (push) Successful in 38s
Details

Browse Source 
Logto's login page references /assets/* which conflicts with the SPA's
assets at the same path. Using Host-based routing (auth.localhost) gives
Logto its own namespace - all paths on that subdomain go to Logto,
eliminating the conflict. *.localhost resolves to 127.0.0.1 and is a
secure context.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-05 17:42:17 +02:00
parent c58ca34b2c
commit 0472528cd6
3 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
docker-compose.yml
View File

@@ -39,7 +39,7 @@ services:
entrypoint: ["sh", "-c", "npm run cli db seed -- --swe && npm start"]
environment:
DB_URL: postgres://${POSTGRES_USER:-cameleer}:${POSTGRES_PASSWORD:-cameleer_dev}@postgres:5432/logto
ENDPOINT: http://${PUBLIC_HOST:-localhost}
ENDPOINT: http://auth.${PUBLIC_HOST:-localhost}
ADMIN_ENDPOINT: http://${PUBLIC_HOST:-localhost}:3002
TRUST_PROXY_HEADER: 1
healthcheck:
@@ -50,7 +50,7 @@ services:
start_period: 15s
labels:
- traefik.enable=true
- traefik.http.routers.logto.rule=PathPrefix(`/oidc`) || PathPrefix(`/interaction`)
- traefik.http.routers.logto.rule=Host(`auth.${PUBLIC_HOST:-localhost}`)
- traefik.http.services.logto.loadbalancer.server.port=3001
networks:
- cameleer
@@ -67,7 +67,7 @@ services:
environment:
LOGTO_ENDPOINT: http://logto:3001
LOGTO_ADMIN_ENDPOINT: http://logto:3002
LOGTO_PUBLIC_ENDPOINT: http://${PUBLIC_HOST:-localhost}
LOGTO_PUBLIC_ENDPOINT: http://auth.${PUBLIC_HOST:-localhost}
PUBLIC_HOST: ${PUBLIC_HOST:-localhost}
PG_HOST: postgres
PG_USER: ${POSTGRES_USER:-cameleer}
@@ -104,8 +104,8 @@ services:
SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER:-cameleer}
SPRING_DATASOURCE_PASSWORD: ${POSTGRES_PASSWORD:-cameleer_dev}
LOGTO_ENDPOINT: ${LOGTO_ENDPOINT:-http://logto:3001}
LOGTO_PUBLIC_ENDPOINT: http://${PUBLIC_HOST:-localhost}
LOGTO_ISSUER_URI: http://${PUBLIC_HOST:-localhost}/oidc
LOGTO_PUBLIC_ENDPOINT: http://auth.${PUBLIC_HOST:-localhost}
LOGTO_ISSUER_URI: http://auth.${PUBLIC_HOST:-localhost}/oidc
LOGTO_JWK_SET_URI: ${LOGTO_ENDPOINT:-http://logto:3001}/oidc/jwks
LOGTO_M2M_CLIENT_ID: ${LOGTO_M2M_CLIENT_ID:-}
LOGTO_M2M_CLIENT_SECRET: ${LOGTO_M2M_CLIENT_SECRET:-}
@@ -139,7 +139,7 @@ services:
CAMELEER_AUTH_TOKEN: ${CAMELEER_AUTH_TOKEN:-default-bootstrap-token}
CAMELEER_JWT_SECRET: ${CAMELEER_JWT_SECRET:-cameleer-dev-jwt-secret-change-in-production}
CAMELEER_TENANT_ID: ${CAMELEER_TENANT_SLUG:-default}
CAMELEER_OIDC_ISSUER_URI: http://${PUBLIC_HOST:-localhost}/oidc
CAMELEER_OIDC_ISSUER_URI: http://auth.${PUBLIC_HOST:-localhost}/oidc
CAMELEER_OIDC_AUDIENCE: ${CAMELEER_OIDC_AUDIENCE:-https://api.cameleer.local}
healthcheck:
test: ["CMD-SHELL", "curl -sf http://localhost:8081/api/v1/health || exit 1"]