cameleer/cameleer-saas
2
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity

fix: mount custom sign-in UI over Logto experience dist
All checks were successful
CI / build (push) Successful in 39s
Details
CI / docker (push) Successful in 33s
Details

Browse Source 
CUSTOM_UI_PATH is a Logto Cloud feature, not available in OSS.
The correct approach for self-hosted Logto is to volume-mount
over /etc/logto/packages/experience/dist/.

- Use init container (sign-in-ui) to copy dist to shared volume
  as root (fixes permission denied with cameleer user)
- Logto mounts signinui volume at experience/dist path
- Logto depends on sign-in-ui init container completion
- Remove saas-entrypoint.sh approach (no longer needed)
- Revert Dockerfile entrypoint to direct java -jar
- Permit /favicon.svg in SecurityConfig for sign-in page logo

Tested: full OIDC flow works end-to-end via Playwright.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-06 14:24:33 +02:00
parent df220bc5f3
commit 9013740b83
3 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docker-compose.yml
View File

@@ -63,15 +63,16 @@ services:
depends_on:
postgres:
condition: service_healthy
sign-in-ui:
condition: service_completed_successfully
entrypoint: ["sh", "-c", "npm run cli db seed -- --swe && npm start"]
volumes:
- signinui:/etc/logto/custom-ui
- signinui:/etc/logto/packages/experience/dist
environment:
DB_URL: postgres://${POSTGRES_USER:-cameleer}:${POSTGRES_PASSWORD:-cameleer_dev}@postgres:5432/logto
ENDPOINT: ${PUBLIC_PROTOCOL:-https}://${PUBLIC_HOST:-localhost}
ADMIN_ENDPOINT: http://${PUBLIC_HOST:-localhost}:3002
TRUST_PROXY_HEADER: 1
CUSTOM_UI_PATH: /etc/logto/custom-ui
healthcheck:
test: ["CMD-SHELL", "node -e \"require('http').get('http://localhost:3001/oidc/.well-known/openid-configuration', r => process.exit(r.statusCode === 200 ? 0 : 1)).on('error', () => process.exit(1))\""]
interval: 5s
@@ -121,6 +122,14 @@ services:
networks:
- cameleer
sign-in-ui:
image: ${CAMELEER_IMAGE:-gitea.siegeln.net/cameleer/cameleer-saas}:${VERSION:-latest}
restart: "no"
user: root
entrypoint: ["sh", "-c", "cp -r /app/sign-in-dist/* /data/sign-in-ui/ && echo '[sign-in-ui] Copied custom UI to shared volume'"]
volumes:
- signinui:/data/sign-in-ui
cameleer-saas:
image: ${CAMELEER_IMAGE:-gitea.siegeln.net/cameleer/cameleer-saas}:${VERSION:-latest}
restart: unless-stopped
@@ -133,7 +142,6 @@ services:
- /var/run/docker.sock:/var/run/docker.sock
- jardata:/data/jars
- bootstrapdata:/data/bootstrap:ro
- signinui:/data/sign-in-ui
environment:
SPRING_DATASOURCE_URL: jdbc:postgresql://postgres:5432/${POSTGRES_DB:-cameleer_saas}
SPRING_DATASOURCE_USERNAME: ${POSTGRES_USER:-cameleer}