From e16094d83f67663601bcf86f3a37a1b1d46d2f7a Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Mon, 6 Apr 2026 00:24:22 +0200
Subject: [PATCH] feat: enable OIDC TLS skip-verify for server in Docker dev

Self-signed certs cause PKIX errors when the server fetches OIDC
discovery. CAMELEER_OIDC_TLS_SKIP_VERIFY=true disables cert
verification for OIDC calls only (server-team feature, pending build).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 docker-compose.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docker-compose.yml b/docker-compose.yml
index 9cbd7b3..9b446c9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -169,6 +169,7 @@ services:
       CAMELEER_TENANT_ID: ${CAMELEER_TENANT_SLUG:-default}
       CAMELEER_OIDC_ISSUER_URI: ${PUBLIC_PROTOCOL:-https}://${PUBLIC_HOST:-localhost}/oidc
       CAMELEER_OIDC_JWK_SET_URI: ${LOGTO_ENDPOINT:-http://logto:3001}/oidc/jwks
+      CAMELEER_OIDC_TLS_SKIP_VERIFY: "true"
       CAMELEER_OIDC_AUDIENCE: ${CAMELEER_OIDC_AUDIENCE:-https://api.cameleer.local}
     healthcheck:
       test: ["CMD-SHELL", "curl -sf http://localhost:8081/api/v1/health || exit 1"]