cameleer-saas

cameleer/cameleer-saas

Fork 0

Commit Graph

Author	SHA1	Message	Date
hsiegeln	dc7ac3a1ec	feat: split auth domain — Logto gets dedicated AUTH_HOST All checks were successful CI / build (push) Successful in 1m22s Details CI / docker (push) Successful in 48s Details Support separate auth domain (e.g. auth.cameleer.io) for Logto while keeping the SaaS app on PUBLIC_HOST (e.g. app.cameleer.io). AUTH_HOST defaults to PUBLIC_HOST for backward-compatible single-domain setups. - Logto routing: Host(AUTH_HOST) replaces PathPrefix('/') catch-all - Root redirect moved from traefik-dynamic.yml to Docker labels with Host(PUBLIC_HOST) scope so it doesn't intercept auth domain - Self-signed cert generates SANs for both domains - Bootstrap Host header uses AUTH_HOST for Logto endpoint validation - Spring issuer-uri and oidcissueruri use new authhost property - Both installers (sh + ps1) prompt for AUTH_HOST in expert mode Local dev: AUTH_HOST=auth.localhost (resolves to 127.0.0.1, no hosts file) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-24 18:11:47 +02:00
hsiegeln	bdb24f8de6	feat(installer): add infra base docker-compose template Shared infrastructure base (traefik, postgres, clickhouse) always loaded regardless of deployment mode. Uses parameterized images, fail-if-unset password variables, and a noop monitoring network bridge. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	2026-04-15 20:58:54 +02:00

Author

SHA1

Message

Date

hsiegeln

dc7ac3a1ec

feat: split auth domain — Logto gets dedicated AUTH_HOST

CI / build (push) Successful in 1m22s

Details

CI / docker (push) Successful in 48s

Details

Support separate auth domain (e.g. auth.cameleer.io) for Logto while
keeping the SaaS app on PUBLIC_HOST (e.g. app.cameleer.io). AUTH_HOST
defaults to PUBLIC_HOST for backward-compatible single-domain setups.

- Logto routing: Host(AUTH_HOST) replaces PathPrefix('/') catch-all
- Root redirect moved from traefik-dynamic.yml to Docker labels with
  Host(PUBLIC_HOST) scope so it doesn't intercept auth domain
- Self-signed cert generates SANs for both domains
- Bootstrap Host header uses AUTH_HOST for Logto endpoint validation
- Spring issuer-uri and oidcissueruri use new authhost property
- Both installers (sh + ps1) prompt for AUTH_HOST in expert mode

Local dev: AUTH_HOST=auth.localhost (resolves to 127.0.0.1, no hosts file)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-24 18:11:47 +02:00

hsiegeln

bdb24f8de6

feat(installer): add infra base docker-compose template

Shared infrastructure base (traefik, postgres, clickhouse) always loaded
regardless of deployment mode. Uses parameterized images, fail-if-unset
password variables, and a noop monitoring network bridge.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-15 20:58:54 +02:00

2 Commits