search

hlavki / g-suite-identity-sync

G Suite to LDAP identity synchronizer
Apache License 2.0
128 stars 29 forks source link

Hardcoded Public Client URL #3

Closed jeanlucmongrain closed 6 years ago

jeanlucmongrain commented 6 years ago

It seem that the client URL hardcode https://localhost:8443: https://github.com/hlavki/g-suite-identity-sync/blob/ab347c294d61bbe2dc355ca8bd0df88037aba333/services-rest/src/main/config/eu.hlavki.identity.properties#L1

this is problematic in many ways:

first, that port is not exposed https://github.com/hlavki/g-suite-identity-sync/blob/master/distribution/src/main/docker/Dockerfile#L29

then, how can my users access the web server of my deployment and authenticate?

https://localhost:8443 is a valid URL but only on the docker host. not where users are.

I want to use https://hub.docker.com/_/traefik/ to terminate https and forward traffic to the container. So, hlavki/g-suite-identity-sync can either get it's hostname from the HTTP headers or from a configuration

hlavki commented 6 years ago

Thanks @bclermont for info. I'll look to traefik and try it.

hlavki commented 6 years ago

I fixed it and removed hostname configuration property and added compose example with traefik.

Important note is that you have to use at least version 0.3.1