philpotisk
commented
2 years ago @bmaier thanks for your improvement! As soon as we have tested it we will merge it to the main-line.
Closed bmaier closed 2 years ago
philpotisk
commented
2 years ago @bmaier thanks for your improvement! As soon as we have tested it we will merge it to the main-line.
severinstampler
commented
2 years ago problem is, that with host.docker.internal, the oidc/siop flows won't work, because this hostname must be callable from both inside the docker container and the browser (externally). That's why I changed it to using the $HOSTNAME and $COMPUTERNAME environment variable instead (https://github.com/walt-id/waltid-wallet-backend/commit/e8ad8d9d5ec8c834d9f9d580c04632b00e78d81c).
The approach works on both Linux and Windows, because Linux has by default the HOSTNAME variable set (and COMPUTERNAME empty), whereas Windows has the COMPUTERNAME variable but the HOSTNAME empty. I haven't tried it on MacOs though.
severinstampler
commented
2 years ago to be more precise: the host name set in EXTERNAL_HOSTNAME must be callable from external and internal, as it is refered in the issuer and verifier configuration files for the API URLs. The only reason I needed the extra_hosts setting is to make this host name callable from inside the container, as the backend needs to call back to the verifier or issuer backend (i.e. to itself) in some cases. So in your suggested PR, the extra_host setting has no effect, as you would need to set EXTERNAL_HOSTNAME to that same value, which would break the OIDC flows as described above.
The configuration was tight to MS-Windows and not generic for Linux and MacOs. The change to host.docker.internal:host-gateway works on Windows and MacOS