Hello, I was trying to setup a kratos server with ...
# ory-selfhostingg
green-jewelry-10349
05/24/2023, 11:05 AMHello, I was trying to setup a kratos server with docker on my server and instead of using nginx, I am trying to work this out through Caddy. Welcome page opens successfully. But when I click on sign in and it open https://accounts.example.in/login in new tab, It says too many redirects.
Please find the following configuration for each file in the thread
b
blue-caravan-99316
05/24/2023, 12:14 PMYour message is very very long. Can you create a thread and post your code inside it instead? So it doesn't clutter
g
green-jewelry-10349
05/24/2023, 12:18 PMPlease find the following configuration for each file
1. Caddyfile
Copy code
<http://accounts.example.in|accounts.example.in> {
reverse_proxy localhost:4455 {
transport http {
keepalive 60m
keepalive_interval 10s
}
}
}
<http://api.accounts.example.in|api.accounts.example.in> {
reverse_proxy localhost:4433 {
transport http {
keepalive 60m
keepalive_interval 10s
}
}
}
<http://admin.api.accounts.example.in|admin.api.accounts.example.in> {
reverse_proxy localhost:4434 {
transport http {
keepalive 60m
keepalive_interval 10s
}
}
} Copy code
version: '3.7'
services:
kratos-migrate:
image: oryd/kratos:v0.13.0
environment:
- DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true&mode=rwc
volumes:
- type: volume
source: kratos-sqlite
target: /var/lib/sqlite
read_only: false
- type: bind
source: ./contrib/quickstart/kratos/email-password
target: /etc/config/kratos
command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
restart: on-failure
networks:
- intranet
kratos-selfservice-ui-node:
image: oryd/kratos-selfservice-ui-node:v0.13.0
environment:
- KRATOS_PUBLIC_URL=<http://kratos:4433/>
- KRATOS_BROWSER_URL=<https://api.accounts.example.in/>
networks:
- intranet
restart: on-failure
kratos:
depends_on:
- kratos-migrate
image: oryd/kratos:v0.13.0
ports:
- '4433:4433' # public
- '4434:4434' # admin
restart: unless-stopped
environment:
- DSN=sqlite:///var/lib/sqlite/db.sqlite?_fk=true
- LOG_LEVEL=trace
command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
volumes:
- type: volume
source: kratos-sqlite
target: /var/lib/sqlite
read_only: false
- type: bind
source: ./contrib/quickstart/kratos/email-password
target: /etc/config/kratos
networks:
- intranet
mailslurper:
image: oryd/mailslurper:latest-smtps
ports:
- '4436:4436'
- '4437:4437'
networks:
- intranet
networks:
intranet:
volumes:
kratos-sqlite: Copy code
version: '3.7'
services:
kratos-selfservice-ui-node:
ports:
- "4455:4455"
environment:
- PORT=4455
- SECURITY_MODE=
- KRATOS_BROWSER_URL=<https://api.accounts.example.in/> Copy code
version: v0.13.0
dsn: memory
serve:
public:
base_url: <http://localhost:4433/>
cors:
enabled: true
admin:
base_url: <http://kratos:4434/>
selfservice:
default_browser_return_url: <https://accounts.example.in/>
allowed_return_urls:
- <https://accounts.example.in>
methods:
password:
enabled: true
totp:
config:
issuer: Kratos
enabled: true
lookup_secret:
enabled: true
link:
enabled: true
code:
enabled: true
flows:
error:
ui_url: <https://accounts.example.in/error>
settings:
ui_url: <https://accounts.example.in/settings>
privileged_session_max_age: 15m
required_aal: highest_available
recovery:
enabled: true
ui_url: <https://accounts.example.in/recovery>
use: code
verification:
enabled: true
ui_url: <https://accounts.example.in/verification>
use: code
after:
default_browser_return_url: <https://accounts.example.in/>
logout:
after:
default_browser_return_url: <https://accounts.example.in/login>
login:
ui_url: <https://accounts.example.in/login>
lifespan: 10m
registration:
lifespan: 10m
ui_url: <https://accounts.example.in/registration>
after:
password:
hooks:
- hook: session
- hook: show_verification_ui
log:
level: debug
format: text
leak_sensitive_values: true
secrets:
cookie:
- PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
cipher:
- 32-LONG-SECRET-NOT-SECURE-AT-ALL
ciphers:
algorithm: xchacha20-poly1305
hashers:
algorithm: bcrypt
bcrypt:
cost: 8
identity:
default_schema_id: default
schemas:
- id: default
url: file:///etc/config/kratos/identity.schema.json
courier:
smtp:
connection_uri: <smtps://test:test@mailslurper:1025/?skip_ssl_verify=true> Copy code
{
"$id": "<https://schemas.ory.sh/presets/kratos/quickstart/email-password/identity.schema.json>",
"$schema": "<http://json-schema.org/draft-07/schema#>",
"title": "Person",
"type": "object",
"properties": {
"traits": {
"type": "object",
"properties": {
"email": {
"type": "string",
"format": "email",
"title": "E-Mail",
"minLength": 3,
"<http://ory.sh/kratos|ory.sh/kratos>": {
"credentials": {
"password": {
"identifier": true
}
},
"verification": {
"via": "email"
},
"recovery": {
"via": "email"
}
}
},
"name": {
"type": "object",
"properties": {
"first": {
"title": "First Name",
"type": "string"
},
"last": {
"title": "Last Name",
"type": "string"
}
}
}
},
"required": [
"email"
],
"additionalProperties": false
}
}
}🙌 1
m
miniature-author-29697
05/24/2023, 6:17 PMI have exact same problem. Everything works with
127.0.0.1localhosttoo many redirectsminiature-author-29697
05/24/2023, 6:18 PMIt would be great if someone can point , is that a kratos.yam file issue or something else ?
m
magnificent-energy-493
05/25/2023, 8:43 AM
Hello @miniature-author-29697 please check if it is any of these things: https://www.ory.sh/docs/kratos/debug/csrf
12 Views