Fix local-environment ports (#3136)

* Change Dex port in local-environment from 4190 to 5556 Port 4190 is blocked by standards-compliant browsers (e.g. Firefox), as per https://fetch.spec.whatwg.org/#port-blocking. Port 5556 is used by Dex in its example config files: 745e1114f3/examples/config-dev.yaml (L50) * Fix upstream in local-environment/oauth2-proxy.cfg http://httpbin.localtest.me:8080 is only exposed to the host, not to httpbin Docker network. Causes Bad Gateway before. * Do not expose unauthenticated httpbin service in local-environment This defeats the point of having oauth2-proxy. It has already been misleading by causing the bug fixed in cafc6af48fc38f6fe4395fb0c7e2638bc84e6091. It serves as a bad example: users might accidentally expose the service they're trying to protect in the first place. * Remove unnecessary httpbin.localtest.me alias from local-environment
2025-08-08 22:46:33 +02:00 · 2025-07-20 21:32:50 +03:00
parent 5e7f14bdcb
commit 3ac834dbcf
12 changed files with 22 additions and 34 deletions
--- a/contrib/local-environment/oauth2-proxy.cfg
+++ b/contrib/local-environment/oauth2-proxy.cfg
@ -2,7 +2,7 @@ http_address="0.0.0.0:4180"
 cookie_secret="OQINaROshtE9TcZkNAm-5Zs2Pv3xaWytBmc5W7sPX7w="
 email_domains="example.com"
 cookie_secure="false"
-upstreams="http://httpbin.localtest.me:8080"
+upstreams="http://httpbin"
 cookie_domains=[".localtest.me"] # Required so cookie can be read on all subdomains.
 whitelist_domains=[".localtest.me"] # Required to allow redirection back to original requested target.

@ -11,6 +11,6 @@ client_secret="b2F1dGgyLXByb3h5LWNsaWVudC1zZWNyZXQK"
 client_id="oauth2-proxy"
 redirect_url="http://oauth2-proxy.localtest.me:4180/oauth2/callback"

-oidc_issuer_url="http://dex.localtest.me:4190/dex"
+oidc_issuer_url="http://dex.localtest.me:5556/dex"
 provider="oidc"
 provider_display_name="Dex"