From 7a41ffd73deb3de2742f35da87388ff4393ce1f8 Mon Sep 17 00:00:00 2001 From: Torben Brenner Date: Thu, 20 Jun 2024 11:12:12 +0200 Subject: [PATCH] feat: enable logging in spot --- docker-compose.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 7bf498c..89ab13d 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,5 +1,9 @@ version: '3.8' # TODO: BBMRI expects Traefik to already exist + +volumes: + request-log: + services: traefik: image: traefik:latest @@ -36,10 +40,13 @@ services: # For some reason, login.verbis.dkfz.de does not have a "groups" scope but this comes automatically through a # scope called microprofile-jwt. Remove the following line once we have a "groups" scope. - OAUTH2_PROXY_SCOPE=openid profile email + # Pass Authorization Header and some user information to spot + - OAUTH2_PROXY_SET_AUTHORIZATION_HEADER=true + - OAUTH2_PROXY_SET_XAUTHREQUEST=true labels: - "traefik.enable=true" - "traefik.http.middlewares.traefik-forward-auth.forwardauth.address=http://traefik-forward-auth:4180" - - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=X-Forwarded-User" + - "traefik.http.middlewares.traefik-forward-auth.forwardauth.authResponseHeaders=Authorization, X-Forwarded-User, X-Auth-Request-User, X-Auth-Request-Email" - "traefik.http.services.traefik-forward-auth.loadbalancer.server.port=4180" - "traefik.http.routers.oauth2.rule=Host(`${GUI_HOST}`) && PathPrefix(`/oauth2/`)" - "traefik.http.routers.oauth2.tls=true" @@ -68,6 +75,11 @@ services: CATALOGUE_URL: "${CATALOGUE_URL}" BIND_ADDR: 0.0.0.0:8055 PRISM_URL: http://prism:8066 + RUST_LOG: "info" + LOG_FILE: "/requests.log" + volumes: + - request-log:/requests.log + depends_on: - "beam-proxy" labels: