Update reverse proxy to use lua-resty-openidc image and adjust file paths in nginx.conf and docker-compose.yml

2025-06-09 10:34:36 +02:00
parent e8b7db4edb
commit 5a874ad710
2 changed files with 7 additions and 6 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,12 +1,12 @@
 services:
  reverse-proxy:
-    image: openresty/openresty:alpine
+    image: ghcr.io/zmartzone/lua-resty-openidc:latest
    container_name: demo-nginx-proxy
    ports:
      - "25700:80"
    volumes:
-      - ./nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf:ro
-      - ./auth.lua:/usr/local/openresty/nginx/conf/auth.lua:ro
+      - ./nginx.conf:/etc/nginx/nginx.conf:ro
+      - ./auth.lua:/etc/nginx/auth.lua:ro
    environment:
      - KEYCLOAK_CLIENT_SECRET=${KEYCLOAK_CLIENT_SECRET}
    env_file:
--- a/nginx.conf
+++ b/nginx.conf
@@ -5,7 +5,8 @@ events {
 }

 http {
-  lua_package_path "/etc/nginx/lua/?.lua;;";
+  lua_package_path "/usr/local/openresty/lualib/?.lua;;";
+
  lua_shared_dict discovery 1m;
  lua_shared_dict jwks 1m;
  lua_shared_dict sessions 10m;
@@ -34,7 +35,7 @@ http {

    # Protected root route (main site)
    location / {
-      access_by_lua_file /usr/local/openresty/nginx/conf/auth.lua;
+      access_by_lua_file /etc/nginx/auth.lua;

      proxy_pass http://main-website:3000;
      proxy_set_header Host $host;
@@ -45,7 +46,7 @@ http {

    # Protected demo route
    location /lawfirm/demo1/ {
-      access_by_lua_file /usr/local/openresty/nginx/conf/auth.lua;
+      access_by_lua_file /etc/nginx/auth.lua;

      rewrite ^/lawfirm/demo1(/.*)$ $1 break;
      proxy_pass http://ld1:3000;