This repository show how create an SSO and ACL system with the Ory stack and Kubernetes. It use the kratos-selfservice-ui-node, a fork of mailslurper and a php app for the admin page (I'm not an front-end dev the admin page work, nothing plus).
You need to install the following tools:
| URL | Description |
|---|---|
| minikube | minikube is local Kubernetes, focusing on making it easy to learn and develop for Kubernetes. |
| kustomize | Kubernetes native configuration management |
| kubectl | The Kubernetes command-line tool |
| tiltdev | A toolkit for fixing the pains of microservice development |
| Optional suggestions | |
| dbeaver | Free multi-platform database tool for developers, SQL programmers, database administrators and analysts. |
| openlens | Lens is the free and open-source Kubernetes IDE |
$ minikube start
$ minikube addons enable ingress
$ minikube tunnel
# Create all the resources
$ tilt up
# Check that ingress are created with minikube tunnel
$ kubectl get ingress
NAME CLASS HOSTS ADDRESS PORTS AGE
fake-smtp-server <none> mail.test.info 192.168.XXX.XXX 80 119s
oathkeeper <none> ory.test.info 192.168.XXX.XXX 80 119s
# Add ingress domains to the local hosts file
$ sudo bash -c 'cat << EOF >> /etc/hosts
# ORY Minikube SSO stack
127.0.0.1 mail.test.info
127.0.0.1 ory.test.info
EOF'
# Open your browser and open http://ory.test.info/panel/welcome and http://mail.test.infoGo to http://ory.test.info/panel/ and create an account, you can validate your mail on http://mail.test.info. When you create an account you have to role user or admin. Only the admin role have the right to access the admin react app.
| URL | Description |
|---|---|
| http://ory.test.info/panel/welcome | User app for create an account, login, other |
| http://ory.test.info/admin/ | Admin react app, you need the role admin to access |
| http://ory.test.info/elrapp | PHP application routed through oathkeeper proxy |
| http://mail.test.info | Local mail panel, you will receive mail confirmation here |
(This is an outline and does not exactly reflect the reality of how the stack works)