From b129b4ceaaab3e93b0cef21379cd2bef597c67b1 Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Fri, 14 Jul 2023 17:03:20 -0400
Subject: [PATCH] prepare for alt login

---
 salt/kratos/enabled.sls   | 3 +--
 salt/nginx/etc/nginx.conf | 2 +-
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/salt/kratos/enabled.sls b/salt/kratos/enabled.sls
index 52d53a4db..31097ccf4 100644
--- a/salt/kratos/enabled.sls
+++ b/salt/kratos/enabled.sls
@@ -21,8 +21,7 @@ so-kratos:
       - sobridge:
         - ipv4_address: {{ DOCKER.containers['so-kratos'].ip }}
     - binds:
-      - /opt/so/conf/kratos/schema.json:/kratos-conf/schema.json:ro    
-      - /opt/so/conf/kratos/kratos.yaml:/kratos-conf/kratos.yaml:ro
+      - /opt/so/conf/kratos/:/kratos-conf:ro
       - /opt/so/log/kratos/:/kratos-log:rw
       - /nsm/kratos/db:/kratos-data:rw
       {% if DOCKER.containers['so-kratos'].custom_bind_mounts %}
diff --git a/salt/nginx/etc/nginx.conf b/salt/nginx/etc/nginx.conf
index 52e3d6d3d..925583ff3 100644
--- a/salt/nginx/etc/nginx.conf
+++ b/salt/nginx/etc/nginx.conf
@@ -146,7 +146,7 @@ http {
 			proxy_set_header      X-Forwarded-Proto $scheme;
 		}
 
-		location ~ ^/auth/.*?(login) {
+		location ~ ^/auth/.*?(login|oidc/callback/) {
 			rewrite               /auth/(.*) /$1 break;
 			limit_req             zone=auth_throttle burst={{ NGINXMERGED.config.throttle_login_burst }} nodelay;
 			limit_req_status      429;