fix(portal): NextAuth redirect loop and production NEXTAUTH_URL docs

- Remove pages.signIn pointed at API route; normalize redirects for LAN callbacks - signIn callbackUrl /; auth error page Try Again to / - Add .env.example; README documents public NEXTAUTH_URL (sankofa.nexus) Made-with: Cursor
2026-03-26 18:56:56 -07:00
parent 0a7b4f320b
commit 28892a4ce4
5 changed files with 68 additions and 19 deletions
--- a/portal/.env.example
+++ b/portal/.env.example
@@ -0,0 +1,16 @@
+# Copy to .env.local — never commit .env.local.
+
+# Public origin must match the browser URL (NPM host), not the LAN upstream IP.
+# Apex: https://sankofa.nexus — or use https://portal.sankofa.nexus if that is your vhost.
+NEXTAUTH_URL=https://sankofa.nexus
+NEXTAUTH_SECRET=generate-with-openssl-rand-base64-32
+
+KEYCLOAK_URL=https://keycloak.sankofa.nexus
+KEYCLOAK_REALM=your-realm
+KEYCLOAK_CLIENT_ID=portal-client
+KEYCLOAK_CLIENT_SECRET=your-client-secret
+
+NEXT_PUBLIC_CROSSPLANE_API=https://crossplane-api.crossplane-system.svc.cluster.local
+NEXT_PUBLIC_ARGOCD_URL=https://argocd.sankofa.nexus
+NEXT_PUBLIC_GRAFANA_URL=https://grafana.sankofa.nexus
+NEXT_PUBLIC_LOKI_URL=https://loki.monitoring.svc.cluster.local:3100