{"id":15669855,"url":"https://github.com/bellackn/httpd_oidc","last_synced_at":"2025-03-30T05:11:37.646Z","repository":{"id":184917749,"uuid":"184040252","full_name":"bellackn/httpd_oidc","owner":"bellackn","description":"Docker image for Apache HTTPD including mod_auth_openidc.","archived":false,"fork":false,"pushed_at":"2019-04-29T10:22:23.000Z","size":10,"stargazers_count":0,"open_issues_count":0,"forks_count":2,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-03-27T08:49:29.438Z","etag":null,"topics":["apache-httpd","docker","keycloak"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bellackn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2019-04-29T09:23:28.000Z","updated_at":"2019-04-29T15:40:38.000Z","dependencies_parsed_at":null,"dependency_job_id":"147a6fbe-8b2e-4156-a6ac-8ae4a571490b","html_url":"https://github.com/bellackn/httpd_oidc","commit_stats":null,"previous_names":["bellackn/httpd_oidc"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bellackn%2Fhttpd_oidc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bellackn%2Fhttpd_oidc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bellackn%2Fhttpd_oidc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bellackn%2Fhttpd_oidc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bellackn","download_url":"https://codeload.github.com/bellackn/httpd_oidc/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246277373,"owners_count":20751549,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apache-httpd","docker","keycloak"],"created_at":"2024-10-03T14:41:29.380Z","updated_at":"2025-03-30T05:11:37.625Z","avatar_url":"https://github.com/bellackn.png","language":"Dockerfile","readme":"# Webserver\n\nAn Apache webserver image including `mod_auth_openidc` and self-signed certificates that can be overridden with \"real\" certs by mounting them as volumes.\n\nThis image is useful if you would like to protect some web content with an OIDC provider, like [Keycloak](https://www.keycloak.org/). For more information, see [the original repository](https://github.com/zmartzone/mod_auth_openidc).\n\n## How To\n\n1. Pull the image from DockerHub:\n    ```\n    docker pull bellackn/httpd_oidc\n    ```\n2. Adapt the configuration file to your needs. For example, you could do the following:\n    ```\n    docker run --rm -d --name foo bellackn/httpd_oidc\n    docker cp foo:/usr/local/apache2/conf/httpd.conf httpd.conf\n    docker stop foo\n    nano httpd.conf\n    ```\n    (same applies to the SSL config file at `/usr/local/apache2/conf/extra/httpd-ssl.conf`)\n3. Optional: Get some real SSL certificates, e.g. from [Let's Encrypt](https://letsencrypt.org/), and mount them into the container to replace the self-signed ones.\n4. Optional: You can either hardcode the variables that `mod_auth_openidc` needs for authentication in your config files, or you could mount them into the container as an `.env` file (see example below).\n\n## Example Setup with Docker Compose and Keycloak\n\nIf you want to serve some content under `/someuri` and protect it with your Keycloak instance, this is a way you could do it.\n\ndocker-compose.yml:\n```\nversion: \"3.7\"\n\nservices:\n\n    web:\n        image: bellackn/httpd_oidc\n        restart: always\n        env_file: .env\n        ports:\n            - \"80:80\"\n            - \"443:443\"\n        volumes:\n            - ./httpd.conf:/usr/local/apache2/conf/httpd.conf\n            - ./httpd-ssl.conf:/usr/local/apache2/conf/extra/httpd-ssl.conf\n```\n\n.env:\n```\nOIDC_PROVIDER=http://your.keycloak/auth/realms/\nOIDC_REALM=realm\nOIDC_CRYPT=much-s3cr3t\nOIDC_CLIENT=testing\nOIDC_SECRET=v3ry-l0ng-s3cr3t\n```\n\nhttpd.conf:\n```\n[...]\n\n\u003cIfModule auth_openidc_module\u003e\n    OIDCProviderIssuer ${OIDC_PROVIDER}${OIDC_REALM}\n    OIDCProviderAuthorizationEndpoint ${OIDC_PROVIDER}${OIDC_REALM}/protocol/openid-connect/auth\n    OIDCProviderJwksUri ${OIDC_PROVIDER}${OIDC_REALM}/protocol/openid-connect/certs\n    OIDCProviderTokenEndpoint ${OIDC_PROVIDER}${OIDC_REALM}/protocol/openid-connect/token\n    OIDCProviderUserInfoEndpoint ${OIDC_PROVIDER}${OIDC_REALM}/protocol/openid-connect/userinfo\n    OIDCSSLValidateServer Off\n    OIDCRedirectURI http://${SERVER_NAME}/someuri/redirect_uri\n    OIDCCryptoPassphrase ${OIDC_CRYPT}\n    OIDCClientID ${OIDC_CLIENT}\n    OIDCClientSecret ${OIDC_SECRET}\n    OIDCRemoteUserClaim preferred_username\n    OIDCInfoHook userinfo\n\u003c/IfModule\u003e\n\n[...]\n```\n\nhttpd-ssl.conf:\n```\n[...]\n\nAlias /someuri \"/usr/local/apache2/htdocs/someuri\"\n\n\u003cLocation /someuri\u003e\n    AuthType openid-connect\n    Require valid-user\n\u003c/Location\u003e\n\n[...]\n```","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbellackn%2Fhttpd_oidc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbellackn%2Fhttpd_oidc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbellackn%2Fhttpd_oidc/lists"}