{"id":17355144,"url":"https://github.com/zephinzer/secure-webtty","last_synced_at":"2025-11-09T10:03:04.180Z","repository":{"id":79926684,"uuid":"132324708","full_name":"zephinzer/secure-webtty","owner":"zephinzer","description":"A basic webtty you can use over the cloud with Basic Auth and Client SSL Certificate configured.","archived":false,"fork":false,"pushed_at":"2018-05-06T09:44:30.000Z","size":16,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-01T18:26:50.983Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zephinzer.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-05-06T09:33:55.000Z","updated_at":"2018-05-06T09:44:32.000Z","dependencies_parsed_at":null,"dependency_job_id":"bef706a1-2dca-4cb6-8a30-1a7b503c878b","html_url":"https://github.com/zephinzer/secure-webtty","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zephinzer%2Fsecure-webtty","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zephinzer%2Fsecure-webtty/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zephinzer%2Fsecure-webtty/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zephinzer%2Fsecure-webtty/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zephinzer","download_url":"https://codeload.github.com/zephinzer/secure-webtty/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245858880,"owners_count":20684062,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-15T17:42:27.850Z","updated_at":"2025-11-09T10:02:59.147Z","avatar_url":"https://github.com/zephinzer.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# secure-webtty\nA basic webtty you can use over the cloud with Basic Auth and Client SSL Certificate configured.\n\n## Contents\n- [Configuration](./config/README.md)\n- [Authentication](./secrets/README.md)\n\n## Get Started\nThe configurations are already reasonable. Set up the authentication by going through the steps in [the Authentication section](./secrets/README.md). Alternative, run:\n\n```sh\nnpm run create-secrets;\n# or to use defaults:\nnpm run create-secrets -- --auto\n```\n\n\u003e For the prompt for *\"Enter the DOMAIN for the CLIENT certificate\"*, this has to be your domain name. When running locally, this should be `localhost`. If deploying onto `webtty.mydomain.com`, this should be `webtty.mydomain.com`.\n\nFrom the generated files, move `./secrets/browser/user.pfx` out, this is the client-side authentication certificate that will be used when connecting on port 443.\n\nThis will provision everything you'll need and passwords/authentication credentials will be found in `./secrets/auth/.passwords`. You should move this file out of the repository before deploying.\n\nAfter generating the secrets, run the following to get the system up:\n\n```sh\ndocker build -t secure-webtty .;\ndocker run --name secure-webtty -p 8443:443 -p 8080:80 -p 8000:3000 secure-webtty;\n```\n\nTo use Docker in the image, bind the path at `/var/run/docker.sock` to your host docker socket:\n\n```sh\ndocker run --name secure-webtty -p 8443:443 -p 8080:80 -p 8000:3000 -v \"/path/to/docker.sock:/var/run/docker.sock\" secure-webtty;\n```\n\nYou can now access the services via:\n\n- https://localhost:8443 (ssl + basic-auth protected)\n- http://localhost:8080 (basic-auth protected)\n- http://localhost:8000 (unprotected endpoint)\n\nTo access the SSL protected variant, you will need to add the generated `./secrets/browser/user.pfx` to your browser.\n\nThe password for importing the certificate is under the `USER_CERT_PASSWORD` key in `./secrets/auth/.passwords`.\n\nThe username/password for basic authentication is under the `BASIC_AUTH` key in `./secrets/auth/.passwords`\n\n## What's Inside\nThis image comes with some useful stuff to debug systems.\n\n- mysql client tools\n- redis client tools\n- postgresql client tools\n- mongo db client tools\n- docker (with compose)\n- kubectl\n- bash\n- git\n- vim\n- curl\n- dnsutils\n- python runtime\n- ruby runtime\n- node runtime\n\nBe careful when deploying and exposing this!\n\n## Development\nTo achieve a faster feedback loop, you may want to mount the secrets and configurations as volumes:\n\n```sh\n# build the docker image\ndocker build -t secure-webtty-dev .;\n\n# run the docker image, the 'ro' binding is so that it doesn't remove our local copy\ndocker run --name secure-webtty-dev -p 8080:80 -p 8443:443 -p 8000:3000 \\\n  -v \"$(pwd)/config/nginx.conf:/etc/nginx/nginx.conf:ro\" \\\n  -v \"$(pwd)/config/supervisord.conf:/root/supervisord.conf:ro\" \\\n  -v \"$(pwd)/config/.profile:/root/.profile:ro\" \\\n  -v \"$(pwd)/secrets/auth/basic:/etc/nginx/auth/basic:ro\" \\\n  -v \"$(pwd)/secrets/certs/cert.pem:/etc/nginx/certs/cert.pem:ro\" \\\n  -v \"$(pwd)/secrets/certs/key.pem:/etc/nginx/certs/key.pem:ro\" \\\n  -v \"$(pwd)/secrets/auth/user.crt:/etc/nginx/auth/user.crt:ro\" \\\n  -v \"$(pwd)/secrets/auth/passwords:/etc/nginx/auth/passwords:ro\" \\\nsecure-webtty-dev;\n\n# interactively enter the docker container\ndocker exec -it secure-webtty-dev /bin/bash;\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzephinzer%2Fsecure-webtty","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzephinzer%2Fsecure-webtty","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzephinzer%2Fsecure-webtty/lists"}