https://github.com/factorysh/chevillette
Whitelist your preprod with your Gitlab's logs
https://github.com/factorysh/chevillette
gitlab nginx traefik
Last synced: 5 months ago
JSON representation
Whitelist your preprod with your Gitlab's logs
- Host: GitHub
- URL: https://github.com/factorysh/chevillette
- Owner: factorysh
- License: agpl-3.0
- Created: 2022-02-17T18:40:24.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2023-08-30T14:14:45.000Z (almost 3 years ago)
- Last Synced: 2024-11-15T04:15:22.713Z (over 1 year ago)
- Topics: gitlab, nginx, traefik
- Language: Go
- Homepage:
- Size: 79.1 KB
- Stars: 4
- Watchers: 3
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
Chevillette
===========
> Tirez la bobinette et la chevillette cherra
You have two websites, one authenticated, the other is a preprod, almost public.
If your IP and user agent was seen in A server, you are whitelisted is site B.
It's a basic anti bot tools, not a real security tool, like basic auth or oauth2.
This tool doesn't handle very well coworking spaces or any public access point.
Web server
----------
* [x] Nginx with [http_auth_request](https://nginx.org/en/docs/http/ngx_http_auth_request_module.html).
* [x] Traefik with [ForwardAuth](https://doc.traefik.io/traefik/middlewares/http/forwardauth/).
* [ ] Haproxy
Input
-----
* [x] Fluentd server
* [x] Loki tail
* [x] Lumber (aka logstash protocol)
Demo
----
Build your own `chevillette`
make build-with-docker
### Fluentd demo
Go to demo folder
cd demo-fluentd
docker compose up -d
### Loki demo
Go to demo folder
cd demo-loki
docker compose up -d
### Lumber demo
Go to demo folder
cd demo-lumber
docker compose up -d
### Client
Test protected website B
docker compose run client curl nginx-b
It should be 403
Unlock with website A
docker compose run client curl nginx-a
Test website B again
docker compose run client curl nginx-b
It should be 200