https://github.com/meetup/gauth-proxy
an nginx proxy that adds some google login authentication requirements
https://github.com/meetup/gauth-proxy
platform-services
Last synced: 6 months ago
JSON representation
an nginx proxy that adds some google login authentication requirements
- Host: GitHub
- URL: https://github.com/meetup/gauth-proxy
- Owner: meetup
- License: mit
- Created: 2016-09-22T21:05:36.000Z (almost 10 years ago)
- Default Branch: master
- Last Pushed: 2024-07-11T13:08:22.000Z (about 2 years ago)
- Last Synced: 2024-07-11T14:57:05.651Z (about 2 years ago)
- Topics: platform-services
- Language: Shell
- Homepage:
- Size: 27.3 KB
- Stars: 0
- Watchers: 96
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# Meetup Google OAuth Proxy
[](https://travis-ci.com/meetup/gauth-proxy)
[](https://microbadger.com/images/meetup/gauth-proxy "Get your own image badge on microbadger.com")
[](https://microbadger.com/images/meetup/gauth-proxy "Get your own version badge on microbadger.com")
A nginx docker image for oauthing with google and
proxing some service through it. This is extended
from the very awesome CloudFlare project of the
same topic: https://github.com/cloudflare/nginx-google-oauth
## Usage
Required env vars from the CloudFlare base are:
* NGO_CLIENT_ID
* NGO_CLIENT_SECRET
* NGO_TOKEN_SECRET
One from us:
* NGINX_PROXY_PASS
The project also expects certificates to be mounted as:
* `/etc/nginx/certs/tls.crt`
* `/etc/nginx/certs/tls.key`
Or you can have it generate self signed certificates on startup by setting
* NGO_GENERATE_CERT_CMD
example: openssl req -new -nodes -x509 -subj "/C=US/ST=New York/L=New York/O=IT/CN=*.domain.com" -days 365 -out /etc/nginx/certs/tls.crt -keyout /etc/nginx/certs/tls.key -extensions v3_ca
This proxy redirects http to https.
## Local Development and Testing
1. Copy `secrets.env.template` to `secrets.env` (gitignored) and populate environment variables. Secrets can be found in AWS Parameter Store under `/classic/admin` namespace, other values can be taken from the production CloudFormation stack [gauth-proxy-prod](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/parameters?filteringText=gauth&filteringStatus=active&viewNested=true&hideStacks=false&stackId=arn%3Aaws%3Acloudformation%3Aus-east-1%3A212646169882%3Astack%2Fgauth-proxy-prod%2F9690d7b0-fcd1-11e9-a582-0a182a3cd028)
2. Build and run a Docker container
```sh
$ make package
$ docker run --rm -p 443:443 --env-file secrets.env -it
```
3. Determine an IP address of the container by running `docker inspect `
4. Add an alias to local `/etc/hosts`
```
admin.meetup.com
```
5. Open `https://admin.meetup.com/admin` in a browser, dismiss the warning about an invalid certficate. If Chrome does not display 'proceed' option, type `thisisunsafe` on your keyboard to proceed.
6. Sign in with your Meetup Google account. You should be redirected to the Meetup Admin website.