oauth2-proxy-manager

Docker image

gcr.io/laica-lunasys/oauth2-proxy-manager:latest

Setup

0. Install ingress-nginx(nginx-ingress) in your cluster.

Helm chart: https://github.com/helm/charts/tree/master/stable/nginx-ingress

1. GitHub

1-1. Create OAuth Application

Authorization callback URL (ex, https://auth.example.com/github )

https://github.com/settings/applications/new

2. Setup Secret

apiVersion: v1
kind: Secret
metadata:
  name: oauth2-proxy-manager-secret
  namespace: oauth2-proxy
type: Opaque
stringData:
  OAUTH2_PROXY_CLIENT_ID: "xxxxxxx"
  OAUTH2_PROXY_CLIENT_SECRET: "yyyyyy"
  COOKIE_SALT: "U3VzaGkgaXMgR29kLiBCZSBFYXQgU3VzaGkuCg==" # randomized secret strings.

Another manifests can be see: /kubernetes directory.

How to restrict my service?

Example: `supersecret` app

Fill annotations, and host.

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: supersecret
  namespace: supersecret
  annotations:
    # must be use ingress-nginx.
    kubernetes.io/ingress.class: nginx

    # https://auth.example.com/<PROVIDER>/<APP_NAME>/.....
    nginx.ingress.kubernetes.io/auth-signin: https://auth.example.com/github/supersecret/start?rd=https://$host$request_uri$is_args$args
    nginx.ingress.kubernetes.io/auth-url: https://auth.example.com/github/supersecret/auth

    # app-name should be unique.
    oauth2-proxy-manager.k8s.io/app-name: "supersecret"

    # GitHub org, teams
    oauth2-proxy-manager.k8s.io/github-org: "example-corp"
    oauth2-proxy-manager.k8s.io/github-teams: "administrator"
spec:
  rules:
  - host: "supersecret.example.com" # hosts must be provide
    http:
      paths:
      - path: /
        backend:
          serviceName: supersecret
          servicePort: 80

Name		Name	Last commit message	Last commit date
Latest commit History 45 Commits
.github/workflows		.github/workflows
cmd/oauth2-proxy-manager		cmd/oauth2-proxy-manager
kubernetes		kubernetes
logger		logger
models		models
service		service
showcase		showcase
.gitignore		.gitignore
Dockerfile		Dockerfile
Gopkg.lock		Gopkg.lock
Gopkg.toml		Gopkg.toml
README.md		README.md
create-oauth2-proxy.Dockerfile		create-oauth2-proxy.Dockerfile
ingress-observer.Dockerfile		ingress-observer.Dockerfile

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

oauth2-proxy-manager

Docker image

Setup

0. Install ingress-nginx(nginx-ingress) in your cluster.

1. GitHub

1-1. Create OAuth Application

2. Setup Secret

How to restrict my service?

Example: `supersecret` app

Fill annotations, and host.

Tada! 🎉

About

Releases

Packages

Contributors 3

Languages

Laica-Lunasys/oauth2-proxy-manager

Folders and files

Latest commit

History

Repository files navigation

oauth2-proxy-manager

Docker image

Setup

0. Install ingress-nginx(nginx-ingress) in your cluster.

1. GitHub

1-1. Create OAuth Application

2. Setup Secret

How to restrict my service?

Example: supersecret app

Fill annotations, and host.

Tada! 🎉

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 3

Languages

Example: `supersecret` app

Packages