Skip to content

Latest commit

 

History

History
48 lines (36 loc) · 2.42 KB

README.md

File metadata and controls

48 lines (36 loc) · 2.42 KB

Meetup Google OAuth Proxy

Build Status

A nginx docker image for oauthing with google and proxing some service through it. This is extended from the very awesome CloudFlare project of the same topic: https://github.com/cloudflare/nginx-google-oauth

Usage

Required env vars from the CloudFlare base are:

  • NGO_CLIENT_ID
  • NGO_CLIENT_SECRET
  • NGO_TOKEN_SECRET

One from us:

  • NGINX_PROXY_PASS

The project also expects certificates to be mounted as:

  • /etc/nginx/certs/tls.crt
  • /etc/nginx/certs/tls.key

Or you can have it generate self signed certificates on startup by setting

  • NGO_GENERATE_CERT_CMD

example: openssl req -new -nodes -x509 -subj "/C=US/ST=New York/L=New York/O=IT/CN=*.domain.com" -days 365 -out /etc/nginx/certs/tls.crt -keyout /etc/nginx/certs/tls.key -extensions v3_ca This proxy redirects http to https.

Local Development and Testing

  1. Copy secrets.env.template to secrets.env (gitignored) and populate environment variables. Secrets can be found in AWS Parameter Store under /classic/admin namespace, other values can be taken from the production CloudFormation stack gauth-proxy-prod
  2. Build and run a Docker container
$ make package
$ docker run --rm -p 443:443 --env-file secrets.env -it <image_id>
  1. Determine an IP address of the container by running docker inspect <container_id>
  2. Add an alias to local /etc/hosts
<container_ip>  admin.meetup.com
  1. Open https://admin.meetup.com/admin in a browser, dismiss the warning about an invalid certficate. If Chrome does not display 'proceed' option, type thisisunsafe on your keyboard to proceed.
  2. Sign in with your Meetup Google account. You should be redirected to the Meetup Admin website.