teabag/README.md

86 lines
2.4 KiB
Markdown
Raw Normal View History

# Teabag - Static CMS OAuth Provider for Gitea
This is a lightweight Go server for handling OAuth flows with Gitea.
## Setup
### Manual deployment
Open the repo and build the service:
```
go build -o teabag .
```
Deploy the binary to your server.
### Docker deployment
The official docker image is available under `ghcr.io/denyskon/teabag:latest`.
If you want to use docker compose, here is a suggested `docker-compose.yml`file.
```yaml
version: '2'
services:
teabag:
image: ghcr.io/denyskon/teabag
restart: always
environment:
- TEABAG_PORT=3000
- TEABAG_SESSION_SECRET=super-secret
- TEABAG_GITEA_KEY=<KEY>
- TEABAG_GITEA_SECRET=<SECRET>
- TEABAG_GITEA_BASE_URL=https://gitea.company.com
- TEABAG_GITEA_AUTH_URI=login/oauth/authorize
- TEABAG_GITEA_TOKEN_URI=login/oauth/access_token
- TEABAG_GITEA_USER_URI=api/v1/user
- TEABAG_CALLBACK_URI=http://oauth.example.com:3000/callback
ports:
- "3000:3000"
```
## Config
The service needs some minimal configuration set before it can run.
On the server or the location you are running the service, create a config file:
```bash
mkdir ./env
touch ./env/teabag.env
# OR
mkdir /etc/teabag
touch /etc/teabag/teabag.env
```
The config file is based on envfile. You can see a complete example in this repo at `./env/teabag.env.example`
```bash
HOST=localhost # The hostname to bind to
PORT=3000 # The port to serve on
SESSION_SECRET=super-secret # Used with OAuth provider sessions
```
For the Gitea connector, there are some required settings:
```bash
# OAuth Key and Secret generated on Gitea
GITEA_KEY=<KEY>
GITEA_SECRET=<SECRET>
# URL of the Gitea instance
GITEA_BASE_URL=https://gitea.company.com
# endpoint URIs (for Gitea, see https://docs.gitea.io/en-us/oauth2-provider/)
GITEA_AUTH_URI=login/oauth/authorize
GITEA_TOKEN_URI=login/oauth/access_token
GITEA_USER_URI=api/v1/user
# Callback URL for the SCM, where it will redirect the user after they authorise. This needs to match what was given when creating the OAuth application.
CALLBACK_URI=http://localhost:3000/callback
```
You can also provide the config using environment variables. For that you need to prefix every variable with `TEABAG_`, e. g. `TEABAG_HOST=0.0.0.0`.
### Credits
2023-01-15 22:37:10 +01:00
Fork of https://github.com/donskifarrell/scm-oauth-provider
Inspiration taken from https://github.com/igk1972/netlify-cms-oauth-provider-go