05035b0b04
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.2 to 1.9.3. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.9.2...v1.9.3) --- updated-dependencies: - dependency-name: github.com/sirupsen/logrus dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
---|---|---|
.github | ||
env | ||
.gitignore | ||
docker-compose.yml | ||
Dockerfile | ||
go.mod | ||
go.sum | ||
LICENSE | ||
main.go | ||
README.md |
teabag - Static CMS OAuth provider for Gitea
This is a lightweight Go server for handling OAuth flows with Gitea.
Setup
Manual deployment
Open the repo and build the service:
go build -o teabag .
Deploy the binary to your server.
Docker deployment
The official docker image is available under ghcr.io/denyskon/teabag:latest
.
If you want to use docker compose, here is a suggested docker-compose.yml
file.
version: '2'
services:
teabag:
image: ghcr.io/denyskon/teabag
restart: always
environment:
- TEABAG_PORT=3000
- TEABAG_SESSION_SECRET=super-secret
- TEABAG_GITEA_KEY=<KEY>
- TEABAG_GITEA_SECRET=<SECRET>
- TEABAG_GITEA_BASE_URL=https://gitea.company.com
- TEABAG_GITEA_AUTH_URI=login/oauth/authorize
- TEABAG_GITEA_TOKEN_URI=login/oauth/access_token
- TEABAG_GITEA_USER_URI=login/oauth/userinfo
- TEABAG_CALLBACK_URI=https://oauth.example.com/callback
ports:
- "3000:3000"
It is stronly recommended not to transfer credentials over http. Please use a reverse proxy infront of teabag.
Config
The service needs some minimal configuration set before it can run. On the server or the location you are running the service, create a config file:
mkdir ./env
touch ./env/teabag.env
# OR
mkdir /etc/teabag
touch /etc/teabag/teabag.env
The config file is based on envfile. You can see a complete example in this repo at ./env/teabag.env.example
HOST=localhost # The hostname to bind to
PORT=3000 # The port to serve on
SESSION_SECRET=super-secret # Used with OAuth provider sessions
There are some required settings to connect to Gitea:
# OAuth key and Ssecret generated on Gitea
GITEA_KEY=<KEY>
GITEA_SECRET=<SECRET>
# URL of Gitea instance
GITEA_BASE_URL=https://gitea.example.com
# endpoint URIs (see https://docs.gitea.com/development/oauth2-provider/)
GITEA_AUTH_URI=login/oauth/authorize
GITEA_TOKEN_URI=login/oauth/access_token
GITEA_USER_URI=login/oauth/userinfo
# callback URL, where users will be redirected after they authorise. Must contain the public URL of your teabag instance. This needs to match what was given when creating the OAuth application in Gitea.
CALLBACK_URI=http://localhost:3000/callback
You can also provide the config using environment variables. For that you need to prefix every variable with TEABAG_
, e. g. TEABAG_HOST=0.0.0.0
.