.github | ||
env | ||
.gitignore | ||
docker-compose.yml | ||
Dockerfile | ||
go.mod | ||
go.sum | ||
LICENSE | ||
main.go | ||
README.md |
Teabag - Static CMS/Decap OAuth Provider for Gitea
This is a lightweight Go server for handling OAuth flows with Gitea.
Setup
Manual deployment
Open the repo and build the service:
go build -o teabag .
Deploy the binary to your server.
Docker deployment
The official docker image is available under ghcr.io/denyskon/teabag:latest
.
If you want to use docker compose, here is a suggested docker-compose.yml
file.
version: '2'
services:
teabag:
image: ghcr.io/denyskon/teabag
restart: always
environment:
- TEABAG_PORT=3000
- TEABAG_SESSION_SECRET=super-secret
- TEABAG_GITEA_KEY=<KEY>
- TEABAG_GITEA_SECRET=<SECRET>
- TEABAG_GITEA_BASE_URL=https://gitea.company.com
- TEABAG_GITEA_AUTH_URI=login/oauth/authorize
- TEABAG_GITEA_TOKEN_URI=login/oauth/access_token
- TEABAG_GITEA_USER_URI=api/v1/user
- TEABAG_CALLBACK_URI=http://oauth.example.com:3000/callback
ports:
- "3000:3000"
Config
The service needs some minimal configuration set before it can run. On the server or the location you are running the service, create a config file:
mkdir ./env
touch ./env/teabag.env
# OR
mkdir /etc/teabag
touch /etc/teabag/teabag.env
The config file is based on envfile. You can see a complete example in this repo at ./env/teabag.env.example
HOST=localhost # The hostname to bind to
PORT=3000 # The port to serve on
SESSION_SECRET=super-secret # Used with OAuth provider sessions
For the Gitea connector, there are some required settings:
# OAuth Key and Secret generated on Gitea
GITEA_KEY=<KEY>
GITEA_SECRET=<SECRET>
# URL of the Gitea instance
GITEA_BASE_URL=https://gitea.company.com
# endpoint URIs (for Gitea, see https://docs.gitea.io/en-us/oauth2-provider/)
GITEA_AUTH_URI=login/oauth/authorize
GITEA_TOKEN_URI=login/oauth/access_token
GITEA_USER_URI=api/v1/user
# Callback URL for the SCM, where it will redirect the user after they authorise. This needs to match what was given when creating the OAuth application.
CALLBACK_URI=http://localhost:3000/callback
You can also provide the config using environment variables. For that you need to prefix every variable with TEABAG_
, e. g. TEABAG_HOST=0.0.0.0
.
Credits
Fork of https://github.com/donskifarrell/scm-oauth-provider
Inspiration taken from https://github.com/igk1972/netlify-cms-oauth-provider-go