mirror of https://github.com/denyskon/teabag synced 2024-11-12 23:20:40 +01:00

A lightweight sever to authenticate Static CMS/Decap with Gitea

Go to file

dependabot[bot] 1e300e0049 Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 (#4 ) Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.0 to 1.9.2. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.2) --- updated-dependencies: - dependency-name: github.com/sirupsen/logrus dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>		2023-05-17 20:08:50 +02:00
.github	fix typo	2023-05-07 10:49:48 +02:00
env	docs simplifications	2023-05-07 11:26:20 +02:00
.gitignore	v1.0.0	2023-02-05 14:34:48 +01:00
docker-compose.yml	docs simplifications	2023-05-07 11:26:20 +02:00
Dockerfile	Bump Go version in Dockerfile	2023-05-07 10:47:04 +02:00
go.mod	Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 (#4 )	2023-05-17 20:08:50 +02:00
go.sum	Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 (#4 )	2023-05-17 20:08:50 +02:00
LICENSE	credits	2023-01-15 22:37:10 +01:00
main.go	v1.0.0	2023-02-05 14:34:48 +01:00
README.md	docs simplifications	2023-05-07 11:26:20 +02:00

README.md

teabag - Static CMS/Decap OAuth provider for Gitea

This is a lightweight Go server for handling OAuth flows with Gitea.

Setup

Manual deployment

Open the repo and build the service:

go build -o teabag .

Deploy the binary to your server.

Docker deployment

The official docker image is available under ghcr.io/denyskon/teabag:latest.

If you want to use docker compose, here is a suggested docker-compose.ymlfile.

version: '2'
services:
  teabag:
    image: ghcr.io/denyskon/teabag
    restart: always
    environment:
      - TEABAG_PORT=3000
      - TEABAG_SESSION_SECRET=super-secret
      - TEABAG_GITEA_KEY=<KEY>
      - TEABAG_GITEA_SECRET=<SECRET>
      - TEABAG_GITEA_BASE_URL=https://gitea.company.com
      - TEABAG_GITEA_AUTH_URI=login/oauth/authorize
      - TEABAG_GITEA_TOKEN_URI=login/oauth/access_token
      - TEABAG_GITEA_USER_URI=login/oauth/userinfo
      - TEABAG_CALLBACK_URI=https://oauth.example.com/callback
    ports:
      - "3000:3000"

It is stronly recommended not to transfer credentials over http. Please use a reverse proxy infront of teabag.

Config

The service needs some minimal configuration set before it can run. On the server or the location you are running the service, create a config file:

mkdir ./env
touch ./env/teabag.env
# OR
mkdir /etc/teabag
touch /etc/teabag/teabag.env

The config file is based on envfile. You can see a complete example in this repo at ./env/teabag.env.example

HOST=localhost # The hostname to bind to
PORT=3000 # The port to serve on
SESSION_SECRET=super-secret # Used with OAuth provider sessions

There are some required settings to connect to Gitea:

# OAuth key and Ssecret generated on Gitea
GITEA_KEY=<KEY>
GITEA_SECRET=<SECRET>
# URL of Gitea instance
GITEA_BASE_URL=https://gitea.example.com
# endpoint URIs (see https://docs.gitea.com/development/oauth2-provider/)
GITEA_AUTH_URI=login/oauth/authorize
GITEA_TOKEN_URI=login/oauth/access_token
GITEA_USER_URI=login/oauth/userinfo
# callback URL, where users will be redirected after they authorise. Must contain the public URL of your teabag instance. This needs to match what was given when creating the OAuth application in Gitea.
CALLBACK_URI=http://localhost:3000/callback

You can also provide the config using environment variables. For that you need to prefix every variable with TEABAG_, e. g. TEABAG_HOST=0.0.0.0.

Credits

Fork of https://github.com/donskifarrell/scm-oauth-provider