This program is a reverse proxy that can optionally restrict access to users authenticated with OAuth (currently supports authorizing members of a specified Github organization). It also provides a health check endpoint that reports the reachability of the upstream services.
I use it to expose erstwhile intranet apps to the public internet while continuing to restrict access, and without having to configure authentication / authorization in the intranet apps themselves. They are installed as if they're still behind a firewall, and sohop handles auth / auth. This is a configuration that is tilted very much towards the usability end of the usability / security spectrum and may not be appropriate for your use case.
health
and oauth
are reserved
health.<domain>/check
provides a health check endpoint for all proxied services.oauth.<domain>/authorize
is used as the oauth callback.oauth.<domain>/session
shows the user the values in their session.go get github.com/davars/sohop/cmd/sohop
Usage of sohop:
-config string
Config file (default "config.json")
-httpAddr string
Address to bind HTTP server (default ":80")
-httpsAddr string
Address to bind HTTPS server (default ":443")
{
"Domain": "example.com",
"Cookie": {
"Name": "exampleauth",
"Secret": "3c0767ada2466a92a59c1214061441713aeafe6d115e29aa376c0f9758cdf0f5"
},
"Auth" : {
"Type": "github-org",
"Config": {
"ClientID": "12345678",
"ClientSecret": "12345678",
"OrgID": 12345678
}
},
"TLS": {
"CertFile": "cert.pem",
"CertKey": "key.pem"
},
"Upstreams": {
"intranet": {
"URL": "http://10.0.0.16:8888",
"HealthCheck": "http://10.0.0.16:8888/login",
"WebSocket": "ws://10.0.0.16:8888",
"Auth": true,
"Headers": { "X-WEBAUTH-USER":["{{.Session.Values.user}}"] }
},
"public": {
"URL": "http://10.0.0.16:8111",
"HealthCheck": "http://10.0.0.16:8111/login.html",
"WebSocket": "ws://10.0.0.16:8111",
"Auth": false
}
}
}
The config file id unmarshalled into a sohop.Config struct, described here: https://godoc.org/github.com/davars/sohop#Config
go test ./...
Contributions welcome! Please fork the repository and open a pull request with your changes.
This is free software, licensed under the ISC license.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
1. 开源生态
2. 协作、人、软件
3. 评估模型