Documentation
¶
Overview ¶
Package sohop implements an OAuth-authenticating reverse proxy.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Config ¶
type Config struct { // Domain is the domain to which the subdomains belong. Also used as the // domain for the session cookie. Domain string // Upstreams is an array of configurations for upstream servers. Keys are // the subdomain to proxy to the configured server. Values describe // various aspects of the upstream server. Upstreams map[string]UpstreamConfig // Auth configures the auth middleware. Auth auth.Config // Cookie configures the session cookie store. Cookie CookieConfig // TLS can be used to specify a static TLS configuration for the server. // It is overridden by the values from the AcmeWrapper if Acme is used. TLS TLSConfig // Acme configures automatic provisioning and renewal of TLS certificates // using the ACME protocol. Acme *acme.Config // Deprecated. See https://godoc.org/github.com/davars/sohop/auth#Config. Github *auth.GithubAuth // Deprecated. See https://godoc.org/github.com/davars/sohop/auth#Config. Google *auth.GoogleAuth }
A Config can be used to set up a sohop proxy
type CookieConfig ¶
type CookieConfig struct { // Name is the name of the session cookie. If not set, a random name will // be generated on start-up. Name string // Secret is the private key used to authenticate session cookies. Should be // a hex-encoded string 128 characters in length (64 byte key). If not set, // a random key will be generated on start-up. Run `openssl rand -hex 64` // to generate a key. Secret string }
CookieConfig configures the session cookie store.
type Server ¶
type Server struct { Config *Config HTTPAddr string HTTPSAddr string // contains filtered or unexported fields }
A Server is an OAuth-authenticating reverse proxy.
func (Server) HealthHandler ¶
HealthHandler checks each upstream and considers them healthy if they return a 200 response. Also, the health check will fail if the TLS certificate will expire within 72 hours.
func (Server) ProxyHandler ¶
ProxyHandler selects the appropriate upstream based on subdomain of the incoming request and does the proxying.
type TLSConfig ¶
type TLSConfig struct { // CertFile is a path to the PEM-encoded server certificate. CertFile string // CertKey is a path to the unencrypted PEM-encoded private key for the // server certificate. CertKey string }
TLSConfig configures the server certificate.
type UpstreamConfig ¶
type UpstreamConfig struct { // The URL of the upstream server. URL string // Auth is whether requests to this upstream require authentication. Auth bool // HealthCheck is a URL to use as a health check, if different from // Upstreams.URL (for example if UpstreamConfig.URL returns a 302 response). // It should return a 200 response if the upstream is healthy. HealthCheck string // WebSocket is a ws:// or wss:// URL receive proxied WebSocket connections. WebSocket string // Headers can be used to replace the headers of an incomping request // before it is sent upstream. The values are templates, evaluated with the // current session available as `.Session`. Headers http.Header }
UpstreamConfig configures a single upstream endpoint.
Directories
¶
Path | Synopsis |
---|---|
Package acme uses https://github.com/dkumor/acmewrapper to automatically provision TLS certificates.
|
Package acme uses https://github.com/dkumor/acmewrapper to automatically provision TLS certificates. |
Package auth implements the OAuth authentication flows for sohop.
|
Package auth implements the OAuth authentication flows for sohop. |
cmd
|
|
sohop
Package main implements the CLI for sohop.
|
Package main implements the CLI for sohop. |
Package store provices an implementation of sessions.Store that also carries its name around with it.
|
Package store provices an implementation of sessions.Store that also carries its name around with it. |
Click to show internal directories.
Click to hide internal directories.