|
1 | 1 | # GitHhub Pages Basic Auth Proxy by comSysto |
2 | 2 |
|
3 | 3 | ## 1. Introduction |
| 4 | + |
4 | 5 | A simple python based proxy to secure github pages via a small cloud-proxy-instance. |
5 | 6 |
|
6 | | -:bangbang: THIS IS WORK IN PROGRESS. PRE-ALPHA :bangbang: |
| 7 | +:bangbang: **THIS IS WORK IN PROGRESS. PRE-ALPHA** :bangbang: |
7 | 8 |
|
8 | 9 | ### 1.1 Who needs this? |
9 | 10 |
|
10 | | -If you have a private github repository. |
11 | | -If you have a `gh-pages` branch in that repository. |
12 | | -And if you want to secure the gh-pages page via basic auth, then this proxy is for you |
13 | | - |
| 11 | + * If you have a GitHub organization account with organization members. |
| 12 | + * If you have a private organization github repository. |
| 13 | + * If you have a `gh-pages` branch in that repository. |
| 14 | + * And if you want to secure the gh-pages page via basic auth, then this proxy is for you. |
| 15 | + ** Only members of the GitHub organization and users you specify manually will have access |
| 16 | + |
14 | 17 | ### 1.2 What it will do |
15 | 18 |
|
16 | 19 |  |
17 | 20 |
|
18 | 21 | * Proxy between GitHub Pages and User |
19 | | - * Ask for Authentication |
| 22 | + * Ask for Authentication (github credentials) |
20 | 23 | * Only proxy through if user is member of GitHub Organization or in list of users allowed to access |
21 | 24 |
|
22 | 25 | ### 1.3 How is this secure? |
23 | 26 |
|
24 | 27 | * Basically `gh-pages` URLs are public |
25 | | - * BUT if you create a directory in your `gh-pages` branch which is called `ibjsda67d79gds8a9sd88` and proxy to this dir, it will be secure as long as no one knows this "obfuscator-dir" |
| 28 | + * BUT if you create a directory in your `gh-pages` branch which is called `086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3` and proxy to this dir, it will be secure as long as no one knows this "obfuscator-dir" |
26 | 29 |
|
27 | 30 | ## 2. Installation |
28 | 31 |
|
29 | 32 | We will do demo setup for the following scenario: |
30 | 33 |
|
31 | 34 | * GitHub Page we want to secure: |
32 | 35 | * https://comsysto.github.io/github-pages-basic-auth-proxy/086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3/ |
33 | | - * (this is a gh-pages branch of a public repo. In real scenario this would be a private repo) |
34 | | - * Contents of gh-pages: https://github.com/... |
| 36 | + * This is a gh-pages branch of a public repo. In real scenario this would be a private repo and no one could guess the obfuscator-dirname. |
| 37 | + * Contents of gh-pages: https://github.com/comsysto/github-pages-basic-auth-proxy/tree/gh-pages |
35 | 38 | * Proxy-URL we want to use: |
36 | 39 | * https://my-secure-github-page.comsysto.com/ |
37 | | - * This is a `ec2.micro` Instance on AWS. |
| 40 | + * This is a `ec2.micro` Instance on AWS which is configured as described below. |
38 | 41 |
|
39 | 42 | ### 2.1 Prerequisites |
40 | 43 |
|
41 | | - * You will need nginx and python. |
| 44 | + * You will need nginx and python 3. |
| 45 | + * optional a ssl certificate |
42 | 46 |
|
43 | 47 | ### 2.2 nginx setup |
44 | 48 |
|
|
0 commit comments