@@ -84,77 +84,10 @@ During the install you need to specify `authType`, `Repository-Owner`, `Reposito
8484
8585## 3. Installation on AWS
8686
87- [ ![ ] ( ./doc/aws-logo.png )] ( https://aws.amazon.com/ )
87+ Click below to see the full instructions on how to manually setup the proxy on AWS.
8888
89- We will do demo setup for the following scenario:
90-
91- * GitHub Page we want to secure:
92- * https://comsysto.github.io/github-pages-basic-auth-proxy/086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3/
93- * This is a gh-pages branch of a public repo. In real scenario this would be a private repo and no one could guess the obfuscator.
94- * Contents of gh-pages: https://github.com/comsysto/github-pages-basic-auth-proxy/tree/gh-pages
95- * Proxy-URL we want to use:
96- * https://my-secure-github-page.comsysto.com/
97- * This is a ` ec2.micro ` Instance on AWS which is configured as described below.
98-
99- ### 3.1 Prerequisites
100-
101- * You will need nginx, python 3 and git.
102- * on Ubuntu: ` apt-get install git nginx python3-setuptools build-essential python3-dev `
103- * optional a ssl certificate
104-
105- ### 3.2 nginx setup
106-
107- We need some kind of vhost with SSL that proxies everything through to our python proxy.
108-
109- ```
110- server {
111- listen 443;
112- server_name my-secure-github-page.comsysto.com;
113-
114- ssl on;
115- ssl_certificate /etc/ssl/comsysto.crt;
116- ssl_certificate_key /etc/ssl/comsysto.key;
117- ssl_session_timeout 5m;
118- ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
119- ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
120- ssl_prefer_server_ciphers on;
121-
122- location / {
123- proxy_pass http://127.0.0.1:8881/;
124- }
125- }
126- ```
127-
128- ### 3.3 python proxy setup
129-
130- Install proxy
131- ```
132- git clone https://github.com/comsysto/github-pages-basic-auth-proxy.git
133- cd github-pages-basic-auth-proxy
134- sudo python3 setup.py install
135- ```
136-
137- Run Proxy
138-
139- * proxy that allows only members of the organization to access page: (owner must be an GitHub Organization)
140-
141- ```
142- $> cs-gh-proxy -e wsgi -p 8881 --authType onlyGitHubOrgUsers --owner comsysto --repository github-pages-basic-auth-proxy --obfuscator 086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3
143- ```
144-
145- * proxy that allows all GitHub Users to access page: (owner can be GitHub Organization or normal user)
146-
147- ```
148- $> cs-gh-proxy -e wsgi -p 8881 --authType allGitHubUsers --owner comsysto --repository github-pages-basic-auth-proxy --obfuscator 086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3
149- ```
89+ [ ![ ] ( ./doc/aws-logo.png )] ( ./doc/Howto-Install-on-AWS.md )
15090
151- * Howto run python server as daemon
152- * first [ install daemonize] ( http://software.clapper.org/daemonize/ )
153- * now create script ` /opt/run-gh-proxy.sh `
154- * put run command (see above) in script
155- * run as daemon with ` /usr/local/sbin/daemonize -p /var/run/cs-gh-proxy.pid -l /var/run/cs-gh-proxy.lock /opt/run-gh-proxy.sh `
156- * Now you can write some scripts to check for pidfile or port
157- * lockfile ensures that there will only be a single instance
15891
15992# 4. Roadmap
16093
0 commit comments