mirror of
https://github.com/RayLabsHQ/gitea-mirror.git
synced 2025-12-06 19:46:44 +03:00
180 lines
5.6 KiB
Bash
Executable File
180 lines
5.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Setup script for testing Authentik SSO with Gitea Mirror
|
|
# This script helps configure Authentik for testing SSO integration
|
|
|
|
set -e
|
|
|
|
echo "======================================"
|
|
echo "Authentik SSO Test Environment Setup"
|
|
echo "======================================"
|
|
echo ""
|
|
|
|
# Colors for output
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m' # No Color
|
|
|
|
# Check if docker and docker-compose are installed
|
|
if ! command -v docker &> /dev/null; then
|
|
echo -e "${RED}Docker is not installed. Please install Docker first.${NC}"
|
|
exit 1
|
|
fi
|
|
|
|
if ! command -v docker-compose &> /dev/null && ! docker compose version &> /dev/null; then
|
|
echo -e "${RED}Docker Compose is not installed. Please install Docker Compose first.${NC}"
|
|
exit 1
|
|
fi
|
|
|
|
# Function to generate random secret
|
|
generate_secret() {
|
|
openssl rand -base64 32 | tr -d '\n' | tr -d '=' | tr -d '/' | tr -d '+'
|
|
}
|
|
|
|
# Function to wait for service
|
|
wait_for_service() {
|
|
local service=$1
|
|
local port=$2
|
|
local max_attempts=30
|
|
local attempt=1
|
|
|
|
echo -n "Waiting for $service to be ready"
|
|
while ! nc -z localhost $port 2>/dev/null; do
|
|
if [ $attempt -eq $max_attempts ]; then
|
|
echo -e "\n${RED}Timeout waiting for $service${NC}"
|
|
return 1
|
|
fi
|
|
echo -n "."
|
|
sleep 2
|
|
((attempt++))
|
|
done
|
|
echo -e " ${GREEN}Ready!${NC}"
|
|
return 0
|
|
}
|
|
|
|
# Parse command line arguments
|
|
ACTION=${1:-start}
|
|
|
|
case $ACTION in
|
|
start)
|
|
echo "Starting Authentik test environment..."
|
|
echo ""
|
|
|
|
# Check if .env.authentik exists, if not create it
|
|
if [ ! -f .env.authentik ]; then
|
|
echo "Creating .env.authentik with secure defaults..."
|
|
cat > .env.authentik << EOF
|
|
# Authentik Configuration
|
|
AUTHENTIK_SECRET_KEY=$(generate_secret)
|
|
AUTHENTIK_DB_PASSWORD=$(generate_secret)
|
|
AUTHENTIK_BOOTSTRAP_PASSWORD=admin-password
|
|
AUTHENTIK_BOOTSTRAP_EMAIL=admin@example.com
|
|
|
|
# Gitea Mirror Configuration
|
|
BETTER_AUTH_SECRET=$(generate_secret)
|
|
BETTER_AUTH_URL=http://localhost:4321
|
|
BETTER_AUTH_TRUSTED_ORIGINS=http://localhost:4321,http://localhost:9000
|
|
|
|
# URLs for testing
|
|
AUTHENTIK_URL=http://localhost:9000
|
|
GITEA_MIRROR_URL=http://localhost:4321
|
|
EOF
|
|
echo -e "${GREEN}Created .env.authentik with secure secrets${NC}"
|
|
echo ""
|
|
fi
|
|
|
|
# Load environment variables
|
|
source .env.authentik
|
|
|
|
# Start Authentik services
|
|
echo "Starting Authentik services..."
|
|
docker-compose -f docker-compose.authentik.yml --env-file .env.authentik up -d
|
|
|
|
# Wait for Authentik to be ready
|
|
echo ""
|
|
wait_for_service "Authentik" 9000
|
|
|
|
# Wait a bit more for initialization
|
|
echo "Waiting for Authentik to initialize..."
|
|
sleep 10
|
|
|
|
echo ""
|
|
echo -e "${GREEN}✓ Authentik is running!${NC}"
|
|
echo ""
|
|
echo "======================================"
|
|
echo "Authentik Access Information:"
|
|
echo "======================================"
|
|
echo "URL: http://localhost:9000"
|
|
echo "Admin Username: akadmin"
|
|
echo "Admin Password: admin-password"
|
|
echo ""
|
|
echo "======================================"
|
|
echo "Next Steps:"
|
|
echo "======================================"
|
|
echo "1. Access Authentik at http://localhost:9000"
|
|
echo "2. Login with akadmin / admin-password"
|
|
echo "3. Create OAuth2 Provider for Gitea Mirror:"
|
|
echo " - Name: gitea-mirror"
|
|
echo " - Redirect URIs:"
|
|
echo " http://localhost:4321/api/auth/callback/sso-provider"
|
|
echo " - Scopes: openid, profile, email"
|
|
echo ""
|
|
echo "4. Create Application:"
|
|
echo " - Name: Gitea Mirror"
|
|
echo " - Slug: gitea-mirror"
|
|
echo " - Provider: gitea-mirror (created above)"
|
|
echo ""
|
|
echo "5. Start Gitea Mirror with:"
|
|
echo " bun run dev"
|
|
echo ""
|
|
echo "6. Configure SSO in Gitea Mirror:"
|
|
echo " - Go to Settings → Authentication & SSO"
|
|
echo " - Add provider with:"
|
|
echo " - Issuer URL: http://localhost:9000/application/o/gitea-mirror/"
|
|
echo " - Client ID: (from Authentik provider)"
|
|
echo " - Client Secret: (from Authentik provider)"
|
|
echo ""
|
|
;;
|
|
|
|
stop)
|
|
echo "Stopping Authentik test environment..."
|
|
docker-compose -f docker-compose.authentik.yml down
|
|
echo -e "${GREEN}✓ Authentik stopped${NC}"
|
|
;;
|
|
|
|
clean)
|
|
echo "Cleaning up Authentik test environment..."
|
|
docker-compose -f docker-compose.authentik.yml down -v
|
|
echo -e "${GREEN}✓ Authentik data cleaned${NC}"
|
|
|
|
read -p "Remove .env.authentik file? (y/N) " -n 1 -r
|
|
echo
|
|
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
|
rm -f .env.authentik
|
|
echo -e "${GREEN}✓ Configuration file removed${NC}"
|
|
fi
|
|
;;
|
|
|
|
logs)
|
|
docker-compose -f docker-compose.authentik.yml logs -f
|
|
;;
|
|
|
|
status)
|
|
echo "Authentik Service Status:"
|
|
echo "========================="
|
|
docker-compose -f docker-compose.authentik.yml ps
|
|
;;
|
|
|
|
*)
|
|
echo "Usage: $0 {start|stop|clean|logs|status}"
|
|
echo ""
|
|
echo "Commands:"
|
|
echo " start - Start Authentik test environment"
|
|
echo " stop - Stop Authentik services"
|
|
echo " clean - Stop and remove all data"
|
|
echo " logs - Show Authentik logs"
|
|
echo " status - Show service status"
|
|
exit 1
|
|
;;
|
|
esac |