Skip to content

Handles routing for the tangerine frontend/backend in an OpenShift environment

License

Notifications You must be signed in to change notification settings

RedHatInsights/tangerine-proxy

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

tangerine-proxy

An OAuth and TLS proxy for tangerine-frontend and tangerine-backend

About

This provides 2 simple proxies that work together to allow Tangerine to run securely on OpenShift and be exposed to the internet. The first proxy is OpenShift OAuth Proxy which handles authentication and the OAuth flow. After authentication it routes requests to its upstream: the tangerine-proxy, which is a Caddy reverse proxy running as a seperate container in the same pod. The tangerine-proxy routes requests to the frontend and backend pods. This ensures that both the frontend and backend are behind OAuth, without either app needing to implement the OAuth flow themselves.

Inspired by the firelink-proxy

Deploying

NAMESPACE=<namespace>

oc process \
    -p COOKIE_SECRET=$(python -c 'import os,base64; print(base64.b64encode(os.urandom(16)).decode())') \
    -p HOSTNAME=<your public Route hostname> \
    -f openshift/template.yaml | oc apply -f - -n $NAMESPACE

About

Handles routing for the tangerine frontend/backend in an OpenShift environment

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published