diff --git a/docs/apps-proxy/overview.md b/docs/apps-proxy/overview.md new file mode 100644 index 0000000000..9c95477bdf --- /dev/null +++ b/docs/apps-proxy/overview.md @@ -0,0 +1,60 @@ +# Apps proxy Architecture Overview + +- Serves for data apps authentication and authorization. +- Typicall usage is to perform OIDC login through some OIDC provider (e.g Microsoft login, google login etc.) +- Has possibility to add basic authorization which consists of password prompt on a web page. + + +## Entrypoint + +[cmd/apps-proxy/main.go](../../cmd/apps-proxy/main.go) + +## Apps Proxy Options + +## Operations + +In `/etc/hosts` add this: + +``` +127.0.0.1 test.hub.keboola.local +127.0.0.1 hub.keboola.local +``` +In project directory run: + +``` +docker compose run --rm --service-ports dev --net=my-test bash +``` + +Inside this bash run: + +``` +make run-app-proxy +``` + +There is a sandboxes service mock in place which returns configuration of data app. Simply adjust the [provisioning/apps-proxy/dev/sandboxesMock.json](../../provisioning/apps-proxy/dev/sandboxesMock.json) if you want to change received configuration by local testing. + +Next clone this repository: GitHub - fsouza/docker-ssl-proxy: Builds a docker image that proxies SSL calls to another docker container (fork of bombbomb/docker-ssl-proxy) + +In its directory run this: + +``` +docker build -t https-proxy . +``` + +And then in this command replace with the id from earlier: + +``` +docker run --net=cli_default --rm \ + --env DOMAIN=test.hub.keboola.local \ + --env TARGET_HOST= \ + --env TARGET_HOST_HEADER=test.hub.keboola.local \ + --env TARGET_PORT=8002 \ + -p 443:443 \ + --volume=./ca:/etc/nginx/ca \ + --volume=./certs:/etc/nginx/certs \ + https-proxy +``` + +Now the proxy should be available under https://test.hub.keboola.local/. + +