This is a lightweight, general-purpose utility designed to securely restrict access to admin dashboards using Traefik's ForwardAuth middleware. It is written in Go and uses the go-session and logrus libraries for session management and logging respectively.
These instructions will help you set up the service and run it on your local machine or a Kubernetes cluster.
If you are deploying the service for the first time, you need to create a Kubernetes secret to store hash_key and password. Here's how you can do it:
kubectl create secret generic <secret-name> --from-file=hash_key=<path-to-hash-key> --from-file=password=<path-to-password>Replace with the name you want to give to your secret, with the path to your hash key file, and with the path to your password file.
After creating the secret, you can install the Helm chart as described above.
The provided Dockerfile allows you to build a Docker image of the service. Run the following command in the directory containing the Dockerfile:
docker build -t go-auth-service:latest .Running the service To run the service, use the following Docker command:
docker run -p 8080:8080 go-auth-service:latestKubernetes Deployment The service is configured to read secrets from a Kubernetes secret, which should be mounted at /secrets. The secrets should include hash_key and password.
To update the Kubernetes secret, you can use the following one-liner:
kubectl patch secret <secret-name> -p='{"data":{"password": "'$(echo -n 'new-password' | base64)'"}}'Just replace with the name of your secret and 'new-password' with the new password.
Remember to restart any pods that are using the secret to ensure they use the updated values.