Merge pull request #1 from comsysto/heroku-support

offboarded-x233534 · offboarded-x233534 · commit 9520212ee5f8 · 2016-04-25T14:16:45.000+02:00
Heroku support
diff --git a/.gitignore b/.gitignore
@@ -24,4 +24,7 @@ peewee.db
 *.pyc
 /dist/
 /*.egg-info
-build/
+build/
+
+# heroku
+venv/
diff --git a/Procfile b/Procfile
@@ -0,0 +1 @@
+web: python heroku.py -e heroku -p $PORT --authType allGitHubUsers --owner comsysto --repository github-pages-basic-auth-proxy --obfuscator 086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3
diff --git a/README.md b/README.md
@@ -8,9 +8,10 @@ Basic Auth checks against GitHub API. This little piece of software is brought t
 
 **TOC**
   * [1. Introduction](#1-introduction)
-  * [2. Installation](#2-installation)
-  * [3. Roadmap](#3-roadmap)
-  * [4. License](#4-license)
+  * [2. Installation on Heroku](#2-installation-on-heroku)
+  * [3. Installation on AWS](#3-installation-on-aws)
+  * [4. Roadmap](#4-roadmap)
+  * [5. License](#5-license)
 
 ## 1. Introduction
 
@@ -54,7 +55,52 @@ Basic Auth checks against GitHub API. This little piece of software is brought t
   * If you create a directory in your `gh-pages` branch which is called e.g. `086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3` and proxy to this dir, it will be secure as long as no one knows **obfuscator** (you should keep it secret).
   * You proxy to https (TLS) so no man in the middle attack could get a hold of the obfuscator.
 
-## 2. Installation
+## 2. Installation on Heroku
+
+[![](./doc/heroku-logo.png)](https://dashboard.heroku.com/)
+
+Create a heroku app and clone the git repo. ([Toolbelt is installed](https://toolbelt.heroku.com/) and you are logged in)
+
+```
+$> cd ~/
+$> heroku create
+# Creating app... done, stack is cedar-14
+# https://protected-foo-21086.herokuapp.com/ | https://git.heroku.com/protected-foo-21086.git
+$> git clone https://git.heroku.com/protected-foo-21086.git heroku-gh-proxy
+```
+
+You now have a folder `heroku-gh-proxy` in your homedir that contains the deployed app (currently empty).
+Next we clone the GitHub Pages Proxy and extract the latest snapshot into `heroku-gh-proxy` (absolute path needed)  
+
+```
+$> cd ~/
+$> git clone https://github.com/comsysto/github-pages-basic-auth-proxy.git
+$> cd github-pages-basic-auth-proxy
+$> git checkout-index -a -f --prefix=/Users/bg/heroku-gh-proxy/  # absolute path with trailing slash!
+```
+
+Now change the `Procfile` to your repository and obfuscator settings and push.
+
+```
+$> cd ~/heroku-gh-proxy
+vim Procfile # change your settings
+git add . -A
+git commit -m "init"
+git push
+```
+
+Now your app should be up and running.
+
+  * You can access the health check `https://protected-foo-21086.herokuapp.com/health`
+  * Or directly use the proxy and enter credentials `https://protected-foo-21086.herokuapp.com/` 
+  * A successfully deployed app log should look like this:
+    * ![](./doc/heroku-logs.png)
+
+
+
+## 3. Installation on AWS
+
+[![](./doc/aws-logo.png)](https://aws.amazon.com/)
 
 We will do demo setup for the following scenario:
   
@@ -66,13 +112,13 @@ We will do demo setup for the following scenario:
     * https://my-secure-github-page.comsysto.com/
     * This is a `ec2.micro` Instance on AWS which is configured as described below.
     
-### 2.1 Prerequisites
+### 3.1 Prerequisites
 
   * You will need nginx, python 3 and git.
     * on Ubuntu: `apt-get install git nginx python3-setuptools build-essential python3-dev`
   * optional a ssl certificate  
 
-### 2.2 nginx setup
+### 3.2 nginx setup
 
 We need some kind of vhost with SSL that proxies everything through to our python proxy.
 
@@ -95,7 +141,7 @@ server {
 }
 ```
 
-### 2.3 python proxy setup
+### 3.3 python proxy setup
 
 Install proxy
 ```
@@ -126,7 +172,7 @@ $> cs-gh-proxy -e wsgi -p 8881 --authType allGitHubUsers --owner comsysto --repo
       * Now you can write some scripts to check for pidfile or port
       * lockfile ensures that there will only be a single instance
 
-# 3. Roadmap
+# 4. Roadmap
 
   * Provide oAuth instead of Basic Auth
   * Enable CORS
@@ -137,6 +183,6 @@ $> cs-gh-proxy -e wsgi -p 8881 --authType allGitHubUsers --owner comsysto --repo
   * Provide Heroku easy install
 
 
-# 4. License
+# 5. License
 
 Licensed under [MIT License](./LICENSE.md)
diff --git a/app.json b/app.json
@@ -0,0 +1,8 @@
+{
+  "name": "GitHub Pages Auth Basic Proxy",
+  "description": "GitHub Pages Auth Basic Proxy - Example Setup for Heroku",
+  "image": "heroku/python",
+  "repository": "https://github.com/comsysto/github-pages-basic-auth-proxy",
+  "keywords": ["python", "gh-pages" ],
+  "addons": [  ]
+}
diff --git a/cs_proxy/proxy.py b/cs_proxy/proxy.py
@@ -1,4 +1,6 @@
 import sys, os
+import argparse
+import colorama
 from bottle import route, request, response, run, hook, abort, redirect, error, install, auth_basic
 import simplejson as json
 import random
@@ -10,6 +12,34 @@
 from jose.exceptions import JWSError
 import datetime
 
+def main():
+    #
+    # CLI PARAMS
+    #
+    parser = argparse.ArgumentParser(description='comSysto GitHub Pages Auth Basic Proxy')
+
+    parser.add_argument("-e", "--environment", help='Which environment.', choices=['cgi', 'wsgi', 'heroku'])
+    parser.add_argument("-gho", "--owner", help='the owner of the repository. Either organizationname or username.')
+    parser.add_argument("-ghr", "--repository", help='the repository name.')
+    parser.add_argument("-obf", "--obfuscator", help='the subfolder-name in gh-pages branch used as obfuscator')
+    parser.add_argument("-p", "--port", help='the port to run proxy e.g. 8881')
+    parser.add_argument("-a", "--authType", help='how should users auth.', choices=['allGitHubUsers', 'onlyGitHubOrgUsers'] )
+
+
+    args = parser.parse_args()
+    if not args.environment:
+        print ('USAGE')
+        print ('    proxy that allows only members of the organization to access page: (owner must be an GitHub Organization)')
+        print ('      $> cs-gh-proxy -e wsgi -p 8881 --authType onlyGitHubOrgUsers --owner comsysto --repository github-pages-basic-auth-proxy --obfuscator 086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3')
+        print ('')
+        print ('    proxy that allows all GitHub Users to access page: (owner can be GitHub Organization or normal user)')
+        print ('      $> cs-gh-proxy -e wsgi -p 8881 --authType allGitHubUsers --owner comsysto --repository github-pages-basic-auth-proxy --obfuscator 086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3')
+        print ('')
+
+        sys.exit(1)
+
+    run_proxy(args)
+
 #
 # global vars
 #
@@ -128,6 +158,8 @@ def proxy_trough_root_page():
     #
     if args.environment == 'wsgi':
         run(host='localhost', port=args.port, debug=True)
+    if args.environment == 'heroku':
+        run(host="0.0.0.0", port=int(os.environ.get("PORT", 5000)))
     else:
         run(server='cgi')
 
diff --git a/cs_proxy/run_proxy.py b/cs_proxy/run_proxy.py
diff --git a/doc/aws-logo.png b/doc/aws-logo.png
diff --git a/doc/heroku-logo.png b/doc/heroku-logo.png
diff --git a/doc/heroku-logs.png b/doc/heroku-logs.png
diff --git a/heroku.py b/heroku.py
@@ -0,0 +1,4 @@
+import os
+from cs_proxy import proxy
+
+proxy.main()
diff --git a/requirements.txt b/requirements.txt
@@ -0,0 +1,7 @@
+requests==2.9.1
+argparse==1.4.0
+validators==0.10
+colorama==0.3.7
+bottle==0.12.9
+simplejson==3.8.2
+python-jose==0.6.1
diff --git a/runtime.txt b/runtime.txt
@@ -0,0 +1 @@
+python-3.5.0
diff --git a/setup.py b/setup.py
@@ -21,5 +21,5 @@
       ],
       zip_safe=False,
       entry_points = {
-          'console_scripts': ['cs-gh-proxy=cs_proxy.run_proxy:main'],
+          'console_scripts': ['cs-gh-proxy=cs_proxy.proxy:main'],
       })

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+web: python heroku.py -e heroku -p $PORT --authType allGitHubUsers --owner comsysto --repository github-pages-basic-auth-proxy --obfuscator 086e41eb6ff7a50ad33ad742dbaa2e70b75740c4950fd5bbbdc71981e6fe88e3`