dokku-http-oauth is a plugin for dokku that gives the ability to enable or disable HTTP authentication through oauth2-proxy. It's designed to work nicely with dokku-http-auth, meaning they can co-exist, and successful auth from any of them will let requests through.
# dokku 0.4+
$ dokku plugin:install https://github.com/cheif/dokku-http-oauth.git$ dokku http-oauth:help
Secures an app using OAuth2
Additional commands:
http-oauth:disable <app> Disables http-oauth for <app>
http-oauth:enable <app> Enables http-oauth for <app>
http-oauth:set Set config for http-oauth
http-oauth:start Starts the http-oauth container
http-oauth:stop Stops the http-oauth container
After installation, the plugin needs to be setup with your oauth provider, currently only OIDC is supported, but it should be straightforward to enable anything oauth2-proxy supports.
dokku http-oauth:set provider oidc
dokku http-oauth:set provider oidc-issuer-url <your-oidc-issuer-url>
dokku http-oauth:set client-id <your-client-id>
dokku http-oauth:set client-secret <your-client-secret>
dokku http-oauth:set email-domain <your-email-domain> # Optional, to restrict auth to a single email domainAll of these options are global, meaning they will apply for all apps where this plugin is used.
These configs are just passed through to the oauth2-proxy container, and more info can be found in the documentation for oauth2-proxy.
The http-oauth:enable <app> enables oauth2 authentication for the specified app.