Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve auth documentation #1310

Merged
merged 3 commits into from
Apr 7, 2022
Merged

Improve auth documentation #1310

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a731b54
add variables into auth instructions
paskal Apr 7, 2022
4817969
use remark42.mysite.com consistently in documentation
paskal Apr 7, 2022
572556c
renew Google auth documentation
paskal Apr 7, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 14 additions & 13 deletions site/src/docs/configuration/authorization/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,42 +14,43 @@ Authentication handled by external providers. You should set up OAuth2 for at le
4. Set **"Site URL"** to your domain, e.g., `https://remark42.mysite.com`
5. Under **"Facebook login"**/**"Settings"** fill "Valid OAuth redirect URIs" with your callback URL constructed as domain plus `/auth/facebook/callback`, e.g `https://remark42.mysite.com/auth/facebook/callback`
6. Select **"App Review"** and turn the public flag on. This step may ask you to provide a link to your privacy policy
7. Write down the client ID and secret as `AUTH_FACEBOOK_CID` and `AUTH_FACEBOOK_CSEC`

### GitHub

1. Create a new **"OAuth App"**: https://github.com/settings/developers
2. Fill **"Application Name"** and **"Homepage URL"** for your site
3. Under **"Authorization callback URL"** enter the correct URL constructed as domain + `/auth/github/callback`, i.e., `https://remark42.mysite.com/auth/github/callback`
4. Take note of the **Client ID** and **Client Secret**
4. Take note of the **Client ID** (as `AUTH_GITHUB_CID`) and **Client Secret** (`AUTH_GITHUB_CSEC`)

### Google

1. Create a new project: https://console.cloud.google.com/projectcreate
2. Choose the new project from the top right project dropdown (only if another project is selected)
3. In the project Dashboard center pane, choose **"API Manager"**
3. In the project Dashboard center pane, choose **"APIs & Services"**
4. In the left Nav pane, choose **"Credentials"**
5. In the center pane, choose the **"OAuth consent screen"** tab. Fill in **"Product name shown to users"** and hit save
6. In the center pane, choose the **"Credentials"** tab

- Open the **"New credentials"** drop-down
- Choose **"OAuth client ID"**
- Choose **"Web application"**
- Application name is freeform; choose something appropriate
- Authorized origins should be your domain, e.g., `https://remark42.mysite.com`
- Authorized redirect URIs is the location of OAuth2/callback constructed as domain + `/auth/google/callback`, e.g., `https://remark42.mysite.com/auth/google/callback`
- Choose **"Create"**
- Open the **"Create credentials"** drop-down
- Choose **"OAuth client ID"**
- Choose **"Web application"**
- Application name is freeform; choose something appropriate
- Authorized origins should be your domain, e.g., `https://remark42.mysite.com`
- Authorized redirect URIs is the location of OAuth2/callback constructed as domain + `/auth/google/callback`, e.g., `https://remark42.mysite.com/auth/google/callback`
- Choose **"Create"**

7. Take note of the **Client ID** and **Client Secret**
7. Take note of the **Client ID** (`AUTH_GOOGLE_CID`) and **Client Secret** (`AUTH_GOOGLE_CSEC`)

_instructions for Google OAuth2 setup borrowed from [oauth2_proxy](https://github.com/bitly/oauth2_proxy)_

### Microsoft

1. Register a new application [using the Azure portal](https://docs.microsoft.com/en-us/graph/auth-register-app-v2)
2. Under **"Authentication/Platform configurations/Web"** enter the correct URL constructed as domain + `/auth/microsoft/callback`, i.e., `https://example.mysite.com/auth/microsoft/callback`
3. In **"Overview"** take note of the **Application (client) ID**
3. In **"Overview"** take note of the **Application (client) ID** (`AUTH_MICROSOFT_CID`)
4. Choose the new project from the top right project dropdown (only if another project is selected)
5. Select **"Certificates & secrets"** and click on **"+ New Client Secret"**
5. Select **"Certificates & secrets"** and click on **"+ New Client Secret"** (`AUTH_MICROSOFT_CSEC`)

### Twitter

Expand All @@ -71,7 +72,7 @@ _instructions for Google OAuth2 setup borrowed from [oauth2_proxy](https://githu
- Access to username, first name and surname, gender

5. Fill out the rest of the fields if needed
6. Take note of the **ID** and **Password**
6. Take note of the **ID** (`AUTH_YANDEX_CID`) and **Password** (`AUTH_YANDEX_CSEC`)

For more details refer to [Yandex OAuth](https://yandex.com/dev/oauth/doc/dg/concepts/about.html) and [Yandex.Passport](https://yandex.com/dev/passport/doc/dg/index.html) API documentation.

Expand Down
6 changes: 3 additions & 3 deletions site/src/docs/manuals/kubernetes/index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ spec:
- containerPort: 8080
env:
- name: REMARK_URL
value: "https://comments.mysite.com/"
value: "https://remark42.mysite.com/"
- name: "SITE"
value: "mysite.com"
- name: SECRET
Expand Down Expand Up @@ -129,10 +129,10 @@ metadata:
spec:
tls:
- hosts:
- comments.mysite.com
- remark42.mysite.com
secretName: comments-tls
rules:
- host: "comments.mysite.com"
- host: "remark42.mysite.com"
http:
paths:
- path: /
Expand Down