Skip to content
/ admin-proxy-portal Public

Proxy administrative backend services in a secure manner, optionally using OAuth2

License

Apache-2.0 license
7 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

stefan-hudelmaier/admin-proxy-portal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
docs
docs
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.adoc
README.adoc
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Admin Proxy Portal

build

General

This project can be used as a reverse proxy before various services such as:

  • Grafana

  • Spring Boot Amin

  • Kibana

  • Prometheus

  • Kafka Manager

  • Zipkin

The UIs of these services are made available via a common URL and unified authentication is made for them (as some of these tools do not offer authentication on their own).

Admin Proxy Portal provides its own iframe-based UI to switch between the backend services.

Limitations

  • Having multiple backend UIs open in tabs is not supported, since opening up one UI causes all requests to be switched to this service.

  • Only use Admin Proxy Portal if you control and trust all backend services, as Cookies from one service are also forwarded to the others.

  • Using a context path (e.g. https://example.com/admin-proxy-portal) is not supported, it must be run with its own IP address / DNS name.

Running and Configuration

Admin Proxy Portal can be launched via Docker:

In foreground:

docker run --rm -ti -v $(pwd)/application.yml:/application.yml \
    -p 8080:8080 registry.gitlab.com/hudelmaier/admin-proxy-portal:latest

In background:

docker run -v $(pwd)/application.yml:/application.yml -p 8080:8080 \
    --name admin-proxy-portal registry.gitlab.com/hudelmaier/admin-proxy-portal:latest

Here is an example of the application.yml file:

admin-proxy-portal:
  destinations:
    - name: Spring Boot Admin
      url: http://10.0.0.1:8080
      icon: aperture
    - name: Prometheus
      url: http://10.0.0.2:8080
      icon: anchor
    - name: Grafana
      url: http://10.0.0.3:8080
      icon: monitor
    - name: Kibana
      url: http://10.0.0.4:8080
      icon: message-circle
  users:
    - username: admin
      password: reallysecurepassword
  valid-emails-for-oauth:
    - [email protected]
    - [email protected]
  oauth:
    client-id: xxxxx.apps.googleusercontent.com
    client-secret: xxxxxx-yyyyyy
    provider: google

  • Valid values for the icon property are those from Feather Icons

  • If the oauth section is omitted, OAuth2 Login is disabled.

  • Valid values for the provider property are: google, github, facebook, and okta.

  • When setting up a OAuth2 application with one of these providers, configure the following redirect URL: https://admin-proxy-portal.example.com/__portal__/login/oauth2 (assuming that the application runs under the hostname admin-proxy-portal.example.com)

Screenshots

Login Page

login

Main View

grafana

About

Proxy administrative backend services in a secure manner, optionally using OAuth2

Topics

microservices kibana administration proxy grafana prometheus

Resources

Readme

License

Apache-2.0 license
Activity

Stars

7 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages