Contents
We use nginx as an entrypoint to decide whether requests are routed to authorization server (oauth2_proxy) or resource (elk). If request doesn't have authorization cookies, it will be redirected to authorization server which then delegates the process to google. And base on the result of the user authentication, toke exchange or login page redirection will happen.
reference
setup
Set up env var in file /etc/environment
- GOOGLE_CLIENT_ID: xxxxxx
- GOOGLE_CLIENT_SECRET: xxxxxx
- EMAIL_DOMAIN_1: xxxx
- EMAIL_DOMAIN_2: xxxx
- SERVER_NAME: xxxx (eg: elk.example.com)
install ansible and docker
sudo apt install python3-pip
pip3 install ansible
pip3 install docker
pip3 install docker-compose
run
This playbook will install, configure and bootstrap:
- nginx
- oauth2_proxy
- elk
ansible-playbook elk-playbook.yml