When using sockets to pass data between e.g. nginx and oauth2-proxy it's
simpler to use sockets. Systemd can even facilitate this and pass the
actual socket directly.
This also means that only the socket runs with the same group as nginx
while the service runs with DynamicUser.
Does not support TLS yet.
nginx
```
server {
location /oauth2/ {
proxy_pass http://unix:/run/oauth2-proxy/oauth2.sock;
}
```
oauth2-proxy.socket
```
[Socket]
ListenStream=%t/oauth2.sock
SocketGroup=www-data
SocketMode=0660
```
Start oauth2-proxy with the parameter `--http-address=fd:3`.
Signed-off-by: Josef Johansson <josef@oderland.se>
By using the context created by the test, the goroutines produced in
http.Client is actually closed when cancelled and such, not leaked.
Signed-off-by: Josef Johansson <josef86@gmail.com>
* initial commit: add groups to azure
Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com>
* fix deprecations and linting errors
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>
* remove groups testing from azure provider
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>
* fix test error
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>
* verify-generate
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>
Signed-off-by: andrewphamade@gmail.com <andrewphamade@gmail.com>
Signed-off-by: Andrew Hamade <andrewphamade@gmail.com>
* init TLS.Config when connecting to Redis with TLS
* don't overwrite TLS config if it exists
* add tests for Redis with TLS
* remove hardcoded certs
* add GenerateCert func
* use GenerateCert util func
* fix issue reported by go fmt
* limit return statements in GenerateCert
