A DIY test zone for cerca/rauthy integration. If we're gonna do it, let's do it good. This test harness sets up a way to quickly test forward authentication support in Cerca as provided by Rauthy.

This setup gets all the moving parts up and running automagically. A typical issue with adding SSO support to a software is that the maintainer can't test it later on when there is a bug. This is an attempt to mitigate that.

cerca <-------> |
                |
mailcrab <---> caddy <---> browser
                |
rauthy <------> |

Hack

Install docker compose.

git clone https://git.coopcloud.tech/decentral1se/cerca-rauthy-pmc-thunderdome
cd cerca-rauthy-pmc-thunderdome
docker build -t cblgh/cerca:dev -f cerca.Dockerfile .
docker compose up

Rauthy login details are: admin@localhost / 1234test. The admin URL is:

localhost:8089/auth/v1/admin

You can test the Cerca forward authentication protection by visiting:

localhost:1312

Here's all the relevant URLs available:

localhost:1312: Cerca
localhost:8089: Rauthy
localhost:1080: Mailcrab (Rauthy mail catcher)

Tips

Build Cerca image

docker build -t cblgh/cerca:dev -f cerca.Dockerfile .

And if you need to wipe your local images.

docker image ls -qa | \
  xargs docker image rm -f

Wipe all volumes and start again

Watch out, it's everything.

docker ps -aq | \
  xargs docker rm -f && \
  docker volume ls -q | \
  xargs docker volume rm

Build a single service

In this case, Rauthy.

docker compose up rauthy

Reload Caddy without restart

You can hack the Caddyfile and reload the changes on the fly.

docker compose exec -w /etc/caddy caddy caddy reload