• Stars
    star
    156
  • Rank 239,589 (Top 5 %)
  • Language
    Lua
  • License
    MIT License
  • Created almost 9 years ago
  • Updated almost 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

OAuth 2.0 proxy for nginx written in Lua.

ngx-oauth

Build Status Coverage Status LDoc

TBD

Requirements

Installation

You can install ngx-oauth and its Lua dependencies (called rocks) using LuaRocks (the Lua package manager):

luarocks install ngx-oauth

or to get the latest development version:

luarocks install --server=http://luarocks.org/dev ngx-oauth

Note: If you want to bootstrap development environment or just try ngx-oauth without any hassle, read section Setup development environment.

Alpine Linux

  1. Install nginx with the Lua module:

    apk add nginx nginx-mod-http-lua
  2. Install Lua dependencies:

    apk add lua5.1-cjson lua5.1-ossl lua5.1-resty-http
  3. Install LuaRocks and git (for installing development version of the ngx-oauth from LuaRocks):

    apk add git luarocks-5.1
  4. Install ngx-oauth from LuaRocks:

    luarocks-5.1 install --server=http://luarocks.org/dev ngx-oauth

Debian/Ubuntu

  1. Install nginx-extras (consider installing from some PPA to get not-so-old version…):

    apt-get install nginx-extras
  2. Install luarocks, libssl-dev, and git:

    apt-get install luarocks libssl-dev git
  3. Install ngx-oauth:

    luarocks install luaossl CRYPTO_LIBDIR=/usr/lib/x86_64-linux-gnu OPENSSL_LIBDIR=/usr/lib/x86_64-linux-gnu
    luarocks install --server=http://luarocks.org/dev ngx-oauth

Usage

Example of nginx.conf:
http {

    # DNS servers used to resolve names of upstream servers into addresses.
    resolver 208.67.222.222 208.67.220.220 [2620:0:ccc::2] [2620:0:ccd::2];

    # Path of the file with trusted CA certificates.
    lua_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;

    # The verification depth in the server certificates chain.
    lua_ssl_verify_depth 3;

    # The Lua module search path.
    lua_package_path '/path/to/ngx-oauth/?.lua;;';

    ...

    server {
        listen 443 ssl;
        server_name client.example.org;

        ...

        set $oauth_client_id '01234567-89ab-cdef-0123-456789abcdef';
        set $oauth_client_secret 'very-top-secret-password';
        set $oauth_redirect_uri '/_oauth/callback';
        set $oauth_oaas_uri 'https://oaas.example.org/oauth';

        location /_oauth/login {
            content_by_lua_file '/path/to/ngx-oauth-login.lua';
        }

        location /_oauth/callback {
            content_by_lua_file '/path/to/ngx-oauth-redirect-handler.lua';
        }

        location /_oauth/logout {
            content_by_lua_file '/path/to/ngx-oauth-logout.lua';
        }

        location /_proxy {
            access_by_lua_file '/path/to/ngx-oauth-proxy.lua';

            rewrite ^/_proxy/(.*)$ /$1 break;
            proxy_pass https://resource-provider;
        }

        location / {
            ...
        }
    }
}

Configuration variables

$oauth_aes_bits

Selects the AES key length (in bits) for encrypting a refresh token stored in a cookie. The supported values are: 128, 192, and 256. The default value is 128.

$oauth_authorization_url

URL of the authorization endpoint provided by the authorization server. This variable is required if $oauth_oaas_uri is not set; otherwise it defaults to ${oauth_oaas_uri}/authorize.

$oauth_client_id

The client identifier registered on the authorization server. This variable is required.

$oauth_client_secret

The client secret (password). First n-bytes of this value, where n equals $oauth_aes_bits / 8, is also used as a key for encrypting a refresh token stored in a cookie. This n also defines the lower limit of the secret length. However, even if you use the default key length 128 bits, the client secret should be much longer (e.g. 32 characters). This variable is required.

$oauth_cookie_path

Specifies the Path attribute for the cookies. The default value is /.

$oauth_cookie_prefix

The string to be used as a prefix for access_token, refresh_token and username cookies. The default value is oauth_.

$oauth_max_age

Specifies the Max-Age attribute for the refresh_token cookie and the username cookie, in seconds. The Max-Age of the access_token cookie is determined as a minimum of this value and token’s expires_in attribute. The default value is 2592000 (30 days).

$oauth_oaas_uri

Base URI of the OAuth 2.0 authorization server. This variable is required, unless you set $oauth_authorization_url, $oauth_token_url and $oauth_userinfo_url.

$oauth_redirect_uri

URL of the client’s redirection endpoint previously registered on the authorization server. It may be full (absolute) URL, or just a path (starting with /) relative to $scheme://$server_name. The default value is /_oauth/callback.

$oauth_scope

A space delimited set of OAuth scopes that should be requested. The default value is empty, i.e. all scopes allowed for the client will be requested.

$oauth_success_uri

Absolute or relative URI to which a browser should be redirected after successful authorization. The default value is /.

$oauth_token_url

URL of the token endpoint provided by the authorization server. This variable is required if $oauth_oaas_uri is not set; otherwise it defaults to ${oauth_oaas_uri}/token.

$oauth_userinfo_url

URL of the userinfo endpoint. This may be any GET resource secured by OAuth 2.0 that returns JSON with username (in the attribute username) of the user that has authorized the access token. This variable is required if $oauth_oaas_uri is not set; otherwise it defaults to ${oauth_oaas_uri}/userinfo.

Usage scenarios

This section describes various usage scenarios.

List of participants:
user-agent

This is typically user’s web browser.

proxy/nginx

Nginx with ngx-oauth module that serves our client-side application. It has URI https://nginx in the diagrams.

Authorization Server (OAAS)

OAuth 2.0 authorization server. It may be standalone, or coupled with an resource provider. It has URI https://oaas in the diagrams.

Resource provider (RP)

An resource provider, i.e. our backend application with RESTful API. It has URI https://rp in the diagrams.

Error handling:
  • If there’s some problem in ngx-oauth configuration, then the proxy responds with HTTP 500.

  • If the user-agent use an incorrect HTTP method (i.e. GET instead of POST), then the proxy responds with HTTP 405.

  • If some error occur in communication with the OAAS, then the proxy responds with HTTP 503.

User log-in

Modules: ngx-oauth-login and ngx-oauth-redirect-handler

This scenario is intended for authorization grant client credentials.

Log-in for the first time
+-------------+                               +-------------+                                    +-------------+
| user-agent  |                               | proxy/nginx |                                    |    OAAS     |
+------+------+                               +------+------+                                    +------+------+
       |       POST https://nginx/_oauth/login       |                                                  |
      (1)------------------------------------------->|                                                  |
       |                                             |                                                  |
       |  302 | Location: https://oaas/authorize?... |                                                  |
       |<- - - - - - - - - - - - - - - - - - - - - (2a)                                                 |
       |                                             |                                                  |
       |                                         GET <Location>                                         |
     (2b)---------------------------------------------------------------------------------------------->|
       :                                             :                                                  :
       :                                             :                               /~~~~~~~~~~~~~~~~~~~~~~~~~~~+
       :                                             :                               | User logs in and approves |
       :                                             :                               |    authorization request. |
       :                                             :                               +~~~~~~~~~~~~~~~~~~~~~~~~~~~/
       :                     302 | Location: https://nginx/_oauth/callback?code=xyz                     :
       |<- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -(3a)
       |                                             |                                                  |
       |               GET <Location>                |                                                  |
      (3b)------------------------------------------>|                                                  |
       |                                             | POST https://oaas/token | code= & redirect_uri=  |
       |                                             | Authorization: Basic <client_id>:<client_secret> |
       |                                            (4)------------------------------------------------>|
       |                                             |                                                  |
       |                                             |    200 | {access_token:, refresh_token:, ...}    |
       |                                             |<- - - - - - - - - - - - - - - - - - - - - - - - (5)
       |                                             |                                                  |
       |                                             |            GET https://oaas/userinfo             |
       |                                             |       Authorization: Bearer <access_token>       |
       |                                            (6)------------------------------------------------>|
       |                                             |                                                  |
       |                                             |              200 | {username, ...}               |
       |                                             |<- - - - - - - - - - - - - - - - - - - - - - - - (7)
       |      302 | Location: /, Set-Cookie: ...     |                                                  |
       |<- - - - - - - - - - - - - - - - - - - - - -(8)                                                 |
       |                                             |                                                  |
  1. The user-agent makes a POST request to the proxy’s login endpoint (i.e. user clicks on the login button).

  2. The proxy initiates the OAuth flow by directing the user-agent to the authorization endpoint (specified by $oauth_authorization_url). The URI includes the client identifier ($oauth_client_id), requested scope ($oauth_scope), and a redirection URI ($oauth_redirect_uri) to which the OAAS will send the user-agent back once access is granted (or denied).

  3. Assuming the user logs-in and grants access, the OAAS redirects the user-agent back to the proxy using the redirection URI with an authorization code.

  4. The proxy requests an access token from the OAAS’ token endpoint ($oauth_token_url) by including the authorization code and the redirection URI. When making the request, the proxy authenticates with the OAAS using the client identifier and the client secret ($oauth_client_secret).

  5. The OAAS validates the token request and if valid, it responds back with an access token and a refresh token.

  6. The proxy requests an userinfo from the OAAS’ userinfo endpoint ($oauth_userinfo_url) using the access token.

  7. The OAAS validates the access token and if valid, it responds back with an username and possibly other fields.

  8. Assuming that all previous steps were successful, the proxy redirects the user-agent to the $oauth_success_uri and sets access_token, refresh_token and username cookies. The refresh_token cookie is encrypted, so it’s not readable by the user-agent.

Log-in with an existing refresh token
+-------------+                               +-------------+                                    +-------------+
| user-agent  |                               | proxy/nginx |                                    |    OAAS     |
+------+------+                               +------+------+                                    +------+------+
       |       POST https://nginx/_oauth/login       |                                                  |
       |         Cookie: refresh_token, ...          |                                                  |
      (1)------------------------------------------->|                                                  |
       |                                             |     POST https://oaas/token | refresh_token=     |
       |                                             | Authorization: Basic <client_id>:<client_secret> |
       |                                            (2)------------------------------------------------>|
       |                                             |                                                  |
       |                                             |            200 | {access_token:, ...}            |
       |                                             |<- - - - - - - - - - - - - - - - - - - - - - - - (3)
       | 302 | Location: /, Set-Cookie: access_token |                                                  |
       |<- - - - - - - - - - - - - - - - - - - - - -(4)                                                 |
       |                                             |                                                  |
  1. The user-agent makes a POST request to the proxy’s login endpoint and includes a valid refresh_token cookie.

  2. The proxy requests an access token from the OAAS’ token endpoint ($oauth_token_url) using the refresh_token obtained from the cookie. When making the request, the proxy authenticates with the OAAS using the client identifier ($oauth_client_id) and the client secret ($oauth_client_secret).

  3. The OAAS validates the refresh token and if valid, it responds back with a new access token.

  4. Assuming that the previous step was successful, the proxy redirects the user-agent to the $oauth_success_uri and sets cookie with the new access token.

User log-out

Modules: ngx-oauth-logout

+-------------+                               +-------------+                                   +-------------+
| user-agent  |                               | proxy/nginx |                                   |    OAAS     |
+------+------+                               +------+------+                                   +------+------+
       |      POST https://nginx/_oauth/logout       |                                                 |
       |   Cookie: access_token, refresh_token, ...  |                                                 |
      (1)------------------------------------------->|                                                 |
       |                                             |                                                 |
       |                     204                     |                                                 |
       | Set-Cookie: oauth_*=deleted; Max-Age=0; ... |                                                 |
       |<- - - - - - - - - - - - - - - - - - - - - -(2)                                                |
       |                                             |                                                 |
  1. The user-agent makes a POST request to the proxy’s logout endpoint.

  2. The proxy responds back with HTTP status 204 and sets access_token, refresh_token and username cookies to expired (i.e. the user-agent will erase them).

Proxy for resource provider

Module: ngx-oauth-proxy

+-------------+                       +-------------+                        +-------------+    +-------------+
| user-agent  |                       | proxy/nginx |                        |  RP (API)   |    |    OAAS     |
+------+------+                       +------+------+                        +------+------+    +------+------+
       |                                     |                                      |                  |
       |    GET https://nginx/_proxy/ping    |                                      |                  |
       | Cookie: access_token, refresh_token |                                      |                  |
      (1)----------------------------------->|         GET https://rp/ping          |                  |
       |                                     | Authorization: Bearer <access_token> |                  |
       |                                    (2)------------------------------------>|                  |
       |                                     |                                      |                  |
       |                                     |                 200                  |                  |
       |                 200                 |<- - - - - - - - - - - - - - - - - - (3)                 |
       |<- - - - - - - - - - - - - - - - - -(4)                                     |                  |
       :                                     :                                      :                  :
  /~~~~~~~~~~~~~~~~~~~~~~+                   :                                      :                  :
  | access_token expired |                   :                                      :                  :
  +~~~~~~~~~~~~~~~~~~~~~~/                   :                                      :                  :
       :                                     :                                      :                  :
       |    GET https://nginx/_proxy/ping    |                                      |                  |
       |        Cookie: refresh_token        |                                      |                  |
      (5)----------------------------------->|                                      |                  |
       |                                     |        POST https://oaas/token | refresh_token=         |
       |                                     |     Authorization: Basic <client_id>:<client_secret>    |
       |                                    (6)------------------------------------------------------->|
       |                                     |                                      |                  |
       |                                     |                200 | {access_token:, ...}               |
       |                                     |<- - - - - - - - - - - - - - - - - - - - - - - - - - - -(7)
       |                                     |                                      |                  |
       |                                     |         GET https://rp/ping          |                  |
       |                                     | Authorization: Bearer <access_token> |                  |
       |                                    (8)------------------------------------>|                  |
       |                                     |                                      |                  |
       |                                     |                 200                  |                  |
       |   200 | Set-Cookie: access_token    |<- - - - - - - - - - - - - - - - - - (9)                 |
       |<- - - - - - - - - - - - - - - - - (10)                                     |                  |
       |                                     |                                      |                  |
  1. The user-agent requests data on the resource provider (RP) through the proxy.

  2. The proxy adds an Authorization header with the access token obtained from the cookie (that has been set in the login flow) and passes it to the RP.

  3. The RP validates the access token on the OAAS and responds back to the user-agent through the proxy.

  4. The proxy just passes the RP’s response to the user-agent without any modification.

  5. Some time later, the access token expire and the user-agent requests another data through the proxy. The access token cookie has the same or shorter expiration time than the access token itself, i.e. when the token expire, the user-agent erases the cookie.

  6. The proxy requests an access token from the OAAS’ token endpoint ($oauth_token_url) using the refresh_token obtained from the cookie. When making the request, the proxy authenticates with the OAAS using the client identifier ($oauth_client_id) and the client secret ($oauth_client_secret).

  7. The OAAS validates the refresh token and if valid, it responds back with a new access token.

  8. The proxy adds the Authorization header with the new access token to the request (5) and passes it to the RP.

  9. The RP validates the access token on the OAAS and responds back to the proxy.

  10. The proxy passes the RP’s response to the user-agent and sets cookie with the new access token.

Setup development environment

  1. Clone this repository:

    git clone https://github.com/jirutka/ngx-oauth.git
    cd ngx-oauth
  2. Source file .envrc into your shell (or manually add $(pwd)/.env/bin to your PATH):

    source .envrc
  3. Install LuaJIT and modules for development into directory .env:

    ./script/bootstrap

    or to install nginx and Python modules for running integration tests as well, use:

    ./script/bootstrap-full
  4. Run tests with code coverage and linter:

    ./script/test

    and integration tests:

    ./script/test-integration

These scripts should work on every up-to-date Unix system (tested on OS X, Gentoo, Slackware, and Ubuntu).

License

This project is licensed under MIT License. For the full text of the license, see the LICENSE file.

This README file is licensed under Creative Commons Attribution 4.0 International License.

More Repositories

1

rsql-parser

Parser for RSQL / FIQL – query language for RESTful APIs
Java
685
star
2

spring-rest-exception-handler

A convenient Spring MVC exception handler for RESTful APIs.
Java
354
star
3

maven-badges

Badge for Maven Central
Ruby
240
star
4

ssh-ldap-pubkey

Utility to manage SSH public keys stored in LDAP.
Python
217
star
5

ldap-passwd-webui

Very simple web interface for changing password stored in LDAP or Active Directory (Samba 4 AD).
Python
198
star
6

luapak

Easily build a standalone executable for any Lua program
Lua
175
star
7

esh

Simple templating engine based on shell.
Shell
172
star
8

validator-collection

The easiest way to validate collections of basic types using Bean Validation.
Java
120
star
9

smlar

PostgreSQL extension for an effective similarity search || mirror of git://sigaev.ru/smlar.git || see https://www.pgcon.org/2012/schedule/track/Hacking/443.en.html
C
110
star
10

zsh-shift-select

Select text in Zsh command line using Shift, as in many text editors and GUI programs
Shell
107
star
11

setup-alpine

Easily use Alpine Linux on GitHub Actions, with support for QEMU user emulator
Shell
105
star
12

tty-copy

Copy content to system clipboard via TTY and terminal using ANSI OSC52 sequence
C
94
star
13

validator-spring

Bean Validator utilizing Spring Expression Language (SpEL)
Java
84
star
14

asciidoctor-html5s

Semantic HTML5 converter (backend) for Asciidoctor
HTML
79
star
15

luasrcdiet

Compresses Lua source code by removing unnecessary characters (updated fork of http://luasrcdiet.luaforge.net/)
Lua
64
star
16

apk-autoupdate

Automatic updates for Alpine Linux and other systems using apk-tools
Shell
45
star
17

embedmongo-spring

Spring Factory Bean for “Embedded” MongoDB
Java
44
star
18

nginx-binaries

Nginx and njs binaries for Linux (x86_64, aarch64, ppc64le), macOS and Windows. Linux binaries are static so works on every Linux.
TypeScript
44
star
19

otf2bdf

OpenType to BDF Converter (unofficial mirror)
C
42
star
20

njs-typescript-starter

A starting template for developing njs (NGINX JavaScript) scripts for NGINX server in TypeScript.
JavaScript
42
star
21

apcupsd-snmp

Apcupsd module for Net-SNMP
Perl
41
star
22

doas-sudo-shim

sudo shim for doas
Shell
39
star
23

qemu-openrc

OpenRC init script for QEMU/KVM (for Gentoo and Alpine Linux)
Shell
30
star
24

rake-jekyll

Rake tasks for Jekyll as a gem.
Ruby
30
star
25

akms

Alpine Kernel Module Support – aka DKMS for Alpine Linux
Shell
29
star
26

corefines

💎 A collection of refinements for Ruby core classes with a compatibility mode for older Rubies and a convenient syntactic sugar.
Ruby
26
star
27

user-aports

My Alpine Linux aports that are not in official repository yet or don’t adhere to Alpine polices (bundles)
Shell
26
star
28

ipynb2html

Convert Jupyter (IPython) Notebooks to static HTML
TypeScript
26
star
29

sh-parser

Parser of POSIX Shell Command Language
Lua
25
star
30

zzz

A simple program to suspend or hibernate your computer 💤
C
22
star
31

nginx-testing

Support for integration/acceptance testing of nginx configuration in TypeScript/JavaScript.
TypeScript
21
star
32

asciidoctor-highlight.js

Asciidoctor.js extension for highlighting code in build time using Highlight.js
JavaScript
21
star
33

opensmtpd-filter-rewrite-from

OpenSMTPD 6.6+ filter for rewriting From address
Awk
18
star
34

asciidoctor-rouge

Rouge code highlighter support for Asciidoctor (OBSOLETE)
Ruby
18
star
35

efi-mkuki

EFI Unified Kernel Image Maker
Shell
17
star
36

asciidoctor-katex

Asciidoctor extension for converting latexmath using KaTeX at build time
Ruby
17
star
37

babel-preset-njs

A Babel preset for njs - NGINX JavaScript
JavaScript
17
star
38

ssh-getkey-gitlab

A simple script to be used as AuthorizedKeysCommand in OpenSSH server to look up user’s public keys in GitLab or GitHub.
Shell
17
star
39

unidecode

Transliteration from Unicode to US-ASCII and ISO 8859-2.
Java
14
star
40

alpine-zsh-config

A sensible system-wide Zsh configuration for Alpine Linux
Shell
14
star
41

haste-client

CLI client for haste-server (hastebin.com) written in Python
Python
13
star
42

ts-transformer-inline-file

A TypeScript custom transformer for inlining files
TypeScript
12
star
43

argp

Rust derive-based argument parsing optimized for code size and flexibility
Rust
12
star
44

stunnel-static

stunnel built as a fully static binary
Shell
11
star
45

swaylockd

A dumb launcher to spawn swaylock and ensure it runs no matter what
C
11
star
46

ssh-getkey-ldap

A simple script to be used as AuthorizedKeysCommand in OpenSSH server to look up user’s public keys in LDAP.
Lua
11
star
47

ansible-gentoo-roles

A curated list of Ansible roles for Gentoo Linux.
10
star
48

asciidoctor-include-ext

Asciidoctor’s standard include processor reimplemented as an extension
Ruby
9
star
49

muacme

A convenient wrapper for the ACMEv2 client uacme
Shell
8
star
50

rsql-hibernate

This project is outdated. Use https://github.com/tennaito/rsql-jpa instead.
Java
8
star
51

github-pr-closer

GitHub webhook handler for closing pull requests that have been merged using rebase etc.
Python
8
star
52

dokuwiki2adoc

Converter from DokuWiki to AsciiDoc formatted text files.
Shell
8
star
53

sloci-image

Simple script for creating single-layer OCI images.
Shell
8
star
54

brieflz.lua

Lua binding for BriefLZ compression library
C
7
star
55

asciidoctor-interdoc-reftext

Asciidoctor extension providing implicit (automatic) reference text (label) for inter-document cross references
Ruby
7
star
56

spring-boot-openrc

OpenRC init script for Java applications based on Spring Boot
Shell
7
star
57

efi-mkkeys

Script to easily generate self-signed UEFI keys for Secure Boot
Shell
7
star
58

rsub-client

Open and edit files from a remote machine in your local Sublime Text or TextMate 2.
Python
6
star
59

git-metafile

Store and restore files metadata (mode, owner, group) in a git repository
Rust
6
star
60

unboundid-spring

Spring Factory Beans for UnboundID LDAP SDK
Java
6
star
61

alpkit

Rust library and CLI tool for reading Alpine Linux’s apk package format and APKBUILD
Rust
5
star
62

emscripten-travis-example

How to easily use Emscripten on Travis CI or any other CI
C
5
star
63

cesnet-tcs-cli

CLI client utility for CESNET TCS API
Shell
5
star
64

slava-ukrajine

Слава Україні! / Sláva Ukrajině! – grafika
4
star
65

asciidoctor-templates-compiler

Compile templates-based Asciidoctor converter (backend) into a single Ruby file
Ruby
4
star
66

spring-http-client-cache

A very simple HTTP cache for the Spring’s RestTemplate.
4
star
67

one-context

OpenNebula contextualization scripts for Alpine Linux and Gentoo
Shell
4
star
68

uidmapshift

Shift UIDs/GIDs of directory entries recursively by some offset
Lua
4
star
69

yaml-env-tag

Custom YAML tag for referring environment variables in YAML documents
Ruby
3
star
70

mtype

An enhanced Lua type() function that looks for __type metafield
Lua
3
star
71

CSFD-parser

Parser for movie pages and search on CSFD.cz
Python
3
star
72

commons-hibernate

My collection of reusable Java classes for Hibernate.
Java
3
star
73

virt-init

Provisioning scripts for Alpine Linux VMs
Shell
3
star
74

keycloak-json-schema

JSON schemas for Keycloak realm configuration
JavaScript
3
star
75

redmine_agile

Archive of redmine_agile plugin downloaded from https://www.redmineup.com/pages/plugins/agile
Ruby
3
star
76

apk-deploy-tool

Tool for easily deploying applications or configuration packaged in APK packages via SSH
Shell
3
star
77

collectd-apk

Collectd plugin for apk-tools
C
2
star
78

tash

WIP
Shell
2
star
79

acpi-utils

ACPI utilities for use in scripts and one-liners
Shell
2
star
80

gversion.lua

Lua library for Gentoo-style versioning format
Lua
2
star
81

nginx-oidc-njs

OpenID Connect and OAuth 2.0 module for NGINX written in njs.
TypeScript
2
star
82

jabber-migrate

Tool for migration of a roster from one Jabber server to another.
Java
2
star
83

alpine-git-mirror-syncd

Lua script that listens on MQTT and synchronizes Git mirrors when notified about changes
Lua
2
star
84

spring-modular

Modularize Spring applications simply!
Java
2
star
85

spring-security-oauth-samples

Modified samples from Spring Security OAuth project
Java
2
star
86

collectd-openrc

Collectd plugin for OpenRC
C
2
star
87

hass-smarwi

Home Assistant integration for Vektiva SMARWI window opener
Python
2
star
88

macos-init

Simplified cloud-init for macOS
Shell
2
star
89

com.meetfranz.Franz

Flatpak for Franz
1
star
90

prebackup

Pre/post backup scripts
Shell
1
star
91

slim-htag

Slim filter providing a heading tag with parametrized (dynamic) level (h1-h6)
Ruby
1
star
92

beuri-parser

Parser of Boolean Expressions in URI
Java
1
star
93

my-void-packages

My package templates for Void Linux
Shell
1
star
94

ts-transformer-export-default-name

TypeScript AST transformer that assigns name to anonymous functions and classes exported as default
TypeScript
1
star
95

ansible-modules

Some unofficial Ansible modules.
Python
1
star
96

roundcube-virtuser_ldap

A Roundcube plugin for LDAP based User-to-Email and Email-to-User lookup
PHP
1
star
97

sublimedsl

Simple pythonic DSL for generating Sublime Text configs.
Python
1
star
98

shaj

C
1
star
99

atom-jaxb

Custom JAXB classes for Atom Syndication Format
Java
1
star
100

nginx-jsconf

JS library and a CLI tool to convert nginx configuration from YAML or JSON to nginx config format
TypeScript
1
star