forked from 2i2c-org/infrastructure
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[CloudBank] Tuskegee Switched to GH Auth
- Loading branch information
1 parent
949549d
commit d3393a8
Showing
2 changed files
with
17 additions
and
51 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,20 +1,20 @@ | ||
| jupyterhub: | ||
| hub: | ||
| config: | ||
| CILogonOAuthenticator: | ||
| client_id: ENC[AES256_GCM,data:ks6gGT32/DnjnMgVkrWh1nVY9Lvk80mvK6M//5uL/6AWYhxW3FHYkvMSmixRMfYqcRiF,iv:WSFYUm4ltEh9vj62adxOb/emDy62m4QYerbuIDN6cfk=,tag:UO3sKDB5GXX/oM163P31lQ==,type:str] | ||
| client_secret: ENC[AES256_GCM,data:R775NB/a3joyf9A/w3hbpIvE0bxag05egVCHSayCdvxuqOCcRQ6Hms1+1uSYwF12VAMpKXVp6Idy85lBZA8suTRSivsTENpFgBwBccbNXsdPr5qc7Ow=,iv:/4r4qcOP5e2svftTS9jpk7AGkOs84Lh4r96nWJ355io=,tag:4iBjL7CsY9Di7EcMZ9SdDw==,type:str] | ||
| GitHubOAuthenticator: | ||
| client_id: ENC[AES256_GCM,data:D/B4l4MN2CH4QSgINuBgEmmD4Qw=,iv:YxkF9j3TcEz+b9YaaPHKRlvTK65MeVVdyQtVfOCk09o=,tag:5fLzRRrGmBKeo+nL2pUBgA==,type:str] | ||
| client_secret: ENC[AES256_GCM,data:sh/Kmk5bJ3eZd7Snqs+9mU7Tn3TPRVBu2InnhEN3o8nemSRt7JNO9A==,iv:ZaXb3MzYrG7qyjrg2oavC1g59ezPZkeRarCuv9rMVxI=,tag:A2maLtPiXSVtoHBkjsIKEA==,type:str] | ||
| sops: | ||
| kms: [] | ||
| gcp_kms: | ||
| - resource_id: projects/two-eye-two-see/locations/global/keyRings/sops-keys/cryptoKeys/similar-hubs | ||
| created_at: "2023-03-10T13:50:43Z" | ||
| enc: CiUA4OM7eHEOrOekx/0qLP0xvvuWwl5t/9vmlpzec0P4cvEA5uWgEkkALQgViL4/5Ji3v+RHapPIcCJmSigcZI86E888/zAM1qHbnk979I+9GjSzEWrty4xtd1jGsRu4v7AakWr+F3cm11NP2Bj9/Q9f | ||
| created_at: "2024-06-12T18:41:19Z" | ||
| enc: CiUA4OM7eHwqhJFy+6xXl1Je7s8Pn/WQwcW5Y2GDGWJ2qQuCpZjUEkkAWX/fcaVa8c84el2HghzEdrxx3d9Xr1ofov7RpIF6eszfcSzLfOHK/MjNTT3vwO3EeA6odU3/pNctgC+qJUvful4O3IudJNJJ | ||
| azure_kv: [] | ||
| hc_vault: [] | ||
| age: [] | ||
| lastmodified: "2023-03-10T13:50:43Z" | ||
| mac: ENC[AES256_GCM,data:Un7C60hO2h41QDHeMa7ayqmeRwOUjGfPgjwj8dpaZzAZ1DDAbh66YzRFfjN9hppKM0tCRr49ao8NHCLL/uxa5Nwn/ffduRPchP4nbGsO7g1ZsA6CnnbM5Bca7bKXsvzGVTqvKSGdpUxmgBD9MtkZ8VCjl6lecgA5y/W5CiXAK7Q=,iv:xD2xcCTvKdjgHXycIggV5L8o42ZucLG5ZoUj8QjTRQU=,tag:nuVWQV5NBYw4Kea4HtIJtA==,type:str] | ||
| lastmodified: "2024-06-12T18:41:20Z" | ||
| mac: ENC[AES256_GCM,data:bkafUdk7aMReWiBDlic517aBv4MSYvHNCw/wWocRLamP7EtiwHiiplRx4ANcpwhrpaA/iHEnYA+/umJYWb2GBbHjuyge2L0NGIgc2LfCKjBvgWyT+3Xw15HMvCMpOWprCljadys9Z/wka7C1fI+BZKZNhYRbz2OMo+9z6TEeb9U=,iv:f0j3wRno0+g5WG95oXHMK0YPE5LcgCFTEByX9whz0HY=,tag:n/h1a1gURUEnEYGa1Q+9XQ==,type:str] | ||
| pgp: [] | ||
| unencrypted_suffix: _unencrypted | ||
| version: 3.7.3 | ||
| version: 3.8.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -26,48 +26,14 @@ jupyterhub: | |
| hub: | ||
| config: | ||
| JupyterHub: | ||
| authenticator_class: cilogon | ||
| CILogonOAuthenticator: | ||
| oauth_callback_url: "https://tuskegee.cloudbank.2i2c.cloud/hub/oauth_callback" | ||
| allowed_idps: | ||
| http://google.com/accounts/o8/id: | ||
| default: true | ||
| username_derivation: | ||
| username_claim: "email" | ||
| OAuthenticator: | ||
| # WARNING: Don't use allow_existing_users with config to allow an | ||
| # externally managed group of users, such as | ||
| # GitHubOAuthenticator.allowed_organizations, as it breaks a | ||
| # common expectations for an admin user. | ||
| # | ||
| # The broken expectation is that removing a user from the | ||
| # externally managed group implies that the user won't have | ||
| # access any more. In practice the user will still have | ||
| # access if it had logged in once before, as it then exists | ||
| # in JupyterHub's database of users. | ||
| # | ||
| allow_existing_users: True | ||
| authenticator_class: github | ||
| GitHubOAuthenticator: | ||
| oauth_callback_url: https://tuskegee.cloudbank.2i2c.cloud/hub/oauth_callback | ||
| allowed_organizations: | ||
| - TU-CSCI-Data8 | ||
| scope: | ||
| - read:org | ||
| Authenticator: | ||
| # WARNING: Removing a user from admin_users or allowed_users doesn't | ||
| # revoke admin status or access. | ||
| # | ||
| # OAuthenticator.allow_existing_users allows any user in the | ||
| # JupyterHub database of users able to login. This includes | ||
| # any previously logged in user or user previously listed in | ||
| # allowed_users or admin_users, as such users are added to | ||
| # JupyterHub's database on startup. | ||
| # | ||
| # To revoke admin status or access for a user when | ||
| # allow_existing_users is enabled, first remove the user from | ||
| # admin_users or allowed_users, then deploy the change, and | ||
| # finally revoke the admin status or delete the user via the | ||
| # /hub/admin panel. | ||
| # | ||
| admin_users: | ||
| - [email protected] | ||
| - [email protected] | ||
| - [email protected] | ||
| - [email protected] | ||
| - [email protected] | ||
| - [email protected] | ||
| - [email protected] | ||
| - sean-morris | ||
| - rawajfihy | ||