Posted on

How to Set Up OAuth2 Proxy as a systemd Service

OAuth2 Proxy is a powerful tool for adding authentication to your applications. Running it as a systemd service ensures it starts automatically, integrates well with Linux systems, and can be easily managed. This guide will show you how to configure OAuth2 Proxy as a systemd service.

Prerequisites

  • A server running a Linux distribution with systemd (e.g., Ubuntu, CentOS).
  • OAuth2 Proxy installed and configured.
  • Root or sudo access.

Step 1: Create a systemd Service File

Create a new service file for OAuth2 Proxy. Run the following command:

sudo nano /etc/systemd/system/oauth2-proxy.service

Add the following configuration:

[Unit]
Description=OAuth2 Proxy
After=network.target

[Service]
ExecStart=/usr/local/bin/oauth2-proxy --config=/etc/oauth2-proxy/oauth2-proxy.cfg
Restart=on-failure
User=oauth2proxy
Group=oauth2proxy

[Install]
WantedBy=multi-user.target

Ensure the ExecStart path matches the location of the OAuth2 Proxy binary on your system. Also, update the --config parameter to point to your configuration file.

Step 2: Adjust Permissions

Set appropriate permissions for the service file:

sudo chmod 644 /etc/systemd/system/oauth2-proxy.service

Create a dedicated user and group for OAuth2 Proxy:

sudo useradd -r -s /bin/false oauth2proxy

Step 3: Reload systemd and Start the Service

Reload the systemd daemon to recognize the new service:

sudo systemctl daemon-reload

Start the OAuth2 Proxy service:

sudo systemctl start oauth2-proxy

Enable it to start on boot:

sudo systemctl enable oauth2-proxy

Step 4: Verify the Service

Check the status of the service to ensure it’s running:

sudo systemctl status oauth2-proxy

View logs to troubleshoot any issues:

sudo journalctl -u oauth2-proxy

Conclusion

By setting up OAuth2 Proxy as a systemd service, you simplify its management and ensure it starts reliably with your server. This approach is especially useful for production environments where stability and automation are critical.

Posted on

Installing OAuth2 Proxy on Ubuntu When Not Found

OAuth2 Proxy is a reverse proxy that provides authentication and authorization for web applications. It allows users to log in via an identity provider (like Keycloak, Google, GitHub, etc.). If you’re attempting to install OAuth2 Proxy using sudo apt install oauth2-proxy on Ubuntu and encounter the error “package not found“, this guide will show you how to manually install OAuth2 Proxy.

Why Is OAuth2 Proxy Not Found?

OAuth2 Proxy is not available in the official Ubuntu repositories. This is why attempting to install it using sudo apt install oauth2-proxy results in a “not found” error. Fortunately, you can install OAuth2 Proxy by downloading pre-built binaries or using Docker.

Method 1: Install OAuth2 Proxy Using Pre-built Binaries

One of the easiest ways to install OAuth2 Proxy on Ubuntu is by downloading the pre-built binary directly from the official GitHub releases page.

Steps to Install Using Pre-built Binaries:

  1. Visit the OAuth2 Proxy GitHub Releases Page.
  2. Download the latest release of the OAuth2 Proxy for Linux. You can do this using wget:
    wget https://github.com/oauth2-proxy/oauth2-proxy/releases/download/v7.2.0/oauth2-proxy-7.2.0.linux-amd64.tar.gz

    Replace v7.2.0 with the latest version number if a newer release is available.
  3. Extract the downloaded tarball:
    tar -xvzf oauth2-proxy-7.2.0.linux-amd64.tar.gz

  4. Move the binary to a directory that is in your $PATH, such as /usr/local/bin:
    sudo mv oauth2-proxy-7.2.0.linux-amd64/oauth2-proxy /usr/local/bin/

  5. Verify the installation by checking the version:
    oauth2-proxy --version

Method 2: Install OAuth2 Proxy Using Docker

If you prefer using Docker, you can run OAuth2 Proxy as a container instead of installing it natively on the system.

Steps to Install Using Docker:

  1. Pull the latest OAuth2 Proxy Docker image:
    docker pull quay.io/oauth2-proxy/oauth2-proxy:latest

  2. Run OAuth2 Proxy in a Docker container:
    docker run -d --name oauth2-proxy -p 4180:4180 \
      -e OAUTH2_PROXY_PROVIDER=keycloak \
      -e OAUTH2_PROXY_CLIENT_ID=your-client-id \
      -e OAUTH2_PROXY_CLIENT_SECRET=your-client-secret \
      -e OAUTH2_PROXY_REDIRECT_URL=http://your-nginx-server.com/oauth2/callback \
      -e OAUTH2_PROXY_COOKIE_SECRET=random-cookie-secret \
      quay.io/oauth2-proxy/oauth2-proxy:latest

    Replace your-client-id, your-client-secret, and other environment variables with your actual configuration.

Method 3: Manually Add a Repository for OAuth2 Proxy (Not Recommended)

If you prefer using apt but can’t find OAuth2 Proxy in any trusted repositories, manually adding a repository might be an option, although it is not commonly used. There is no official PPA for OAuth2 Proxy at this time, so the best method is to either use the pre-built binary or Docker.

However, some third-party repositories may offer OAuth2 Proxy, but these are not guaranteed to be up to date with the latest releases. Proceed with caution and only use reputable sources.

Conclusion

If you encounter the “add-apt-repository: command not found” error when trying to install OAuth2 Proxy on Ubuntu, you can follow one of these alternative methods:

  • Install OAuth2 Proxy using the pre-built binaries from GitHub.
  • Run OAuth2 Proxy using Docker for easier management and deployment.

By using these methods, you can successfully install OAuth2 Proxy and integrate it with your web applications for secure authentication and authorization.

Conclusion

If you encounter the “not found” error when trying to install OAuth2 Proxy using sudo apt install oauth2-proxy, the issue is that OAuth2 Proxy is not available in the official Ubuntu repositories. You can still install it by downloading the pre-built binary, using Docker, or adding a third-party repository. Using Docker is a simple and effective method for many users, especially if you want to avoid manual installation steps on your system.