Serves static sites from private repositories to members with read access (or higher), secured using GitHub OAuth2.
The server is written in Go.
Github forces users to pay for an enterprise license in order to share github pages only with members of an organization.
It is not even included in the paid Team plan.
This repository is a workaround for that - it also works for free tier plans as it doesn't rely on github pages nor public repositories.
- Supports multiple pages, one per subdomain
- Define your own branch
- No need to publish a repository nor use of github pages
- Works with github free tier
- Selfhosted
You need to create a Github OAuth2 App.
Check out the sample.config.yaml for more informations.
The callback URL must point to http(s)://domain:publicPort/login/github/callback (not subdomain).
To protect your site using SSL, we advice to use a reverse proxy like Traefik.
- First, build using:
- make prepare
- make build+linux or
- make build+docker (optional)
 
- Second, set up a configuration
- checkout sample.config.yaml for more informations
 
- Third, execute the binary or docker image
- ./prviate-ghp --config=<path_to_config>
 
localhost does not work as the app uses cross origin resource sharing which is not applied to localhost. 
You need to use a FQDN like local.host to work.
This is a high level explanation of how this project works.
For more information of how GitHub OAuth works, see the official documentation.
- The client requests a resource
- If the session cookie is present and valid, skip the next two steps
- Otherwise, redirects to the provider's OAuth page
 
- Provider's (e.g. GitHub) OAuth page
- If successful, redirects to the callback URL (this service)
 
- The callback request is received from the OAuth provider
- Get an OAuth token, then store it client-side in a cookie
 
- A call is performed to the Github API using the token the client sends with each request (as cookie) to get the resource, which is then served to the client
GitHub Pages allows to serve from a /docs directory, which is supported by private-ghp too, if the hosted page uses /docs as basePath.
For any question, create an issue here on Github.