Expose your local Curity installation on the internet

expose_local_curity.sh

#!/bin/bash
set -m

mkdir -p $HOME/.ngrok2
CONFIG_FILE="$HOME/.ngrok2/curity.yml"

if [[ ! -e "$CONFIG_FILE" ]]; then
    cat <<EOF > ${CONFIG_FILE}
console_ui: false
tunnels:
    curity:
        proto: http
        addr: 8443
EOF
fi


ngrok start -config ${CONFIG_FILE} curity &
NGROK_PID=$!
sleep 2
echo "Started Ngrok with PID $NGROK_PID"

BASE_URL=$(curl -s http://localhost:4040/api/tunnels | jq -r '.tunnels[] | select(.proto == "https") | .public_url')

if [[ -n "$BASE_URL" ]]; then
    echo "Setting base url to $BASE_URL"

    idsh --noninteractive << EOF
        configure
        set environments environment base-url ${BASE_URL}
        commit
        exit no-confirm
        exit
EOF
fi


services=$(idsh <<< "show configuration environments environment services service-role  | display-level 1")

while IFS= read -r service
do
    service=$(echo ${service} | sed 's/\;//g')
    name=$(echo ${service} | awk '{split($0, column, " "); print column[2]}')

    idsh --noninteractive << EOF
        configure
        set environments environment services service-role ${name} webfinger
        set environments environment services service-role ${name} protocol http
        commit
        exit no-confirm
        exit
EOF

done <<< "$services"
echo "Exposing local Curity instance at $BASE_URL"
echo "To begin using this, click here: https://oauth.tools#new-env=${BASE_URL}/&webfinger=true"

fg %1

Just a heads up for anyone running this. Make sure to:

• run ngrok authtoken $TOKEN as shown in the ngrok setup.
• have jq installed (on Mac, brew install jq works).
• put idsh, the Curity shell command, on the PATH.

After that, it works really nice.