Expose your local Curity installation on the internet

expose_local_curity.sh

#!/bin/bash
set -m

mkdir -p $HOME/.ngrok2
CONFIG_FILE="$HOME/.ngrok2/curity.yml"

if [[ ! -e "$CONFIG_FILE" ]]; then
    cat <<EOF > ${CONFIG_FILE}
console_ui: false
tunnels:
    curity:
        proto: http
        addr: 8443
EOF
fi


ngrok start -config ${CONFIG_FILE} curity &
NGROK_PID=$!
sleep 2
echo "Started Ngrok with PID $NGROK_PID"

BASE_URL=$(curl -s http://localhost:4040/api/tunnels | jq -r '.tunnels[] | select(.proto == "https") | .public_url')

if [[ -n "$BASE_URL" ]]; then
    echo "Setting base url to $BASE_URL"

    idsh --noninteractive << EOF
        configure
        set environments environment base-url ${BASE_URL}
        commit
        exit no-confirm
        exit
EOF
fi


services=$(idsh <<< "show configuration environments environment services service-role  | display-level 1")

while IFS= read -r service
do
    service=$(echo ${service} | sed 's/\;//g')
    name=$(echo ${service} | awk '{split($0, column, " "); print column[2]}')

    idsh --noninteractive << EOF
        configure
        set environments environment services service-role ${name} webfinger
        set environments environment services service-role ${name} protocol http
        commit
        exit no-confirm
        exit
EOF

done <<< "$services"
echo "Exposing local Curity instance at $BASE_URL"
echo "To begin using this, click here: https://oauth.tools#new-env=${BASE_URL}/&webfinger=true"

fg %1

Just a heads up for anyone running this. Make sure to:

• run ngrok authtoken $TOKEN as shown in the ngrok setup.
• have jq installed (on Mac, brew install jq works).
• put idsh, the Curity shell command, on the PATH.

After that, it works really nice.

Looks like the link to that ngrok setup is now gated. Here's the public doc describing authtoken installation.