cloud-ide-auth-hub

Multi-user cloud IDE hub (like JupyterHub) for VS Code and Theia, based on code-server.

Spawns per-user Docker containers after GitHub OAuth. Optional Flask helper under Auth/ for Moodle OAuth2 SSO.

Requirements

• Docker (daemon running)
• Node.js 16+
• GitHub OAuth app (client ID and secret)

Quick start

npm install
cp settings.example.json settings.json
cp .env.example .env
# Edit settings.json (whitelist, user_image) and .env (GitHub OAuth)
node index.js

Visit http://localhost:8080 (or the port in settings.json).

Configuration

settings.json (copy from settings.example.json)

Key	Purpose
whitelist	GitHub user IDs allowed to log in (empty = allow all)
port	Hub listen port
images	Docker image definitions (vscode, theia, terminado)
user_image	Map GitHub user ID to image name
callback_url	GitHub OAuth callback URL
time_out	Idle container timeout (ms)
github_clientid / github_clientsecret	Prefer setting via .env instead

.env (copy from .env.example)

Variable	Purpose
GITHUB_CLIENT_ID	GitHub OAuth app client ID
GITHUB_CLIENT_SECRET	GitHub OAuth app secret
CALLBACK_URL	Overrides callback URL in settings
MOODLE_BASE_URL	Base URL for optional Moodle OAuth (Auth/app.py)
MOODLE_CLIENT_ID / MOODLE_CLIENT_SECRET	Moodle OAuth client credentials
FLASK_SECRET_KEY	Flask session secret for Auth/app.py

Moodle OAuth helper (optional)

pip install -r requirements.txt
cp .env.example .env
python Auth/app.py

Set MOODLE_* variables to your Moodle instance with moodle-local_oauth.

TLS keys

Do not commit private keys. Place JWT or TLS material under Auth/ locally only (Auth/*.pem is gitignored).

Layout

Path	Role
index.js	Main hub: GitHub OAuth, Docker proxy
images/	Dockerfiles for vscode, theia, terminado
Auth/app.py	Optional Moodle OAuth Flask app
jupyterhub_config.example.py	JupyterHub OAuth template

License

MIT - see LICENSE.