From d06517761913dcfa496cfef94bdd5694e9dde0dd Mon Sep 17 00:00:00 2001 From: Marigold Date: Mon, 2 Dec 2024 10:49:20 +0100 Subject: [PATCH] wip --- docs/guides/sharing-external.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/docs/guides/sharing-external.md b/docs/guides/sharing-external.md index f93b47e4376..8a5f3358166 100644 --- a/docs/guides/sharing-external.md +++ b/docs/guides/sharing-external.md @@ -29,3 +29,15 @@ To share explorers with the public, follow these steps: 2. Set `isPublished` to `true` in your explorer configuration. 3. Trigger manual deploy from Admin (this is only needed to do once) or commit to trigger it automatically. 4. Share your explorer with public on e.g. https://staging-site-my-branch.tail6e23.ts.net/explorers/my-explorer. --> + +## Sharing private work with external people + +If you created a private staging server with a `-private` suffix, the domain `https://.owid.pages.dev/` will not be publicly accessible. However, you can share it with specific external people by making it public initially and then protecting it with Cloudflare Access. + +1. **Do not** use the `-private` suffix in your branch name. +2. Go to [Cloudflare Access -> Applications](https://one.dash.cloudflare.com/078fcdfed9955087315dd86792e71a7e/access/apps?search=) and edit the application [Cloudflare Pages (owid)](https://one.dash.cloudflare.com/078fcdfed9955087315dd86792e71a7e/access/apps/edit/d8c658c3-fd20-477e-ac20-e7ed7fd656de?tab=overview). +3. In the `Overview` tab, click on `+Add domain` and enter the subdomain of your staging server. +4. Go to the [Policies](https://one.dash.cloudflare.com/078fcdfed9955087315dd86792e71a7e/access/apps/edit/d8c658c3-fd20-477e-ac20-e7ed7fd656de?tab=policies) tab and edit the [External e-mails](https://one.dash.cloudflare.com/078fcdfed9955087315dd86792e71a7e/access/apps/rules/d8c658c3-fd20-477e-ac20-e7ed7fd656de/4c7bfba1-7bca-4e7c-8a32-5a11ab5f36fe) policy. +5. Add the e-mail addresses of the people you want to share the staging server with. + +Once set up, the URL `https://.owid.pages.dev/` will require authentication. People with the e-mails you added in the policy will be able to access it via Google or by entering their e-mail address and using the code sent to them.