Add basic auth support
Closed this issue · 3 comments
Silex commented
Add some option to allow securing the server behind a basic auth user/password.
slatinsky commented
Hello,
just bind the docker image to loopback (using -p 127.0.0.1:21011:21011
)
docker run --restart=always --volume "$(pwd):/dcef/exports" --volume dcef_cache:/dcef/cache --name dcef -p 127.0.0.1:21011:21011 -d slada/dcef:main
and put it behind an another nginx reverse proxy. And you can set up SSL (managed by certbot) and other things this way. Example config:
server {
server_name dcef.example.com;
set $domain_name dcef.example.com;
access_log /var/log/nginx/dcef.access.log;
error_log /var/log/nginx/dcef.error.log;
listen 443 ssl;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
send_timeout 3600;
if ($http_host != $domain_name) {
return 403;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
auth_basic "Auth only";
auth_basic_user_file /etc/nginx/dcef.htpasswd;
location / {
include includes/proxypass.conf;
proxy_pass http://127.0.0.1:21011/;
}
}
Create user:
htpasswd -c /etc/nginx/dcef.htpasswd username
Create another user:
htpasswd /etc/nginx/dcef.htpasswd username
Silex commented
Yes, that's one way of doing it, but it was not my question.
It'd be better if basic auth was supported out of the box.
Anyway I understand that you don't want to support it, it's ok.
slatinsky commented
Yes, that is outside the scope of this project.
You can also edit the nginx config in the project and build the docker image yourself