From 904d8e9537b5d1f31f3054cecc1310c00910f9f5 Mon Sep 17 00:00:00 2001 From: Benedict Endemann Date: Wed, 27 Jun 2018 18:19:12 +0200 Subject: [PATCH] nginx.tmpl: Adding possibility for default htpasswd file --- README.md | 2 ++ nginx.tmpl | 7 +++++++ 2 files changed, 9 insertions(+) diff --git a/README.md b/README.md index 054b4d1..2b28cc5 100644 --- a/README.md +++ b/README.md @@ -310,6 +310,8 @@ $ docker run -d -p 80:80 -p 443:443 \ jwilder/nginx-proxy ``` +It is also possible to create the default htpasswd file /etc/nginx/htpasswd/default that is used when no file named after $VIRTUAL_HOST is present. This can be used when all virtual host should have the same Basic Authentication anyway or as an extra security measure to make sure that no service is exposed to the wild internet without authentication even if there is a error in the configuration and/or file naming. + You'll need apache2-utils on the machine where you plan to create the htpasswd file. Follow these [instructions](http://httpd.apache.org/docs/2.2/programs/htpasswd.html) ### Custom Nginx Configuration diff --git a/nginx.tmpl b/nginx.tmpl index d861050..d85f5f6 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -287,6 +287,9 @@ server { {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + {{ else if (exists "/etc/nginx/htpasswd/default") }} + auth_basic "Restricted {{ $host }}"; + auth_basic_user_file /etc/nginx/htpasswd/default; {{ end }} {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }} include {{ printf "/etc/nginx/vhost.d/%s_location" $host}}; @@ -330,9 +333,13 @@ server { {{ else }} proxy_pass {{ trim $proto }}://{{ trim $upstream_name }}; {{ end }} + {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; + {{ else if (exists "/etc/nginx/htpasswd/default") }} + auth_basic "Restricted {{ $host }}"; + auth_basic_user_file /etc/nginx/htpasswd/default; {{ end }} {{ if (exists (printf "/etc/nginx/vhost.d/%s_location" $host)) }} include {{ printf "/etc/nginx/vhost.d/%s_location" $host}};