Do basic auth in Caddy, but delegating user/pass auth to kemal

This commit is contained in:
Roberto Alsina 2024-07-07 11:07:34 -03:00
parent 3b45b6a28f
commit 30e447dc8a
5 changed files with 39 additions and 26 deletions

View File

@ -1,18 +1,21 @@
{
http_port 8888
https_port 8887
local_certs
http_port 8888
https_port 8887
local_certs
}
http://*:8888 {
basicauth /admin/* {
admin {$FAASO_PASSWORD}
forward_auth /admin/* http://127.0.0.1:3000 {
uri http://127.0.0.1:3000
copy_headers {
Authorization
}
}
handle_path /admin/terminal/* {
reverse_proxy /* http://127.0.0.1:7681
}
handle_path /admin/* {
reverse_proxy /* http://127.0.0.1:3000
}
handle_path /admin/terminal/* {
reverse_proxy /* http://127.0.0.1:7681
}
handle_path /admin/* {
reverse_proxy /* http://127.0.0.1:3000
}
}

View File

@ -44,6 +44,10 @@ shards:
git: https://github.com/kemalcr/kemal.git
version: 1.5.0
kemal-basic-auth:
git: https://github.com/kemalcr/kemal-basic-auth.git
version: 1.0.0
radix:
git: https://github.com/luislavena/radix.git
version: 0.4.1

View File

@ -16,7 +16,7 @@ license: MIT
dependencies:
crest:
github: mamantoha/crest
github: mamantoha/crest
crinja:
github: straight-shoota/crinja
crystar:
@ -28,10 +28,12 @@ dependencies:
branch: add_exposed_ports
kemal:
github: kemalcr/kemal
kemal-basic-auth:
github: kemalcr/kemal-basic-auth
rucksack:
github: busyloop/rucksack
inotify:
github: petoem/inotify.cr
scripts:
postinstall: cat .rucksack >> bin/faaso

View File

@ -5,9 +5,12 @@ require "./terminal.cr"
require "compress/gzip"
require "crystar"
require "docr"
require "kemal-basic-auth"
require "kemal"
require "uuid"
basic_auth "admin", "admin"
macro version
"{{ `grep version shard.yml | cut -d: -f2` }}".strip()
end

View File

@ -30,24 +30,25 @@ module Proxy
containers = docker_api.containers.list(all: true)
config = <<-CONFIG
{
http_port 8888
https_port 8887
local_certs
http_port 8888
https_port 8887
local_certs
}
http://*:8888 {
basicauth /admin/* {
admin {$FAASO_PASSWORD}
forward_auth /admin/* http://127.0.0.1:3000 {
uri http://127.0.0.1:3000
copy_headers {
Authorization
}
}
handle_path /admin/terminal/* {
reverse_proxy /* http://127.0.0.1:7681
}
handle_path /admin/* {
reverse_proxy /* http://127.0.0.1:3000
}
handle_path /admin/terminal/* {
reverse_proxy /* http://127.0.0.1:7681
}
handle_path /admin/* {
reverse_proxy /* http://127.0.0.1:3000
}
CONFIG
funkos = Funko::Funko.from_docker