Move basic auth from faaso-daemon to caddy

This commit is contained in:
Roberto Alsina 2024-07-04 22:04:02 -03:00
parent 29d3c399ac
commit ff454de0fd
6 changed files with 22 additions and 18 deletions

View File

@ -4,7 +4,12 @@
local_certs local_certs
} }
http://mindy:8888 { http://*:8888 {
basicauth /admin/* {
# admin $2a$14$C35905PxPzICAZKc/O9jYOS7ipZNPBtrndja8Yu3bvs/UujckryHS
admin {$HTTP_BASIC_AUTH_PASSWORD}
}
handle_path /admin/terminal/* { handle_path /admin/terminal/* {
reverse_proxy /* http://127.0.0.1:7681 reverse_proxy /* http://127.0.0.1:7681
} }

View File

@ -3,7 +3,7 @@ build: shard.yml $(wildcard src/**/*cr)
proxy: build proxy: build
docker build . -t faaso-proxy docker build . -t faaso-proxy
start-proxy: start-proxy:
docker run --name faaso-proxy-one --rm --network=faaso-net -v /var/run/docker.sock:/var/run/docker.sock -v secrets:/home/app/secrets -p 8888:8888 faaso-proxy docker run --name faaso-proxy-one --rm --network=faaso-net --env-file=proxy.env -v /var/run/docker.sock:/var/run/docker.sock -v secrets:/home/app/secrets -p 8888:8888 faaso-proxy
.PHONY: build proxy-image start-proxy .PHONY: build proxy-image start-proxy

1
proxy.env Normal file
View File

@ -0,0 +1 @@
HTTP_BASIC_AUTH_PASSWORD=$2a$14$C35905PxPzICAZKc/O9jYOS7ipZNPBtrndja8Yu3bvs/UujckryHS

View File

@ -28,5 +28,3 @@ dependencies:
branch: add_exposed_ports branch: add_exposed_ports
kemal: kemal:
github: kemalcr/kemal github: kemalcr/kemal
kemal-basic-auth:
github: kemalcr/kemal-basic-auth

View File

@ -5,13 +5,9 @@ require "./terminal.cr"
require "compress/gzip" require "compress/gzip"
require "crystar" require "crystar"
require "docr" require "docr"
require "kemal-basic-auth"
require "kemal" require "kemal"
require "uuid" require "uuid"
# FIXME: make configurable
basic_auth "admin", "admin"
get "/" do |env| get "/" do |env|
env.redirect "/index.html" env.redirect "/index.html"
end end

View File

@ -28,7 +28,11 @@ module Proxy
local_certs local_certs
} }
http://mindy:8888 { http://*:8888 {
basicauth /admin/* {
admin {$HTTP_BASIC_AUTH_PASSWORD}
}
handle_path /admin/terminal/* { handle_path /admin/terminal/* {
reverse_proxy /* http://127.0.0.1:7681 reverse_proxy /* http://127.0.0.1:7681
} }