password protect admin pages

MaxIV-KitsControls / Elogy

GNU General Public License v3.0

7 stars 1 forks source link

password protect admin pages #6

Closed dschick closed 5 years ago

dschick commented 5 years ago

is there a simple way to password protect the admin interface to elogy?

johanfforsberg commented 5 years ago

I think it should be possible to setup nginx to use basic password authentication on the /admin endpoint, but I have not tried this. Have a look at https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ perhaps. It would be nice to hear about it if you get it to work, maybe it could even be in the default config.

dschick commented 5 years ago

yep, that is working. I changed the Dockerfile of the balancer to:

FROM nginx:1.13.7

EXPOSE 80

COPY nginx.conf /etc/nginx/nginx.conf
COPY htpasswd /etc/htpasswd

and placed a htpasswd file according to the instructions of your link in the same folder. Then I added also two lines to the nginx.conf of the balancer:

location ^~ /admin {
            proxy_pass http://backend:80;
            proxy_set_header HOST $host;
            auth_basic           "Administrator's Area";
            auth_basic_user_file /etc/htpasswd;
        }