josegonzalez
commented
2 years ago Yes, that's all possible and documented in the readme.
Closed gleniat closed 8 months ago
josegonzalez
commented
2 years ago Yes, that's all possible and documented in the readme.
gleniat
commented
2 years ago Hi josegonzalez,
Maybe I wasn’t clear enough. So let me try to clarify.
I'd like to achieve this: add XXX.XXX.XXX.XXX and YYY.YYY.YYY.YYY IPs to a whitelist. Don't add any auth users.
I'd like to hide the site from the public completely. Is this currently achievable with this plugin somehow?
Thank you!
josegonzalez
commented
2 years ago Is that possible at all with nginx auth?
josegonzalez
commented
2 years ago Yeah i think you can just do:
dokku http-auth:enable node-js-app
dokku http-auth:add-allowed-ip node-js-app 127.0.0.1Have you tried the above?
gleniat
commented
2 years ago Yes I've tried that, it still shows the http auth dialog for other IP addresses. I'd like to show 404, 403, or 401 right away.
Basically I'd like to set
server {
...
allow 222.222.222.222;
deny all;
}somehow.
josegonzalez
commented
2 years ago This plugin doesn't do that. It probably can, if we gate the htpasswd bit of the template behind checking if there are any users.
gleniat
commented
2 years ago That would be nice.
I've just discovered that I can create a file /home/dokku/myapp/nginx.conf.d/restrict-ips.conf, chown it to dokku:dokku and insert these two lines in it:
allow 222.222.222.222;
deny all;and it seems it does what I needed. You may need to restart the app or reload nginx. I hope it is a clean solution.
Thank you
bensteinberg
commented
1 year ago I just tried @gleniat's restrict-ips.conf workaround, and it is only denying access -- my allow lines are not working.
Update: never mind, it works great -- I had to set set_real_ip_from for Cloudflare addresses, and then real_ip_header X-Forwarded-For;.
Hi!
I'd like to simply block all connections + whitelist IP addresses that can access the app without auth. Is it possible to do it with this plugin?
Thank you