Add ability to specify basic_auth

[josegonzalez]

It would be nice to have the ability to specify basic auth. This would be done by making the config.toml itself dynamically generated. We'd iterate over each app, and then generate an htpasswd entry for each.

On generation of an htpasswd entry, we'd want to also have something like consul-template's writeToFile function (requires forking docker-gen). This would allow us to dynamically write a template config with the app name in place for retrieving the correct config.

I'm envisioning generating templates like the following:

{{ $app := "APP_NAME" }}
{{ range $app, $app_containers := groupByLabel $ $app_label }}
{{ $first_container := index $app_containers 0 }}
{{ $basic_auth := when (contains $first_container.Labels (printf "%s%s" $label_prefix "basic_auth")) (index $first_container.Labels (printf "%s%s" $label_prefix "basic_auth")) "" }}

{{ $auth_info := split $basic_auth " " }}
{{ range $_, $auth := $auth_info  }}
{{ $auth }}
{{ end }}

{{ end }}

We'd want to read in the above template via include - PR to docker-gen here - and replace APP_NAME with the app name.

Once we generate the templates, the entry for the htpasswd file in the config.toml should have a hashed (sha256?) comment string so that we force the file to be recognized as "changed". We'd then sighup docker-gen itself.

Then on docker-gen reload, we would write auth_basic and auth_basic_user_file entries in the main nginx.conf file if the label has values.

[josegonzalez]

Maybe something like this could work: https://gist.github.com/crisidev/3d314af9494255e24aa5f78646909ec0

We could potentially write that a single json file that contains the basic auth entries for all apps, then read that in during init_by_lua*, set a dict block var that contains the basic auth info for a given app, then do authentication by lua to check that for applicable apps.