search

jcorporation / myMPD

myMPD is a standalone and mobile friendly web mpd client with a tiny footprint and advanced features.
https://jcorporation.github.io/myMPD/
GNU General Public License v3.0
419 stars 65 forks source link

Wiki: Add section for nginx & apache reverse proxy #93

Closed CultofRobots closed 5 years ago

CultofRobots commented 5 years ago

Wiki: Add section for nginx & apache reverse proxy

Should include the following:

Could also include example with limiting access to local network. For example, in apache Require ip 192.168.1.0/24

Nothing fancy, just the basic "This is the minimal needed to make it work".

Related: #29

jcorporation commented 5 years ago

If you like, you can provide here the details for nginx and apache configuration. I will gladly integrate this in the wiki.

CultofRobots commented 5 years ago

Except I haven't gotten it to work properly, though I only spent about 2 minutes on it and haven't had a chance to get back to it yet. Positive I had websocket proxypass wrong. If I do get around to it this weekend I'll be more than happy to post the details for at least apache.

CultofRobots commented 5 years ago

Here's an entry for subdomain (mympd.example.com) on apache2. It's a lot more complicated to do it on example.com/mympd. I'll do one for nginx when I get around to setting it up on another system. Attachedtext file with the markdown: mympd_proxy.txt

Proxy through Apache2

To access mympd behind apache2 enable mod_proxy if not already enabled: a2enmod mod_proxy

Create a virtual host and add the following:

ProxyRequests Off 
ProxyPreserveHost on
ProxyVia On

<Location "/">
  ProxyPass http://127.0.0.1:8080/
  ProxyPassReverse http://127.0.0.1:8080/
</Location>

<LocationMatch "/ws/?">
  ProxyPass ws://127.0.0.1:8080
  ProxyPassReverse ws://127.0.0.1:8080
</LocationMatch>

Basic Password Authentication

To add basic password authentication create a new htpasswd file sudo htpasswd -c <path/to/htpasswd/file> <username to access mympd>

Or append an existing htpasswd file sudo htpasswd <path/to/htpasswd/file> <username to access mympd>

for example: sudo htpasswd -c /etc/apache2/.htpasswds mympd

Then add the following to your mympd Location in your apache virtualhost configuration file

AuthType Basic
AuthName "Authentication Required" # or add any type of identifier you prefer
AuthUserFile <path/to/htpasswd/file> # for example /etc/apache2/.htpasswds
Require valid-user

for example:

<Location "/">
  AuthType Basic
  AuthName "Authentication Required" # or add any type of identifier you prefer
  AuthUserFile <path/to/htpasswd/file> # for example /etc/apache2/.htpasswds
  Require valid-user

  ProxyPass http://127.0.0.1:8080/
  ProxyPassReverse http://127.0.0.1:8080/
  </Location>

See https://wiki.apache.org/httpd/PasswordBasicAuth for more information

Simple Access Control

To limit acces to mympd to the local network, add the following to the location directive adjusting for your own network:

Require host localhost 
Require ip <ipaddress>
Require ip <ip range/netmask> # ex 192.168.1.0/24

See https://httpd.apache.org/docs/2.4/howto/access.html for more information

Full Example Config

<VirtualHost *:80>
  ServerName mympd.example.com

  ProxyRequests Off
  ProxyPreserveHost on
  ProxyVia On

  <Location "/">
    Require host localhost
    Require ip 192.168.1.0/24
    AuthType Basic
    AuthName "Authentication Required"
    AuthUserFile /etc/apache2/.passwds/mympd
    Require valid-user

    ProxyPass http://127.0.0.1:8080/
    ProxyPassReverse http://127.0.0.1:8080/
  </Location>

  <LocationMatch "/ws/?">
     ProxyPass ws://127.0.0.1:8080
     ProxyPassReverse ws://127.0.0.1:8080
  </LocationMatch>
</VirtualHost>
jcorporation commented 5 years ago

Many thanks for this documentation. I created a wiki page: https://github.com/jcorporation/myMPD/wiki/Accessing-myMPD-through-Apache2

Serede commented 5 years ago

@jcorporation Please allow me to praise your job with this project, it's awesome!

Also, here's my nginx reverse proxy config for myMPD using sub_filter, in case it helps anybody:

location /mympd/ {
    [...]
    proxy_set_header Accept-Encoding "";
    sub_filter_types text/html text/css text/javascript text/xml application/x-javascript;
    sub_filter_once off;
    sub_filter '/css/' '/mympd/css/';
    sub_filter '/js/' '/mympd/js/';
    sub_filter '/assets' '/mympd/assets';
    sub_filter '/api' '/mympd/api';
    sub_filter '/ws' '/mympd/ws';
    sub_filter '/player.html' '/mympd/player.html';
    sub_filter 'href="/' 'href="/mympd/';
}
jcorporation commented 5 years ago

Thanks a lot. I added your configuration to a new wiki site: https://github.com/jcorporation/myMPD/wiki/Accessing-myMPD-through-Nginx