Possible to add authentication on web interface (port 3000)?

[aurrak]

Is it possible to add password protection to the node.js web interface? Would be nice have some sort of protection against malicious tampering on the boot.cfg or the menu entries.

[worldowner]

This is a good point. Are there any plans to implement this?

[turegano-equinix]

You can put a nginx to protect the port

docker-compose.yaml

  ---
  version: "2.1"
  services:
    netbootxyz:
      image: ghcr.io/netbootxyz/netbootxyz
      container_name: netbootxyz
      environment:
        - MENU_VERSION=2.0.47 # optional
      volumes:
        - /netboot.xyz/config:/config # optional
        - /netboot.xyz/assets:/assets # optional
      ports:
        #- 3000:3000
        - 69:69/udp
        - 8080:80 #optional
      restart: unless-stopped
    nginx:
      image: nginx:latest
      container_name: nginx
      volumes:
        - /netboot.xyz/config/nginx/reverse_proxy.conf:/etc/nginx/conf.d/default.conf
        - /netboot.xyz/config/nginx/.htpassw:/etc/nginx/.htpasswd
      ports:
        - 3000:3000
      links:
        - netbootxyz

And the reverse_proxy.conf

server {
  listen 3000;
  server_name netbootxyz;

  location / {
   auth_basic "Restricted";
   auth_basic_user_file  /etc/nginx/.htpasswd;
    proxy_pass    http://netbootxyz:3000/;

  }
}

To generate the .htpassw https://www.web2generators.com/apache-tools/htpasswd-generator