diff --git a/.gitignore b/.gitignore deleted file mode 100644 index aa697a3..0000000 --- a/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -.idea -*.iml -out -gen diff --git a/Dockerfile b/Dockerfile index 3a1af58..46e89c3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,9 @@ FROM nginx:1.11.10 -COPY nginx.conf /etc/nginx/nginx.conf -COPY bin/* /usr/local/bin/ +COPY default.conf /etc/nginx/conf.d/default.conf +COPY bin/entry.sh /usr/local/bin/ RUN chmod 744 /usr/local/bin/entry.sh && \ chown root:root /usr/local/bin/entry.sh -CMD ["/usr/local/bin/entry.sh"] +CMD /usr/local/bin/entry.sh diff --git a/README.md b/README.md index 602d507..8bc6484 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,3 @@ # nginx-basic-auth -A simple nginx template for challenging basic auth + +A simple nginx template for challenging basic auth. See docker-compose.yml for example of usage. diff --git a/bin/entry.sh b/bin/entry.sh index dc2f926..72db4d8 100644 --- a/bin/entry.sh +++ b/bin/entry.sh @@ -1,15 +1,19 @@ #!/bin/bash -# Providing defaults values for missing env variables -[ "$DEFAULT_USER" = "" ] && export DEFAULT_USER="admin" -[ "$DEFAULT_PASSWORD" = "" ] && export DEFAULT_PASSWORD="$(openssl rand -base64 12)" +touch /htpasswd -printf "$DEFAULT_USER:$(openssl passwd -crypt "${DEFAULT_PASSWORD}")\n" > /htpasswd +i=0 +user=${USER_0} +password=${PASSWORD_0} -echo "=====[ Nginx Basic Auth ]============================================" -echo "Generated default user" -echo "Login: $DEFAULT_USER" -echo "Password: $DEFAULT_PASSWORD" -echo "==========================================================================" +while [ "$user" ]; do + printf "$user:$(openssl passwd -crypt "$password")\n" >> /htpasswd + + let "i += 1" + user_var_name="USER_$i" + user=${!user_var_name} + password_var_name="PASSWORD_$i" + password=${!password_var_name} +done nginx -g "daemon off;" diff --git a/default.conf b/default.conf new file mode 100644 index 0000000..d1663ea --- /dev/null +++ b/default.conf @@ -0,0 +1,15 @@ +server { + listen 80; + + location / { + auth_basic "Are you authorized to be there?"; + auth_basic_user_file /htpasswd; + + try_files DUMMY @return200; + } + + location @return200 { + add_header Content-Type text/plain; + return 200 'Welcome'; + } +} diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..6caacc1 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,9 @@ +nginx-basic-auth: + build: . + ports: + - 80:80 + environment: + USER_0: user0 + PASSWORD_0: test0 + USER_1: user1 + PASSWORD_1: test1 diff --git a/nginx.conf b/nginx.conf deleted file mode 100644 index 7d13538..0000000 --- a/nginx.conf +++ /dev/null @@ -1,60 +0,0 @@ -# For more information on configuration, see: -# * Official English Documentation: http://nginx.org/en/docs/ -# * Official Russian Documentation: http://nginx.org/ru/docs/ - -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log; -#error_log /var/log/nginx/error.log notice; -#error_log /var/log/nginx/error.log info; - -pid /run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - client_max_body_size 100M; - - sendfile on; - #tcp_nopush on; - - #keepalive_timeout 0; - keepalive_timeout 65; - - gzip on; - - index index.html index.htm; - server_names_hash_bucket_size 128; - - # Load modular configuration files from the /etc/nginx/conf.d directory. - # See http://nginx.org/en/docs/ngx_core_module.html#include - # for more information. - # include /etc/nginx/conf.d/*.conf; - - server { - listen 80; - - location / { - auth_basic "Are you authorized to be there?"; - auth_basic_user_file /htpasswd; - - try_files DUMMY @return200; - } - - location @return200 { - add_header Content-Type text/plain; - return 200 'Welcome'; - } - } -}