From 3b75226e0b582d22ab315268b8389c1939626b24 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Mon, 27 Jul 2020 17:30:05 +0200 Subject: [PATCH] apipassword --- docker/nginx/conf.d/client.conf | 36 +++++++++++++++++++-------------- 1 file changed, 21 insertions(+), 15 deletions(-) diff --git a/docker/nginx/conf.d/client.conf b/docker/nginx/conf.d/client.conf index d67b07bf..f534b08d 100644 --- a/docker/nginx/conf.d/client.conf +++ b/docker/nginx/conf.d/client.conf @@ -135,21 +135,16 @@ server { # proxy this call to siad endpoint (make sure the ip is correct) proxy_pass http://siad-upload/skynet/skyfile/$dir1/$dir2/$dir3/$dir4$is_args$args; - # rewrite_by_lua_block { - # local b64 = require("ngx.base64") - # -- open apipassword file for reading (b flag is required for some reason) - # -- (file /etc/.sia/apipassword has to be mounted from the host system) - # local apipassword_file = io.open("/etc/.sia/apipassword", "rb") - # -- read apipassword file contents and trim newline (important) - # local apipassword = apipassword_file:read("*all"):gsub("%s+", "") - # -- make sure to close file after reading the password - # apipassword_file.close() - # -- encode the user:password authorization string - # -- (in our case user is empty so it is just :password) - # local content = b64.encode_base64url(":" .. apipassword) - # -- set authorization header with proper base64 encoded string - # ngx.req.set_header("Authorization", "Basic " .. content) - # } + rewrite_by_lua_block { + local b64 = require("ngx.base64") + -- put your apipassword here + local apipassword = "" + -- encode the user:password authorization string + -- (in our case user is empty so it is just :password) + local content = b64.encode_base64url(":" .. apipassword) + -- set authorization header with proper base64 encoded string + ngx.req.set_header("Authorization", "Basic " .. content) + } } location ~ "/skynet/skyfile/(.+)" { @@ -169,6 +164,17 @@ server { # proxy this call to siad endpoint (make sure the ip is correct) proxy_pass http://siad-upload/skynet/skyfile/$siapath$is_args$args; + + rewrite_by_lua_block { + local b64 = require("ngx.base64") + -- put your apipassword here + local apipassword = "" + -- encode the user:password authorization string + -- (in our case user is empty so it is just :password) + local content = b64.encode_base64url(":" .. apipassword) + -- set authorization header with proper base64 encoded string + ngx.req.set_header("Authorization", "Basic " .. content) + } } location ~ "^/([a-zA-Z0-9-_]{46}(/.*)?)$" {