Initial commit

beevelop · beevelop · commit 44a5080d9ee3 · 2016-06-25T09:42:11.000+02:00
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,7 @@
+sudo: required
+
+services:
+  - docker
+
+script:
+  - docker build -t nginx-basic-auth .
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,12 @@
+FROM nginx:alpine
+
+ENV HTPASSWD='foo:$apr1$odHl5EJN$KbxMfo86Qdve2FH4owePn.' \
+    FORWARD_PORT=80
+
+WORKDIR /opt
+
+RUN apk add --no-cache gettext
+
+COPY auth.conf auth.htpasswd launch.sh ./
+
+CMD ["./launch.sh"]
diff --git a/README.md b/README.md
@@ -0,0 +1,36 @@
+[![Travis](https://shields.beevelop.com/travis/beevelop/docker-nginx-basic-auth.svg?style=flat-square)](https://travis-ci.org/beevelop/docker-nginx-basic-auth)
+[![Docker Pulls](https://shields.beevelop.com/docker/pulls/beevelop/nginx-basic-auth.svg?style=flat-square)](https://links.beevelop.com/d-nginx-basic-auth)
+[![ImageLayers Size](https://shields.beevelop.com/imagelayers/image-size/beevelop/nginx-basic-auth/latest.svg?style=flat-square)](https://imagelayers.io/?images=beevelop/nginx-basic-auth:latest)
+[![ImageLayers Layers](https://shields.beevelop.com/imagelayers/layers/beevelop/nginx-basic-auth/latest.svg?style=flat-square)](https://imagelayers.io/?images=beevelop/nginx-basic-auth:latest)
+![Badges](https://shields.beevelop.com/badge/badges-6-brightgreen.svg?style=flat-square)
+[![Beevelop](https://links.beevelop.com/honey-badge)](https://beevelop.com)
+
+# nginx-basic-auth
+----
+> Simple Docker image to provide basic authentication for a single other container.
+
+## Quickstart
+```
+docker run -d --name web dockercloud/hello-world
+docker run -d -p 80:80 --link web:web --name auth beevelop/nginx-basic-auth
+```
+
+Try accessing and logging in with username `foo` and password `bar`.
+
+## Advanced
+```
+docker run -d -e HTPASSWD='' -e FORWARD_PORT=1337 --link web:web -p 8080:80 --name auth beevelop/nginx-basic-auth
+```
+> Use single quotes to prevent unwanted interpretation of `$` signs!
+
+## Configuration
+- `HTPASSWD` (default: `foo:$apr1$odHl5EJN$KbxMfo86Qdve2FH4owePn.`): Will be written on launch to the .htpasswd file (non-persistent)
+- `FORWARD_PORT` (default: `80`): Port of the source container that should be forwarded
+
+## Troubleshooting
+```
+nginx: [emerg] host not found in upstream "web" in /etc/nginx/conf.d/auth.conf:80
+```
+- You need to link the container as `web` (`--link foobar:web`)
+---
+- SSL is unsupported ATM, but might be available in the near future. For now it might be a suitable solution to use another reverse proxy (e.g. `jwilder/nginx-proxy`) that acts as a central gateway. You just need to configure the `VIRTUAL_HOST` env and disable port forwarding.
diff --git a/auth.conf b/auth.conf
@@ -0,0 +1,11 @@
+server {
+ listen 80 default_server;
+ 
+ location / {
+     auth_basic              "Restricted";
+     auth_basic_user_file    auth.htpasswd;
+
+     proxy_pass                          http://web:${FORWARD_PORT};
+     proxy_read_timeout                  900;
+ }
+}
diff --git a/auth.htpasswd b/auth.htpasswd
@@ -0,0 +1 @@
+${HTPASSWD}
diff --git a/launch.sh b/launch.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+envsubst < auth.conf > /etc/nginx/conf.d/auth.conf
+envsubst < auth.htpasswd > /etc/nginx/auth.htpasswd
+
+nginx -g "daemon off;"
