Add nginx HTTP Basic Auth for production

A custom entrypoint generates /etc/nginx/.htpasswd at container startup from AUTH_USER and AUTH_PASSWORD env vars (via openssl). No credentials are baked into the image. Pass AUTH_USER and AUTH_PASSWORD in docker-compose. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-27 05:49:29 +01:00
parent 2217489c15
commit 29db643407
5 changed files with 29 additions and 0 deletions
--- a/7
+++ b/7
@@ -19,4 +19,11 @@ COPY --from=builder /app/dist /usr/share/nginx/html
 # files at startup, producing /etc/nginx/conf.d/default.conf
 COPY nginx/default.conf.template /etc/nginx/templates/default.conf.template

+# Custom entrypoint: generates .htpasswd from AUTH_USER/AUTH_PASSWORD, then
+# hands off to the official nginx entrypoint
+COPY docker-entrypoint.sh /docker-entrypoint-custom.sh
+RUN chmod +x /docker-entrypoint-custom.sh
+
 EXPOSE 80
+ENTRYPOINT ["/docker-entrypoint-custom.sh"]
+CMD ["nginx", "-g", "daemon off;"]