Add nginx HTTP Basic Auth for production
A custom entrypoint generates /etc/nginx/.htpasswd at container startup from AUTH_USER and AUTH_PASSWORD env vars (via openssl). No credentials are baked into the image. Pass AUTH_USER and AUTH_PASSWORD in docker-compose. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
13
docker-entrypoint.sh
Normal file
13
docker-entrypoint.sh
Normal file
@@ -0,0 +1,13 @@
|
||||
#!/bin/sh
|
||||
set -e
|
||||
|
||||
# Generate .htpasswd from environment variables
|
||||
if [ -z "$AUTH_USER" ] || [ -z "$AUTH_PASSWORD" ]; then
|
||||
echo "ERROR: AUTH_USER and AUTH_PASSWORD must be set" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "${AUTH_USER}:$(openssl passwd -apr1 "${AUTH_PASSWORD}")" > /etc/nginx/.htpasswd
|
||||
|
||||
# Hand off to the official nginx entrypoint (runs envsubst on *.template files)
|
||||
exec /docker-entrypoint.sh "$@"
|
||||
Reference in New Issue
Block a user