Differences

This shows you the differences between two versions of the page.

Link to this comparison view

password-protect-your-web-interface [2017/12/08 14:19] (current)
Elco Jacobs created
Line 1: Line 1:
 +You will be using htpasswd to generate a username/​password file, this utility can be found in the apache2-utils package:
 +<​code>​
 +sudo apt-get update; sudo apt-get install apache2-utils
 +</​code>​
 +
 +To generate a file that NGINX can use you use the following command, don’t forget to change username to something meaningful!
 +<​code>​
 +sudo htpasswd -c /​etc/​nginx/​.htpasswd username
 +</​code>​
 +You will receive a prompt to create a password for this username, once finished the file will be created. You’re then free to reference the file to NGINX.
 +
 +== Set up the new server in nginx ==
 +Create the file`brewpi-protected` in the `sites-available` directory:
 +<​code>​
 +cd /​etc/​nginx/​sites-available
 +sudo nano '​brewpi-protected'​
 +</​code>​
 +
 +Paste this configuration int he new file:
 +
 +<​code>​
 +server {
 + listen ​                         888;
 + server_name ​                    ​brewpi-protected;​
 +
 + location / {
 + proxy_pass ​                             http://​localhost:​80/;​
 + proxy_buffering ​                        off;
 + proxy_set_header Host                   ​$http_host;​
 + proxy_set_header X-Real-IP ​             $remote_addr;​
 + proxy_set_header X-Forwarded-For ​       $proxy_add_x_forwarded_for;​
 + proxy_set_header X-Forwarded-Proto ​     $scheme;
 + auth_basic ​                             "​Username and Password Required";​
 + auth_basic_user_file ​                   /​etc/​nginx/​.htpasswd;​
 + }
 +}
 +</​code>​
 +
 +This will make the BrewPi web interface available on port 888, exactly the same as the normal one on port 80, but with password protection.
 +
 +Enable this new site by creating a symlink in '​sites-enabled':​
 +<​code>​
 +sudo ln -s /​etc/​nginx/​sites-available/​brewpi-protected /​etc/​nginx/​sites-enabled/​
 +</​code>​
 +
 +Reload nginx to start using the new configuration:​
 +<​code>​
 +sudo service nginx reload
 +</​code>​
 +
 +
 +== When using docker, add exposed port 888 to the container ==
 +To add an exposed port to an existing container, you'll have to take these steps:
 +
 +Find the id of your container:
 +<​code>​
 +docker ps -a
 +</​code>​
 +
 +Stop the container, by using the ID from the previous step:
 +<​code>​
 +docker stop 3fafffd62004
 +</​code>​
 +
 +Edit the config file of the container. You will need the full length container ID here.
 +When you're running the commands as root, you can use tab to autocomplete. You can also find the full container ID in portainer.
 +<​code>​
 +sudo su
 +nano /​var/​lib/​docker/​containers/​3fafffd62004fb0d6a4b9cd0d9fa8543629aff011fbaea68406f0c5d11e3c3f1
 +</​code>​
 +
 +You now have a password protected web interface running on port 888. You can forward that port on your router to be publicly available.