caddy: add optional authentication

ff09efe8 · Eteri · Rafael Monnerat · f0f126b2 · ff09efe8 · ff09efe8
Commit ff09efe8 authored Nov 03, 2017 by Eteri Committed by Rafael Monnerat Nov 07, 2017
4 changed files
--- a/stack/caddy/Caddyfile.in
+++ b/stack/caddy/Caddyfile.in
@@ -2,21 +2,19 @@
 {{ parameter_dict['domain'] }} {
-{% if parameter_dict['cert-content'] and parameter_dict['key-content']  -%}
 tls {{ custom_cert_dict['cert-file'] }} {{ custom_cert_dict['key-file'] }} {
  ca {{ca_custom_frontend_dict['rendered']}}
 }
-{%- endif %}
 log {{caddy_configuration_dict['access_log']}}
 root {{ directory_dict['public_html'] }}
-basicauth / admin {{htpasswd_dict}}
+{% if parameter_dict['enable-basic-auth'] == 'true'  -%}
+basicauth / {{ parameter_dict['username'] }} {{parameter_dict['password']}}
+{%- endif %}
 }
@@ -34,7 +32,9 @@ basicauth / admin {{htpasswd_dict}}
  root {{ directory_dict['public_html'] }}
-  basicauth / admin {{htpasswd_dict}}
+  {% if parameter_dict['enable-basic-auth'] == 'true'  -%}
+  basicauth / {{ parameter_dict['username'] }} {{parameter_dict['password']}}
+  {%- endif %}
 }
@@ -44,6 +44,8 @@ basicauth / admin {{htpasswd_dict}}
  root {{ directory_dict['public_html'] }}
-  basicauth / admin {{htpasswd_dict}}
+  {% if parameter_dict['enable-basic-auth'] == 'true'  -%}
+  basicauth / {{ parameter_dict['username'] }} {{parameter_dict['password']}}
+  {%- endif %}
 }
\ No newline at end of file
--- a/stack/caddy/buildout.cfg
+++ b/stack/caddy/buildout.cfg
@@ -27,7 +27,7 @@ mode = 0644
 [template-caddyfile]
 recipe = slapos.recipe.build:download
 url = ${:_profile_base_location_}/Caddyfile.in
-md5sum = 5de9738527f48bc5480eeb0ad97727a5
+md5sum = bb3b314ebeb58e9875d547a053a9f268
 filename = Caddyfile.in
 location = ${buildout:parts-directory}/${:_buildout_section_name_}
 mode = 0644
@@ -35,7 +35,7 @@ mode = 0644
 [template-caddy]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-caddy.cfg.in
-md5sum = cee290eac3f9f8dbc614ac7373f412fc
+md5sum = fe529c1911458fba92e93457c72a779a
 output = ${buildout:directory}/instance-caddy.cfg.in
 mode = 0644
@@ -49,7 +49,7 @@ mode = 0644
 [template-caddy-service]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/template-caddy-service.sh.in
-md5sum = d3562acaac05be570d28e37a0d889eec
+md5sum = 5467fac7b95acde681e613ae98ce990d
 output = ${buildout:directory}/template-caddy-service.sh.in
 mode = 0644

--- a/stack/caddy/instance-caddy.cfg.in
+++ b/stack/caddy/instance-caddy.cfg.in
@@ -114,16 +114,17 @@ mode = 0600
 [publish-connection-information]
 recipe = slapos.cookbook:publish
-#init-password = $${htpasswd:passwd}
+url-ipv6 = https://$${slap-parameter:username}:$${slap-parameter:password}@[$${caddy-configuration:ipv6}]:$${slap-parameter:port-ipv6}
-#init-user = admin
+url-ipv4 = http://$${slap-parameter:username}:$${slap-parameter:password}@[$${caddy-configuration:local_ip}]:$${slap-parameter:port-ipv4}
-url-ipv6 = https://admin:$${htpasswd:passwd}@[$${caddy-configuration:ipv6}]:$${slap-parameter:port-ipv6}
-url-ipv4 = http://admin:$${htpasswd:passwd}@[$${caddy-configuration:local_ip}]:$${slap-parameter:port-ipv4}
 [slap-parameter]
 domain =
 key-content =
 cert-content =
 caddy-ca-certificate =
-port-ipv6 = 4443
+port-ipv6 = 9443
-port-ipv4 = 9443
+port-ipv4 = 4443
-enable-quic = 
+enable-quic = true
\ No newline at end of file
+enable-basic-auth =
+username = admin
+password = $${htpasswd:passwd}
\ No newline at end of file
--- a/stack/caddy/template-caddy-service.sh.in
+++ b/stack/caddy/template-caddy-service.sh.in
@@ -2,7 +2,7 @@
 # BEWARE: This file is operated by slapgrid
 # BEWARE: It will be overwritten automatically
-{{ caddy_exec }} -conf {{caddy_configuration_dict['rendered']}} 
+{{ caddy_exec }} -conf {{caddy_configuration_dict['rendered']}}
 {%- if parameter_dict['enable-quic'] != 'false'  %}
 -quic
 {%- endif -%}