From 0324ced42255e9c59b2e28a2ad9479d2dfe7c76b Mon Sep 17 00:00:00 2001 From: Pavel Druyan Date: Tue, 29 Oct 2019 12:04:33 +0200 Subject: [PATCH] Add user and password as env support --- Dockerfile | 2 +- README.md | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++++- launch.sh | 2 +- 3 files changed, 64 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index f06887e..3f133f9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ ENV HTPASSWD='foo:$apr1$odHl5EJN$KbxMfo86Qdve2FH4owePn.' \ WORKDIR /opt -RUN apk add --no-cache gettext +RUN apk add --no-cache gettext apache2-utils COPY auth.conf auth.htpasswd launch.sh ./ diff --git a/README.md b/README.md index 4d98fb0..ad0599e 100644 --- a/README.md +++ b/README.md @@ -20,8 +20,9 @@ Try accessing and logging in with username `foo` and password `bar`. ## Advanced ```bash docker run -d \ - -e HTPASSWD='foo:$apr1$odHl5EJN$KbxMfo86Qdve2FH4owePn.' \ -e FORWARD_PORT=1337 \ + -e BASIC_USERNAME=myuser \ + -e BASIC_PASSWORD=passw0rd123 --link web:web -p 8080:80 \ --name auth \ beevelop/nginx-basic-auth @@ -42,6 +43,66 @@ docker run -d --link web:web --name auth \ ``` results in 2 users (`foo:bar` and `test:test`). +## K8s +Create secret + +``` +apiVersion: v1 +kind: Secret +metadata: + name: prometheus-auth +type: Opaque +data: + username: bXl1c2Vy #base64 username + password: cGFzc3cwcmQxMjM= #base64 password + +``` + +Create your deployment + +``` +... + + - name: nginx + image: beevelop/nginx-basic-auth + securityContext: + runAsUser: 0 + runAsNonRoot: false + env: + - name: BASIC_USERNAME + valueFrom: + secretKeyRef: + name: auth + key: username + - name: BASIC_PASSWORD + valueFrom: + secretKeyRef: + name: auth + key: password + - name: FORWARD_PORT + value: "9090" + - name: FORWARD_HOST + value: "localhost" + ports: + - containerPort: 80 + - name: prometheus-server + image: "prom/prometheus:v2.13.1" + imagePullPolicy: "IfNotPresent" + args: + - --storage.tsdb.retention.time=120d + - --config.file=/etc/config/prometheus.yml + - --storage.tsdb.path=/data + - --web.console.libraries=/etc/prometheus/console_libraries + - --web.console.templates=/etc/prometheus/consoles + - --web.enable-lifecycle + - --web.external-url=https://host.domain.com/prometheus + - --web.route-prefix=/prometheus + ports: + - containerPort: 9090 +... + +``` + ## Troubleshooting ``` nginx: [emerg] host not found in upstream "web" in /etc/nginx/conf.d/auth.conf:80 diff --git a/launch.sh b/launch.sh index f5aba9e..15415a8 100755 --- a/launch.sh +++ b/launch.sh @@ -2,6 +2,6 @@ rm /etc/nginx/conf.d/default.conf || : envsubst < auth.conf > /etc/nginx/conf.d/auth.conf -envsubst < auth.htpasswd > /etc/nginx/auth.htpasswd +htpasswd -bc /etc/nginx/auth.htpasswd $BASIC_USERNAME $BASIC_PASSWORD nginx -g "daemon off;"