diff options
author | Jesse Luehrs <doy@tozt.net> | 2018-10-28 21:39:42 -0400 |
---|---|---|
committer | Jesse Luehrs <doy@tozt.net> | 2018-10-28 21:39:42 -0400 |
commit | 78eb9b22b5fa2cf4d4df9f67cf5e9ad08208274b (patch) | |
tree | 56a1f39445666b746e1d41f29329632a2a0e3079 /tozt | |
parent | 119342c31d2335b50a7046d09baddd961e7c870a (diff) | |
download | puppet-tozt-78eb9b22b5fa2cf4d4df9f67cf5e9ad08208274b.tar.gz puppet-tozt-78eb9b22b5fa2cf4d4df9f67cf5e9ad08208274b.zip |
put ttrss behind http basic auth
not sure i entirely trust a non-trivial php app being publicly
accessible
Diffstat (limited to 'tozt')
-rw-r--r-- | tozt/tozt/files/nginx/ttrss-tls.conf | 4 | ||||
-rw-r--r-- | tozt/tozt/manifests/ttrss.pp | 5 |
2 files changed, 9 insertions, 0 deletions
diff --git a/tozt/tozt/files/nginx/ttrss-tls.conf b/tozt/tozt/files/nginx/ttrss-tls.conf index b642cf7..10e4f3c 100644 --- a/tozt/tozt/files/nginx/ttrss-tls.conf +++ b/tozt/tozt/files/nginx/ttrss-tls.conf @@ -11,6 +11,8 @@ server { location / { index index.php; + auth_basic "ttrss"; + auth_basic_user_file "/media/persistent/ttrss.htpasswd"; } location ~ \.php$ { @@ -19,6 +21,8 @@ server { fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; + auth_basic "ttrss"; + auth_basic_user_file "/media/persistent/ttrss.htpasswd"; } } # vim:ft=nginx diff --git a/tozt/tozt/manifests/ttrss.pp b/tozt/tozt/manifests/ttrss.pp index 06d024d..f2df995 100644 --- a/tozt/tozt/manifests/ttrss.pp +++ b/tozt/tozt/manifests/ttrss.pp @@ -7,6 +7,11 @@ class tozt::ttrss { require => Class["tozt::persistent"]; } + secret { "/media/persistent/ttrss.htpasswd": + source => "ttrss", + require => Class["tozt::persistent"]; + } + nginx::site { "ttrss-tls": source => 'puppet:///modules/tozt/nginx/ttrss-tls.conf', |