diff options
| author | Dennis Eriksen <d@ennis.no> | 2021-03-31 14:42:31 +0200 |
|---|---|---|
| committer | Dennis Eriksen <d@ennis.no> | 2021-03-31 14:42:31 +0200 |
| commit | 8c39c89f83e03a74853bf613923dffe9382d94c3 (patch) | |
| tree | f9551ed5d30138a8f0918a9e770be5ac13718bfc | |
| parent | add configfile (diff) | |
| download | htmpasswd-master.tar.gz | |
| -rw-r--r-- | README.md | 57 |
1 files changed, 52 insertions, 5 deletions
@@ -9,20 +9,67 @@ This script assumes your htpasswd-files are stored in `/etc/nginx/htpasswd` `htmpasswd` takes two arguments. `$1` is the name of the password-file, and `$2` is the name of the temporary user. `$2` is optional. The script returns a -temprary username and password separated by aa colon. +temprary username and password separated by a colon. -Exaample: +Example: ``` $ sudo htmlpasswd f.dnns.no woeomu:aadscv ``` This would now be valid at https://woeomu:aadscv@f.dnns.no. +## Installation +``` +$ sudo git clone https://git.dnns.no/htmpasswd.git /usr/local/src/htmpasswd +$ sudo ln -s /usr/local/src/htmpasswd/htmpasswd /etc/cron.hourly/htmpasswd-cron +$ sudo ln -s /usr/local/src/htmpasswd/htmpasswd /usr/local/sbin/ +``` + +## Config +If you want to change the default configuration, check the script to see which variables are used, and change them in `/etc/default/htmpasswd`, which will be sourced if it exists. + +## Working example +First, install the script as described above. + +Then, install your preferred webserver (I use nginx), and set up a vhost to use basic auth. +My example vhost - `/etc/nginx/sites-enabled/wiki.dnns.no`: +``` +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name wiki.dnns.no; + + ssl_certificate /etc/letsencrypt/live/wiki.dnns.no/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/wiki.dnns.no/privkey.pem; + + # ACL + auth_basic "wiki.dnns.no"; + auth_basic_user_file /etc/nginx/htpasswd/wiki; + + root /var/www/wiki.dnns.no; +} +``` +Then create a folder for your passwordfiles. I use `/etc/nginx/htpasswd/`. Now create your user (alternatively you could just `touch` an empty file, but in my working example I want a working permanent user). +``` +$ htpasswd testuser /etc/nginx/htpasswd/wiki +New password: +Re-type new password: +Adding password for user /etc/nginx/htpasswd/wiki +``` +Now I should be able to create a temporary user using `htmpasswd`. +``` +root@thale ~ # htmpasswd wiki +Adding password for user rckgck +rckgck:fksd4i +``` +This temporary user and password should now be valid for https://wiki.dnns.no for 24h hours (the default). + ## cron -In order to automagically remove the temporary users after a set aamount of +In order to automagically remove the temporary users after a set amount of time, the script also needs to be invoked regularly by cron. When run by cron, -it taakes no arguments. +it takes no arguments. For the script to recognize it's being run by cron, you either need to set the environmental variable `$RUN_BY_CRON` to `true`, or you can name the script -`htmpasswd-cron` (the script will recognize the `-cron`-suffix). +`htmpasswd-cron` as the script will recognize the `-cron`-suffix. + |