1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
# htmpasswd
h**tmp**asswd is a script to help create temporary users in files made with
`htpasswd`.
This script assumes your htpasswd-files are stored in `/etc/nginx/htpasswd`
(you can change this with the variable `$HTDIR`). It also needs access to
`/var/spool/htmpasswd`, where the temporary users are stored until they expore.
`htmpasswd` takes two arguments. `$1` is the name of the password-file, and `$2`
is the name of the temporary user. `$2` is optional. The script returns a
temprary username and password separated by a colon.
Example:
```
$ sudo htmlpasswd f.dnns.no
woeomu:aadscv
```
This would now be valid at https://woeomu:aadscv@f.dnns.no.
## Installation
```
$ sudo git clone https://git.dnns.no/htmpasswd.git /usr/local/src/htmpasswd
$ sudo ln -s /usr/local/src/htmpasswd/htmpasswd /etc/cron.hourly/htmpasswd-cron
$ sudo ln -s /usr/local/src/htmpasswd/htmpasswd /usr/local/sbin/
```
## Config
If you want to change the default configuration, check the script to see which variables are used, and change them in `/etc/default/htmpasswd`, which will be sourced if it exists.
## Working example
First, install the script as described above.
Then, install your preferred webserver (I use nginx), and set up a vhost to use basic auth.
My example vhost - `/etc/nginx/sites-enabled/wiki.dnns.no`:
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name wiki.dnns.no;
ssl_certificate /etc/letsencrypt/live/wiki.dnns.no/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wiki.dnns.no/privkey.pem;
# ACL
auth_basic "wiki.dnns.no";
auth_basic_user_file /etc/nginx/htpasswd/wiki;
root /var/www/wiki.dnns.no;
}
```
Then create a folder for your passwordfiles. I use `/etc/nginx/htpasswd/`. Now create your user (alternatively you could just `touch` an empty file, but in my working example I want a working permanent user).
```
$ htpasswd testuser /etc/nginx/htpasswd/wiki
New password:
Re-type new password:
Adding password for user /etc/nginx/htpasswd/wiki
```
Now I should be able to create a temporary user using `htmpasswd`.
```
root@thale ~ # htmpasswd wiki
Adding password for user rckgck
rckgck:fksd4i
```
This temporary user and password should now be valid for https://wiki.dnns.no for 24h hours (the default).
## cron
In order to automagically remove the temporary users after a set amount of
time, the script also needs to be invoked regularly by cron. When run by cron,
it takes no arguments.
For the script to recognize it's being run by cron, you either need to set the
environmental variable `$RUN_BY_CRON` to `true`, or you can name the script
`htmpasswd-cron` as the script will recognize the `-cron`-suffix.
|
