Enable basic auth sitewide and disabling it for subpages?
I have a relatively straight forward config:
upstream appserver-1 {
server unix:/var/www/example.com/app/tmp/gunicorn.sock fail_timeout=0;
}
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://appserver-1;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
auth_basic "Restricted";
auth_basic_user_file /path/to/htpasswd;
}
location /api/ {
auth_basic off;
}
}
The goal is to use basic auth on the whole website, except on the /api/ subtree. While it does work with respect to basic auth, other directives like proxy_pass are not in effect on /api/ as well.
Is it possible to just disable basic auth while retaining the other directives without copy&pasting everything?
Solution 1:
How about two files?
includes/proxy.conf would be:
proxy_pass http://appserver-1;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
And your current conf file:
upstream appserver-1 {
server unix:/var/www/example.com/app/tmp/gunicorn.sock fail_timeout=0;
}
server {
listen 80;
server_name example.com;
location / {
auth_basic "Restricted";
auth_basic_user_file /path/to/htpasswd;
include includes/proxy.conf;
}
location /api/ {
auth_basic off;
include includes/proxy.conf;
}
}
Solution 2:
Config file
In Nginx 1.4.4 you need quotes around off for the auth_basic setting.
location / {
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/passwd;
include /etc/nginx/uwsgi_params;
uwsgi_pass unix:/tmp/app.sock;
}
location /api {
auth_basic "off";
include /etc/nginx/uwsgi_params;
uwsgi_pass unix:/tmp/app.sock;
}
Creating your htpasswd/passwd file
Install apache2-utils, there is a nice helper app that creates the htpasswd file for you very quickly. http://httpd.apache.org/docs/2.2/programs/htpasswd.html
htpasswd -c -m <filename> <username>