motiejus/config
1
Fork 0
Code Packages Releases Activity

frigate: basic auth only from non-localhost

Browse Source
This commit is contained in:
Motiejus Jakštys
2025-01-26 22:57:29 +02:00
parent ffbb150434
commit d0bb3554db
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
hosts/fwminex/configuration.nix
View File

@@ -356,7 +356,14 @@ in
defaultSSLListenPort = 8443; defaultSSLListenPort = 8443;
recommendedTlsSettings = true; recommendedTlsSettings = true;
virtualHosts."r1.jakstys.lt" = { virtualHosts."r1.jakstys.lt" = {
basicAuthFile = config.age.secrets.r1-htpasswd.path; extraConfig = ''
satisfy any;
allow 127.0.0.1;
allow ::1;
deny all;
auth_basic secured;
auth_basic_user_file ${config.age.secrets.r1-htpasswd.path};
'';
addSSL = true; addSSL = true;
sslCertificate = "/run/credentials/nginx.service/r1.jakstys.lt-cert.pem"; sslCertificate = "/run/credentials/nginx.service/r1.jakstys.lt-cert.pem";