basic auth and store gems

2019-09-18 10:19:36 -03:00 · 2019-09-18 10:19:36 -03:00 · a510009ca4
parent bb87782f9b
commit a510009ca4
3 changed files with 10 additions and 4 deletions
--- a/4
+++ b/4
@ -26,8 +26,8 @@ COPY --from=daemonize /usr/sbin/daemonize /usr/sbin/daemonize
 COPY ./monit.conf /etc/monit.d/geminabox.conf
 COPY ./geminabox.sh /usr/local/bin/geminabox
 COPY --from=build /srv/http /srv/http
-RUN install -dm 2750 -o app -g www-data /srv/http/geminabox
+RUN install -dm 2750 -o app -g www-data /srv/gems
 RUN chmod 755 /usr/local/bin/geminabox

 EXPOSE 9292
-VOLUME /srv/http/geminabox
+VOLUME /srv/gems
--- a/config.ru
+++ b/config.ru
@ -1,10 +1,16 @@
 require 'geminabox'
 require 'rack/session/redis'
+require 'securerandom'

 Geminabox.data = '/srv/http'
 Geminabox.rubygems_proxy = true
 Geminabox.allow_remote_failure = true

+use Rack::Auth::Basic, 'Gems' do |username, password|
+  username == ENV.fetch('HTTP_BASIC_USER', SecureRandom.hex) &&
+  password == ENV.fetch('HTTP_BASIC_PASSWORD', SecureRandom.hex)
+end
+
 use Rack::Session::Redis, redis_server: 'redis://redis:6379/2'
 use Rack::Protection

--- a/geminabox.sh
+++ b/geminabox.sh
@ -1,7 +1,7 @@
 #!/bin/sh
 set -e

-dir=/srv/http/geminabox
+dir=/srv/gems
 pid=/tmp/geminabox.pid

 chown -R app:www-data /srv/http
@ -9,7 +9,7 @@ cd ${dir}

 for link in Gemfile Gemfile.lock .bundle config.ru vendor; do
  test -e ${link} && continue
-  ln -s ../${link} .
+  ln -s /srv/http/${link} .
 done

 rm -f ${pid}