From a510009ca4ac437e9666afffda784f30c33e3ef0 Mon Sep 17 00:00:00 2001
From: f <f@sutty.nl>
Date: Wed, 18 Sep 2019 10:19:36 -0300
Subject: [PATCH] basic auth and store gems

---
 Dockerfile   | 4 ++--
 config.ru    | 6 ++++++
 geminabox.sh | 4 ++--
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index cf4b84c..35d3850 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -26,8 +26,8 @@ COPY --from=daemonize /usr/sbin/daemonize /usr/sbin/daemonize
 COPY ./monit.conf /etc/monit.d/geminabox.conf
 COPY ./geminabox.sh /usr/local/bin/geminabox
 COPY --from=build /srv/http /srv/http
-RUN install -dm 2750 -o app -g www-data /srv/http/geminabox
+RUN install -dm 2750 -o app -g www-data /srv/gems
 RUN chmod 755 /usr/local/bin/geminabox
 
 EXPOSE 9292
-VOLUME /srv/http/geminabox
+VOLUME /srv/gems
diff --git a/config.ru b/config.ru
index 4173e31..8d3f596 100644
--- a/config.ru
+++ b/config.ru
@@ -1,10 +1,16 @@
 require 'geminabox'
 require 'rack/session/redis'
+require 'securerandom'
 
 Geminabox.data = '/srv/http'
 Geminabox.rubygems_proxy = true
 Geminabox.allow_remote_failure = true
 
+use Rack::Auth::Basic, 'Gems' do |username, password|
+  username == ENV.fetch('HTTP_BASIC_USER', SecureRandom.hex) &&
+  password == ENV.fetch('HTTP_BASIC_PASSWORD', SecureRandom.hex)
+end
+
 use Rack::Session::Redis, redis_server: 'redis://redis:6379/2'
 use Rack::Protection
 
diff --git a/geminabox.sh b/geminabox.sh
index 5807572..fa40613 100644
--- a/geminabox.sh
+++ b/geminabox.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 set -e
 
-dir=/srv/http/geminabox
+dir=/srv/gems
 pid=/tmp/geminabox.pid
 
 chown -R app:www-data /srv/http
@@ -9,7 +9,7 @@ cd ${dir}
 
 for link in Gemfile Gemfile.lock .bundle config.ru vendor; do
   test -e ${link} && continue
-  ln -s ../${link} .
+  ln -s /srv/http/${link} .
 done
 
 rm -f ${pid}