Simple Docker image to provide basic authentication for a single other container.
docker run -d --name web dockercloud/hello-world
docker run -d -p 80:80 --link web:web --name auth beevelop/nginx-basic-authTry accessing and logging in with username foo and password bar.
docker run -d \
-e HTPASSWD='foo:$apr1$odHl5EJN$KbxMfo86Qdve2FH4owePn.' \
-e FORWARD_PORT=1337 \
--link web:web -p 8080:80 \
--name auth \
beevelop/nginx-basic-authUse single quotes to prevent unwanted interpretation of
$signs!
HTPASSWD(default:foo:$apr1$odHl5EJN$KbxMfo86Qdve2FH4owePn.): Will be written to the .htpasswd file on launch (non-persistent)FORWARD_PORT(default:80): Port of the source container that should be forwardedFORWARD_HOST(default:web): Hostname of the source container that should be forwardedThe container does not need any volumes to be mounted! Nonetheless you will find all interesting files at
/etc/nginx/*.
Multiple Users are possible by separating the users by newline. To pass the newlines properly you need to use Shell Quoting (like $'foo\nbar'):
docker run -d --link web:web --name auth \
-e HTPASSWD=$'foo:$apr1$odHl5EJN$KbxMfo86Qdve2FH4owePn.\ntest:$apr1$LKkW8P4Y$P1X/r2YyaexhVL1LzZAQm.' \
beevelop/nginx-basic-auth
results in 2 users (foo:bar and test:test).
nginx: [emerg] host not found in upstream "web" in /etc/nginx/conf.d/auth.conf:80
- You need to link the container as
web(--link foobar:web)
- SSL is unsupported ATM, but might be available in the near future. For now it might be a suitable solution to use another reverse proxy (e.g.
jwilder/nginx-proxy) that acts as a central gateway. You just need to configure theVIRTUAL_HOSTenv and disable port forwarding.