================================================
Protect your web server with HTTP authentication
================================================

.. include:: ../projects-header.rst

Go to Project 7 from the git repository root:

.. code:: bash

  cd projects/p07

Project structure:

.. code:: text

  .
  ├── nginxproxy
  │   └── docker-compose.yml
  └── web
      ├── .env
      ├── docker-compose.yml
      └── www
          └── index.html

The first step is the same as it was in :doc:`p06`. Let's go to :code:`nginxproxy`

.. code-block:: bash

  cd nginxproxy

The compose file is:

.. literalinclude:: ../../projects/p07/nginxproxy/docker-compose.yml
  :language: yaml

Start the proxy server:

.. code:: bash

  docker compose up -d

Go to the web folder:

.. code:: bash

  cd ../web

The compose file is

.. literalinclude:: ../../projects/p07/web/docker-compose.yml
  :language: yaml

In this case we have a simple html file

.. literalinclude:: ../../projects/p07/web/www/index.html
  :language: yaml

You can simply start a web server protected by HTTP authentication. The name and the password will come from environment variables.
I recommend you to use a more secure way in production. Create the .htpasswd file manually and mount it inside the container.

The htpasswd container will create .htpasswd automatically and exit.

In the ".env" file you can find two variables.

.. literalinclude:: ../../projects/p07/web/.env

The variables will be used in "docker-compose.yml"
by the "htpasswd" service to generate the password file and then the "httpd" service will read it from the common volume.


The "fixperm" service runs and exits similarly to "htpasswd". It sets the permission of the files after the web server starts.

Use the "depends_on" option to control which service starts first.

At this point you need to have the NIP variable set as the :doc:`../../index` refers to it.

Alternative option: set the NIP variable in the ".env" file.

Start the web server

.. code:: bash

  docker compose up -d

In case are working the in cloned repository of this tutorial, you can also run the below command to set the variable

.. code:: bash

  NIP=$(../../../system/usr/local/bin/nip.sh) docker compose up -d

Open the web page in your browser (Ex.: p07.192.168.1.6.nip.io). You will get a password prompt.

Clean the project:

.. code:: bash

  docker compose down --volumes
  cd ../nginxproxy
  docker compose down --volumes