fic
/
server
2
0
Fork 0
Code Issues Pull Requests 10 Releases Wiki Activity

configs: nginx-demo config support both SSL cert + http auth

This commit is contained in:
nemunaire 2019-01-21 02:14:45 +01:00
parent 525b3d6b56
commit bf426d2ed2
2 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
configs/fic-auth-demo.conf
View File

@ -1,4 +1,19 @@
auth_basic "Restricted";
auth_basic_user_file /srv/PKI/shared/ficpasswd;
set $auth_basic "Challenge FIC";
if ($ssl_client_verify != "SUCCESS") {
set $team "$remote_user";
set $needauth "1";
}
if ($ssl_client_verify = "SUCCESS") {
set $team "_AUTH_ID_$ssl_client_serial";
set $auth_basic off;
set $needauth "0";
}
if (!-f /srv/PKI/shared/ficpasswd) {
set $needauth "${needauth}0";
}
if ($needauth = "10") {
return 401;
}
set $team "$remote_user";
auth_basic $auth_basic;
auth_basic_user_file /srv/PKI/shared/ficpasswd;

4
configs/nginx-demo.conf
View File

@ -17,6 +17,10 @@ server {
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
ssl_client_certificate /srv/PKI/shared/ca.pem;
ssl_trusted_certificate /srv/PKI/shared/ca.pem;
ssl_verify_client optional;
root /srv/htdocs-frontend/;
error_page 401 /welcome.html;