matt-oakes / dokku-secure-apps Goto Github PK

View Code? Open in Web Editor NEW

50.0 3.0 7.0 23 KB

A plugin for Dokku which secures an individual app with HTTP Basic authentication

License: MIT License

Shell 91.95% Makefile 8.05%

dokku-secure-apps's Introduction

Dokku Secure App Plugin

This is a plugin for Dokku which secures an individual app with HTTP Basic authentication.

installation

# on 0.3.x
cd /var/lib/dokku/plugins
git clone https://github.com/matto1990/dokku-secure-apps.git secure-apps
dokku plugins-install

# on 0.4.x
dokku plugin:install https://github.com/matto1990/dokku-secure-apps.git secure-apps

commands

$ dokku help
    secure:disable <app>                            remove security for this app
    secure:enable <app>                             enable security for this app
    secure:delete <app>                             delete htpasswd file for this app
    secure:set <app> username password              add user to this app or update their password
    secure:unset <app> username                     remove user from this app
    secure:list <app>                               list users for this app

Unit Tests

This plugins test were inspired by the tests in https://github.com/neam/dokku-custom-domains. It uses assert.sh 1.0 - bash unit testing framework.

To run the tests:

make test

TODO

Globally secure all apps (with opt-out for specific apps)

dokku-secure-apps's People

Contributors

Stargazers

Watchers

Forkers

matsrietdijk 3onyc rcarmo lukasklein josegonzalez chikamichi polettix

dokku-secure-apps's Issues

Not working?

Should this plugin still be working? Is it still being maintained? I'm working on a project that I'd love to have basic authentication for and I'm using Dokku, so this plugin would definitely be a welcome addition to my workflow!

secure:enable ask me a sudo password

Hi man !
I tried your plugin, so after setting an user for my app, I try to enable it

dokku secure:enable my_app

[sudo] password for dokku:

But I don't have a dokku user in my system, what hapen ? I'm bit confuse..
Thank's !

htpasswd dependency

This plugin requires htpasswd, but currently it doesn't do anything about ensuring that htpasswd is available - i.e no checks, no automated installs, no bundled htpasswd implementation, etc.

I guess that at least a check and a solid error message (with a pointers on how to install htpasswd) would be nicer than

/var/lib/dokku/plugins/secure-apps/commands: line 43: htpasswd: command not found

it outputs right now.

Fix commands not being processed consistently

Hi,

I noticed running dokku secure-apps:help doesn't work, and actually there seems to be two issues:

the plugin itself is named secure-apps, but the commands are secure:*
the secure:help is not reachable due to the way commands is implemented (initial check for args)

I'd propose fixing those issues by:

supporting the secure-apps:* namespace along the legacy secure:* one, maybe displaying a notice that using the latter is prefered
rework :help, taking inspiration from, let's say, https://github.com/dokku/dokku-letsencrypt/blob/master/commands

optionally pull username and password from procfile (or some other file)?

thoughts on this?

Make password settable through secure input

As I see, the only way to set the password is by passing it directly through the command line as argument. This is often seen as security flaw, since your password will be written into a Logfile.

You might consider changing this.