Skip to content

Instantly share code, notes, and snippets.

@JanKoppe

JanKoppe/README.md

Last active December 4, 2020 03:58
Show Gist options
  • Star 6 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save JanKoppe/292d193d60d2fd3f05fde4d27652d46f to your computer and use it in GitHub Desktop.
Save JanKoppe/292d193d60d2fd3f05fde4d27652d46f to your computer and use it in GitHub Desktop.
Download ZIP
nginx basic auth with different users for read/write
Raw
README.md

This nginx configuration allows to restrict access via different methods to separate users.

This is very useful for private docker registries, where you want every member of your team to be able to fetch Docker images, but only some users (admins and CI users) to push new images to the registry.

Example:

  • User write can use GET, POST, PUT, DELETE and everything else.
  • User read can only use GET and HEAD.
  • Anonymous users are denied access entirely.
Raw
htpasswd_read
read:$apr1$p3D7wa0B$BQBRV4BU59LZ.hRT20UQz/
write:$apr1$p3D7wa0B$BQBRV4BU59LZ.hRT20UQz/
Raw
htpasswd_write
write:$apr1$p3D7wa0B$BQBRV4BU59LZ.hRT20UQz/
Raw
nginx.conf
location / {
auth_basic "read";
auth_basic_user_file /etc/nginx/htpasswd_read;
limit_except GET {
auth_basic "write";
auth_basic_user_file /etc/nginx/htpasswd_write;
}
proxy_pass http://httpbin.org;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment