github-starred/awesome-compose
2
0
Fork 0
mirror of https://github.com/docker/awesome-compose.git synced 2026-03-09 06:52:08 -05:00
Code Issues 627 Packages Projects Releases Wiki Activity

[PR #388] nginx reverse proxy with authorization to pypiserver #418

New Issue
Open
opened 2025-11-06 14:25:48 -06:00 by GiteaMirror · 0 comments
GiteaMirror commented 2025-11-06 14:25:48 -06:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/docker/awesome-compose/pull/388
Author: @ghinks
Created: 9/9/2023
Status: 🔄 Open

Base: masterHead: feat/nginx-authed-rev-proxy

📝 Commits (6)

  • 1054c07 feat: nginx auth per route
  • 7a0edbd feat: nginx auth per route
  • 62daaea feat: nginx auth per route
  • 8df4fac feat: nginx auth per route
  • 4d5cfcd feat: nginx auth per route
  • 88491ea feat: nginx auth per route

📊 Changes

8 files changed (+162 additions, -0 deletions)

View changed files

📝 README.md (+1 -0)
nginx-auth-rev-proxy-pypiserver/README.md (+101 -0)
nginx-auth-rev-proxy-pypiserver/docker-compose.yml (+27 -0)
nginx-auth-rev-proxy-pypiserver/images/login-prompt.png (+0 -0)
nginx-auth-rev-proxy-pypiserver/images/twine-upload.png (+0 -0)
nginx-auth-rev-proxy-pypiserver/images/welcome-to-pypiserver.png (+0 -0)
nginx-auth-rev-proxy-pypiserver/nginx-basic-auth.conf (+32 -0)
nginx-auth-rev-proxy-pypiserver/packages/packages.md (+1 -0)

📄 Description

Nginx is capable of providing a reverse proxy with basic authentication for a service. This is a simple example of how
to do that. The upload route is protected with a different password to the base route. The intent of this is to
allow the upload route to be protected with a more restricted set of users than the base route. The nginx configuration
is set to delay the response to a failed authentication for 5 seconds. This is to slow down brute force attacks. The upload
route is redirected internally to the pypiserver service and is only for POST methods. In this way we have added the
admin password to a route that is for uploads based on the POST verb.

Developer Certificate of Origin
Version 1.1

Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
660 York Street, Suite 102,
San Francisco, CA 94110 USA

Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.

Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or

(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or

(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.

(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.

signed-off-by: Glenn Hinksghinks@yahoo.com

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/docker/awesome-compose/pull/388 **Author:** [@ghinks](https://github.com/ghinks) **Created:** 9/9/2023 **Status:** 🔄 Open **Base:** `master` ← **Head:** `feat/nginx-authed-rev-proxy` --- ### 📝 Commits (6) - [`1054c07`](https://github.com/docker/awesome-compose/commit/1054c075f00b8ca34599464481def2d970a12e89) feat: nginx auth per route - [`7a0edbd`](https://github.com/docker/awesome-compose/commit/7a0edbd4f98401e0b7315d474de94c82c803a53f) feat: nginx auth per route - [`62daaea`](https://github.com/docker/awesome-compose/commit/62daaead04823af489746854f5f1d6dbbffdc6e3) feat: nginx auth per route - [`8df4fac`](https://github.com/docker/awesome-compose/commit/8df4face7c1d925fc55524168ebee4e42e448c33) feat: nginx auth per route - [`4d5cfcd`](https://github.com/docker/awesome-compose/commit/4d5cfcd84b4fcde94e51ef78fec220544864455c) feat: nginx auth per route - [`88491ea`](https://github.com/docker/awesome-compose/commit/88491ea1eb818df1c0d045d6e7403b1c939e7cec) feat: nginx auth per route ### 📊 Changes **8 files changed** (+162 additions, -0 deletions) <details> <summary>View changed files</summary> 📝 `README.md` (+1 -0) ➕ `nginx-auth-rev-proxy-pypiserver/README.md` (+101 -0) ➕ `nginx-auth-rev-proxy-pypiserver/docker-compose.yml` (+27 -0) ➕ `nginx-auth-rev-proxy-pypiserver/images/login-prompt.png` (+0 -0) ➕ `nginx-auth-rev-proxy-pypiserver/images/twine-upload.png` (+0 -0) ➕ `nginx-auth-rev-proxy-pypiserver/images/welcome-to-pypiserver.png` (+0 -0) ➕ `nginx-auth-rev-proxy-pypiserver/nginx-basic-auth.conf` (+32 -0) ➕ `nginx-auth-rev-proxy-pypiserver/packages/packages.md` (+1 -0) </details> ### 📄 Description Nginx is capable of providing a reverse proxy with basic authentication for a service. This is a simple example of how to do that. The upload route is protected with a different password to the base route. The intent of this is to allow the upload route to be protected with a more restricted set of users than the base route. The nginx configuration is set to delay the response to a failed authentication for 5 seconds. This is to slow down brute force attacks. The upload route is redirected internally to the pypiserver service and is only for POST methods. In this way we have added the admin password to a route that is for uploads based on the POST verb. Developer Certificate of Origin Version 1.1 Copyright (C) 2004, 2006 The Linux Foundation and its contributors. 660 York Street, Suite 102, San Francisco, CA 94110 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Developer's Certificate of Origin 1.1 By making a contribution to this project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or (b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or (c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it. (d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. signed-off-by: Glenn Hinks<ghinks@yahoo.com> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2025-11-06 14:25:48 -06:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
good first issue
proposal
pull-request
Mirrored from GitHub Pull Request
 question
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/awesome-compose#418
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?