How do you Block Access via the IP Address? #7519
-
|
I have code-server deployed via Docker and have Authelia to authenticate users. All of this is internal to my network and not exposed to the internet. I want Authelia to only authenticate users and remove the code-server $PASSWORD. The problem is, access is still achieved without authentication by navigating to "http://IP:8443/login". I'd like to block access when navigating to "http://IP:8443/login" and force the use of https://code.example.com. Is there any way to do this? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 5 replies
-
|
If you make Docker expose the port on localhost only, that should work. Something like Alternatively, you could block 8443 at the firewall level. |
Beta Was this translation helpful? Give feedback.
-
|
Ahhh I see. Nope, nothing like that in code-server, it would need to be blocked externally. |
Beta Was this translation helpful? Give feedback.
-
|
I found this login with args page from #1285 that may work. My workflow/thought process:
|
Beta Was this translation helpful? Give feedback.
-
|
Oh yeah that is an interesting solution. It might be easier to set the password via a cookie. So you would set |
Beta Was this translation helpful? Give feedback.
-
|
Thank you @code-asher, I was able to figure this out. This setup will require all requests going thru Code Server's IP to enter the I protect my reverse proxy via Authelia, so my app is still protected. Instructions
|
Beta Was this translation helpful? Give feedback.
Thank you @code-asher, I was able to figure this out.
This setup will require all requests going thru Code Server's IP to enter the
passwordbut when going thru the reverse proxy (NGINX via SWAG in my case) to be authenticated automagically using thecode-server-sessioncookie.I protect my reverse proxy via Authelia, so my app is still protected.
Instructions
HASHED_PASSWORDfor Code Serverhashin NGINX