diff --git a/Dockerfile b/Dockerfile index 884281c..9544e51 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,19 +7,21 @@ RUN npm run-script build # Stage 2 - the production environment FROM nginx:alpine -LABEL name "redoc" -LABEL maintainer "volbrene" +LABEL name="redoc" +LABEL maintainer="volbrene" ENV URLS="[{url: 'https://petstore.swagger.io/v2/swagger.json', name: 'Petshop'},{url: 'https://api.apis.guru/v2/specs/instagram.com/1.0.0/swagger.yaml', name: 'Instagram'}]" ENV BASE_NAME="" ENV THEME_COLOR="#32329f" ENV PAGE_TITLE="Redoc" +RUN apk update && apk add openssl + WORKDIR /var/www/html COPY --from=react-build /app/build /var/www/html COPY ./docker/run.sh / -COPY ./docker/default.conf /etc/nginx/conf.d +COPY ./docker/default /etc/nginx/conf.d RUN chmod +x /run.sh RUN chmod +x /etc/nginx/conf.d/default.conf diff --git a/README.md b/README.md index c1a9ab5..77d3c55 100644 --- a/README.md +++ b/README.md @@ -37,11 +37,13 @@ That's it. This image uses environment variables for configuration. | Available variables | Default value | Description | -| ------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------ | +| ------------------- |-------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------| | `URLS` | [{url: 'https://petstore.swagger.io/v2/swagger.json', name: 'Petshop'},{url: 'https://petstore.swagger.io/v2/swagger.json', name: 'Petshop 2'}] | List of api swagger docs | | `THEME_COLOR` | #32329f | Primary Color | | `PAGE_TITLE` | Redoc | Page Title of docs | | `BASE_NAME` | '' -> (no prefix) | `basename` prop for the top-level [BrowserRouter](https://reactrouter.com/web/api/BrowserRouter) | +| `BASIC_AUTH_USER` | not support | Basic authentication username | +| `BASIC_AUTH_PWD` | not support | Basic authentication password | ## You prefer Swagger UI? diff --git a/docker/default.conf b/docker/default/default.conf similarity index 100% rename from docker/default.conf rename to docker/default/default.conf diff --git a/docker/default/default_auth.conf b/docker/default/default_auth.conf new file mode 100644 index 0000000..18c441d --- /dev/null +++ b/docker/default/default_auth.conf @@ -0,0 +1,24 @@ +server { + listen 80; + server_name localhost; + + location / { + auth_basic "Please enter your username and password"; + auth_basic_user_file /home/htpasswd; + root /var/www/html; + index index.html index.htm; + try_files $uri /index.html; + } + #forbidden Scrapy + if ($http_user_agent ~* (Scrapy|Curl|HttpClient)) { + return 403; + } + #forbidden UA + if ($http_user_agent ~* (baiduspider|360spider|haosouspider|googlebot|soso|bing|sogou|yahoo|sohu-search|yodao|YoudaoBot|robozilla|msnbot|MJ12bot|NHN|Twiceler)) { + return 403; + } + #forbidden not GET|HEAD|POST method access + if ($request_method !~ ^(GET|HEAD|POST)$) { + return 403; + } +} \ No newline at end of file diff --git a/docker/run.sh b/docker/run.sh index 6db8481..8ced129 100644 --- a/docker/run.sh +++ b/docker/run.sh @@ -23,5 +23,13 @@ echo "}" >> /var/www/html/config.js sed -i -e "s@%PAGE_TITLE%@$PAGE_TITLE@g" /var/www/html/index.html +if [ -n "${BASIC_AUTH_USER}" ] && [ -n "${BASIC_AUTH_PWD}" ]; then + # create htpasswd by openssl + printf "$BASIC_AUTH_USER:$(openssl passwd -crypt $BASIC_AUTH_PWD)\n" >>/home/htpasswd + # change nginx config file + cd /etc/nginx/conf.d + mv default_auth.conf default.conf +fi + # start nginx nginx -g "daemon off;"