Hits: 43

使用 docker htpasswd 生成密码

自己制作镜像

wget https://dl-cdn.alpinelinux.org/alpine/v3.13/releases/x86_64/alpine-minirootfs-3.13.1-x86_64.tar.gz

创建 Dockerfile 文件

1
2
3
4
5
FROM scratch
MAINTAINER ax2009live@gmail.com
ADD alpine-minirootfs-3.13.1-x86_64.tar.gz /
RUN apk add --update apache2-utils && rm -rf /var/cache/apk/*
ENTRYPOINT ["htpasswd", "-Bbn"]

创建镜像:docker build -t ax2009live/htpasswd:1.0 .

生成密码

To generate a password file: 生成密码文件

docker run \
	-it --rm \
	ax2009live/htpasswd:1.0 \
	user password > /root/nginx/16565/htpasswd

This will use bcrypt encryption. 密码是加密的,user -用户 password – 密码

Nginx设置

https://blog.csdn.net/dream8062/article/details/78416234        nginx配置访问密码,让用户输入用户名密码才能访问

mkdir /root/nginx/16565
vi /root/nginx/16565/default.conf

server
        {
                listen 443 ssl http2;
                ssl on;
                ssl_certificate /etc/nginx/certs/fullchain.pem;
                ssl_certificate_key /etc/nginx/certs/key.pem;
                ssl_session_cache shared:SSL:10m;
                ssl_session_timeout  10m;
                server_name google.domain.com;
                add_header Strict-Transport-Security "max-age=31536000";
                auth_basic "Please input password"; #这里是验证时的提示信息
                auth_basic_user_file /etc/nginx/conf.d/htpasswd; 

                if ($http_user_agent ~* (baiduspider|360spider|haosouspider|googlebot|soso|bing|sogou|yahoo|sohu-search|yodao|YoudaoBot|robozilla|msnbot|MJ12bot|NHN|Twiceler)) {
                return  403;
                }

                location / {
                sub_filter www.google.com.hk google.domain.com;
                sub_filter_once off;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Referer https://www.google.com.hk;
                proxy_set_header Host www.google.com.hk;
                proxy_pass https://www.google.com.hk;
                proxy_set_header Accept-Encoding "";
                }
}

docker run  -d \
        --restart=always \
        --name google-proxy \
        -p 16565:443 \
        -v /root/nginx/certs:/etc/nginx/certs \
        -v /root/nginx/16565:/etc/nginx/conf.d \
        nginx:1.18.0-alpine

https://google.domain.com:16565,