Add basic auth to munin in docs

2020-08-03 17:57:24 +00:00 · 2020-08-03 17:57:24 +00:00 · 526b3fbc6c
parent bade2e0ea8
commit 526b3fbc6c
1 changed files with 49 additions and 0 deletions
--- a/docs/munin.md
+++ b/docs/munin.md
@ -47,7 +47,18 @@ server.modules          = (
                            "mod_redirect",
                            "mod_cgi",
                            "mod_fastcgi",
+                            "mod_auth",
+                            "mod_authn_file",
                            )
+auth.backend                = "htdigest" 
+auth.backend.htdigest.userfile = "/etc/lighttpd/munin.auth" 
+auth.require = ( "/" =>
+        (
+                "method" => "basic",
+                "realm" => "Munin",
+                "require" => "valid-user" 
+        )
+        )
 server.pid-file         = "/run/lighttpd-munin.pid"
 server.follow-symlink = "enable"
 index-file.names = ( "index.html", "index.htm" )
@ -88,6 +99,44 @@ KillSignal=SIGINT
 [Install]
 WantedBy=multi-user.target
 EOF
+cat > /root/lighttpd-auth.pl <<EOF
+#!/usr/bin/perl
+
+print "User: ";
+\$user = <>;
+chomp \$user;
+print "Realm: ";
+\$realm = <>;
+chomp \$realm;
+
+use Term::ReadKey;
+{
+  ReadMode('noecho');
+  print "Password: ";
+  \$password = ReadLine(0);
+  chomp \$password;
+  print "\\nPassword again: ";
+  \$password2 = ReadLine(0);
+  chomp \$password2;
+  ReadMode('normal');
+  print "\\n";
+
+  if(\$password ne \$password2)
+  {
+    print "Passwords don't match\\n";
+    redo;
+  }
+}
+
+print "\$user:\$realm:";
+open(MD5, "|md5sum | cut -b -32") or die;
+print MD5 "\$user:\$realm:\$password";
+close(MD5);
+EOF
+chmod a+x /root/lighttpd-auth.pl
+apt install libterm-readkey-perl
+/root/lighttpd-auth.pl
+echo "above_output" >> /etc/lighttpd/munin.auth
 systemctl daemon-reload
 systemctl enable --now lighttpd-munin
 firewall-cmd --zone=public --permanent --add-port=2813/tcp