@porosys/pss
Version:
Porosys Server Setup (pss): General-purpose server setup and automation tool (including Netdata management)
62 lines (59 loc) ā¢ 2.17 kB
JavaScript
import chalk from 'chalk';
import { execa } from 'execa';
export const setupApacheAuth = async ({ port, serverName, username, password, }) => {
console.log(chalk.blue('\nš Securing Netdata Web UI using Apache2 + Basic Auth'));
try {
console.log(chalk.blue('\nš¦ Installing Apache2 and required modules...'));
await execa('sudo', ['apt', 'install', '-y', 'apache2', 'apache2-utils']);
await execa('sudo', ['a2enmod', 'proxy', 'proxy_http', 'auth_basic']);
await execa('sudo', ['systemctl', 'restart', 'apache2']);
}
catch (err) {
console.error(chalk.red('ā Failed to install or configure Apache2 modules'), err);
return;
}
try {
console.log(chalk.blue('\nš Creating htpasswd for Apache Basic Auth...'));
await execa('sudo', [
'htpasswd',
'-bc',
'/etc/apache2/.htpasswd',
username,
password,
]);
console.log(chalk.green('ā
Created /etc/apache2/.htpasswd'));
}
catch (err) {
console.error(chalk.red('ā Failed to create htpasswd'), err);
return;
}
const apacheConf = `
<VirtualHost *:80>
ServerName ${serverName}
ProxyPreserveHost On
ProxyPass / http://localhost:${port}/
ProxyPassReverse / http://localhost:${port}/
<Location />
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Location>
</VirtualHost>
`;
try {
console.log(chalk.blue('\nš Configuring Apache site...'));
await execa('sudo', [
'bash',
'-c',
`echo '${apacheConf}' > /etc/apache2/sites-available/netdata.conf`,
]);
await execa('sudo', ['a2ensite', 'netdata']);
await execa('sudo', ['systemctl', 'reload', 'apache2']);
console.log(chalk.green('ā
Apache reverse proxy configured and secured.'));
console.log(chalk.cyan(`š Visit http://${serverName} to access Netdata.`));
}
catch (err) {
console.error(chalk.red('ā Failed to configure Apache site'), err);
}
};