@porosys/pss
Version:
Porosys Server Setup (pss): General-purpose server setup and automation tool (including Netdata management)
79 lines (71 loc) ā¢ 2.13 kB
text/typescript
import chalk from 'chalk';
import { execa } from 'execa';
export const setupApacheAuth = async ({
port,
serverName,
username,
password,
}: {
port: string;
serverName: string;
username: string;
password: string;
}) => {
console.log(
chalk.blue('\nš Securing Netdata Web UI using Apache2 + Basic Auth'),
);
try {
console.log(chalk.blue('\nš¦ Installing Apache2 and required modules...'));
await execa('sudo', ['apt', 'install', '-y', 'apache2', 'apache2-utils']);
await execa('sudo', ['a2enmod', 'proxy', 'proxy_http', 'auth_basic']);
await execa('sudo', ['systemctl', 'restart', 'apache2']);
} catch (err) {
console.error(
chalk.red('ā Failed to install or configure Apache2 modules'),
err,
);
return;
}
try {
console.log(chalk.blue('\nš Creating htpasswd for Apache Basic Auth...'));
await execa('sudo', [
'htpasswd',
'-bc',
'/etc/apache2/.htpasswd',
username,
password,
]);
console.log(chalk.green('ā
Created /etc/apache2/.htpasswd'));
} catch (err) {
console.error(chalk.red('ā Failed to create htpasswd'), err);
return;
}
const apacheConf = `
<VirtualHost *:80>
ServerName ${serverName}
ProxyPreserveHost On
ProxyPass / http://localhost:${port}/
ProxyPassReverse / http://localhost:${port}/
<Location />
AuthType Basic
AuthName "Restricted Access"
AuthUserFile /etc/apache2/.htpasswd
Require valid-user
</Location>
</VirtualHost>
`;
try {
console.log(chalk.blue('\nš Configuring Apache site...'));
await execa('sudo', [
'bash',
'-c',
`echo '${apacheConf}' > /etc/apache2/sites-available/netdata.conf`,
]);
await execa('sudo', ['a2ensite', 'netdata']);
await execa('sudo', ['systemctl', 'reload', 'apache2']);
console.log(chalk.green('ā
Apache reverse proxy configured and secured.'));
console.log(chalk.cyan(`š Visit http://${serverName} to access Netdata.`));
} catch (err) {
console.error(chalk.red('ā Failed to configure Apache site'), err);
}
};