diff --git a/contrib/nginx/.gitignore b/contrib/nginx/.gitignore new file mode 100644 index 00000000..985f8a2b --- /dev/null +++ b/contrib/nginx/.gitignore @@ -0,0 +1 @@ +openfaas.htpasswd diff --git a/contrib/nginx/README.md b/contrib/nginx/README.md index 6671d174..da8763c7 100644 --- a/contrib/nginx/README.md +++ b/contrib/nginx/README.md @@ -1,3 +1,18 @@ +### Basic auth in 5 seconds + +This guide shows you how to protect your cluster with "Basic Auth" which involves setting a username +and password. This method will prevent tampering but for production usage will also need TLS +enabling. Free TLS certificates can be generated with LetsEncrypt. + +Steps: + +* Generate a password file +* Push file into secret store +* Unexpose the gateway +* Create an Nginx proxy container with the new secret + +* Test it out. + ### Create a .htaccess: ``` @@ -39,12 +54,12 @@ q70h0nsj9odbtv12vrsijcutx openfaas_htpasswd 13 seconds a $ docker service update func_gateway --publish-rm 8080 ``` -### Build an Nginx container +### Build an Nginx container (optional) -Build gwnginx from contrib directory. +Build gwnginx from contrib directory if you need customizations. ``` -$ docker build -t gwnginx . +$ docker build -t alexellis/gwnginx:0.1 . ``` ### Launch nginx