docs: Adds section on how to configure basic auth

2025-11-05 15:31:06 +01:00
10 changed files with 10 additions and 55 deletions
--- a/.env.sample
+++ b/.env.sample
@ -10,7 +10,6 @@ LETS_ENCRYPT_EMAIL=certs@example.com
 # DASHBOARD_ENABLED=true
 # WARN, INFO etc.
 LOG_LEVEL=WARN
-LOG_MAX_AGE=1

 # This is here so later lines can extend it; you likely don't wanna edit
 COMPOSE_FILE="compose.yml"
@ -59,17 +58,6 @@ COMPOSE_FILE="compose.yml"
 #DIGITALOCEAN_ENABLED=1
 #SECRET_DIGITALOCEAN_AUTH_TOKEN_VERSION=v1

-## Azure, https://azure.com
-## To insert your Azure client secret:
-## abra app secret insert {myapp.example.coop} azure_secret v1 "<CLIENT_SECRET>"
-#COMPOSE_FILE="$COMPOSE_FILE:compose.azure.yml"
-#AZURE_ENABLED=1
-#AZURE_TENANT_ID=
-#AZURE_CLIENT_ID=
-#AZURE_SUBSCRIPTION_ID=
-#AZURE_RESOURCE_GROUP=
-#SECRET_AZURE_SECRET_VERSION=v1
-
 #####################################################################
 # Manual wildcard certificate insertion                             #
 #####################################################################
@ -163,7 +151,3 @@ COMPOSE_FILE="compose.yml"
 ## Matrix
 #COMPOSE_FILE="$COMPOSE_FILE:compose.irc.yml"
 #IRC_ENABLED=1
-
-## Garage
-#COMPOSE_FILE="$COMPOSE_FILE:compose.garage.yml"
-#GARAGE_RPC_ENABLED=1
--- a/README.md
+++ b/README.md
@ -23,6 +23,13 @@
   your Docker swarm box
 4. `abra app deploy YOURAPPDOMAIN`

+## Configuring basic auth
+
+1. Create the usersfile locally: `htpasswd -c usersfile <username>`
+2. Uncomment the Basic Auth section in your .env file
+3. Insert the secret: `abra app secret insert <domain> usersfile v1 -f usersfile
+4. Redploy you app: `abra app deploy -f <domain>`
+
 ## Configuring wildcard SSL using DNS

 Automatic certificate generation will Just Work™ for most recipes  which use a fixed
--- a/abra.sh
+++ b/abra.sh
@ -1,3 +1,3 @@
-export TRAEFIK_YML_VERSION=v24
+export TRAEFIK_YML_VERSION=v23
 export FILE_PROVIDER_YML_VERSION=v10
-export ENTRYPOINT_VERSION=v5
+export ENTRYPOINT_VERSION=v4
--- a/compose.azure.yml
+++ b/compose.azure.yml
@ -1,17 +0,0 @@
-version: "3.8"
-
-services:
-  app:
-    environment:
-      - AZURE_TENANT_ID
-      - AZURE_CLIENT_ID
-      - AZURE_SUBSCRIPTION_ID
-      - AZURE_RESOURCE_GROUP
-      - AZURE_CLIENT_SECRET_FILE=/run/secrets/azure_secret
-    secrets:
-      - azure_secret
-
-secrets:
-  azure_secret:
-    name: ${STACK_NAME}_azure_secret_${SECRET_AZURE_SECRET_VERSION}
-    external: true
--- a/compose.garage.yml
+++ b/compose.garage.yml
@ -1,7 +0,0 @@
-version: "3.8"
-services:
-  app:
-    environment:
-      - GARAGE_RPC_ENABLED
-    ports:
-      - "3901:3901"
--- a/compose.yml
+++ b/compose.yml
@ -27,7 +27,6 @@ services:
    environment:
      - DASHBOARD_ENABLED
      - LOG_LEVEL
-      - ${LOG_MAX_AGE:-0}
    healthcheck:
      test: ["CMD", "traefik", "healthcheck"]
      interval: 30s
@ -48,7 +47,7 @@ services:
        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
        - "traefik.http.routers.${STACK_NAME}.service=api@internal"
        - "traefik.http.routers.${STACK_NAME}.middlewares=security@file"
-        - "coop-cloud.${STACK_NAME}.version=3.6.2+v3.4.5"
+        - "coop-cloud.${STACK_NAME}.version=3.4.2+v3.4.5"
        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
        - "backupbot.backup=${ENABLE_BACKUPS:-true}"

--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@ -11,8 +11,4 @@ export OVH_APPLICATION_SECRET=$(cat "$OVH_APPLICATION_SECRET_FILE")
 export DO_AUTH_TOKEN=$(cat "$DO_AUTH_TOKEN_FILE")
 {{ end }}

-{{ if eq (env "AZURE_ENABLED") "1" }}
-export AZURE_CLIENT_SECRET=$(cat "$AZURE_CLIENT_SECRET_FILE")
-{{ end }}
-
 /entrypoint.sh "$@"
--- a/release/3.5.0+v3.4.5
+++ b/release/3.5.0+v3.4.5
@ -1 +0,0 @@
-Add support to azure DNS-01 acme challenge
--- a/release/3.6.0+v3.4.5
+++ b/release/3.6.0+v3.4.5
@ -1 +0,0 @@
-Expose log_max_age option. This option controls Traefik's maximum retention for log files in number of days. By default (when LOG_MAX_AGE=0), files are not removed based on age.
--- a/traefik.yml.tmpl
+++ b/traefik.yml.tmpl
@ -4,7 +4,6 @@ core:
 
 log:
  level: {{ env "LOG_LEVEL" }}
-  maxAge: {{ env "LOG_MAX_AGE" }}

 providers:
  swarm:
@ -37,10 +36,6 @@ entrypoints:
  gitea-ssh:
    address: ":2222"
  {{ end }}
-  {{ if eq (env "GARAGE_RPC_ENABLED") "1" }}
-  garage-rpc:
-    address: ":3901"
-  {{ end }}
  {{ if eq (env "FOODSOFT_SMTP_ENABLED") "1" }}
  foodsoft-smtp:
    address: ":2525"
				`@ -1 +0,0 @@`
				`Expose log_max_age option. This option controls Traefik's maximum retention for log files in number of days. By default (when LOG_MAX_AGE=0), files are not removed based on age.`