ansible-inventories/arocom#2861 proposal to be able to allow password...

ansible-inventories/arocom#2861 proposal to be able to allow password protection for paths without the need for general password protection

ansible-inventories/arocom#2861 proposal to be able to allow password...
698398d4 · Eric Zillmann · 0550a759 · 698398d4
Commit 698398d4 authored 5 years ago by Eric Zillmann
--- a/templates/vhost.conf
+++ b/templates/vhost.conf
@@ -90,9 +90,17 @@
    AuthType {{ drupal_domain.apache_auth.type }}
    AuthName "{{ drupal_domain.apache_auth.name }}"
    AuthUserFile {{ webRoot }}/passwords/{{ drupal_domain.apache_auth.user }}
+    SetEnvIf RequestUri ^ NoAuth
+{% if drupal_domain.apache_auth.extra_users is defined %}
+{% for user in drupal_domain.apache_auth.extra_users %}
+{% if user.expression is defined %}
+    SetEnvIfExpr "{{ user.expression }}" !NoAuth
+{% endif %}
+{% endfor %}
+{% endif %}
 {% if drupal_domain.apache_auth.ips is defined %}
 {% for ip in drupal_domain.apache_auth.ips %}
-    SetEnvIF X-Forwarded-For ^{{ ip|regex_escape() }}$ AllowIP
+    SetEnvIf X-Forwarded-For ^{{ ip|regex_escape() }}$ AllowIP
 {% endfor %}
 {% endif %}
 {% if drupal_domain.apache_auth.extra_users is defined or drupal_domain.apache_auth.ips is defined %}
@@ -115,7 +123,7 @@
      Require ip {{ ip }}
 {% endfor %}
 {% endif %}
-      Require {% if drupal_domain.apache_auth.password is defined %}user {{ drupal_domain.apache_auth.user }}{% else %}all granted{% endif %}
+      Require {% if drupal_domain.apache_auth.password is defined %}user {{ drupal_domain.apache_auth.user }}{% else %}env NoAuth{% endif %}

    </RequireAny>
 {% else %}