diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2022-07-19 10:26:53 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2022-07-19 11:55:51 +0000 |
commit | 116995274c49da63a9e18ec6a85423071e175280 (patch) | |
tree | fc3f80a704a017dcbc856003b4af944ae1af0f8f /debian/ttyd.README.Debian | |
parent | Updating to standards version 4.6.1. (diff) | |
download | ttyd-116995274c49da63a9e18ec6a85423071e175280.tar.xz ttyd-116995274c49da63a9e18ec6a85423071e175280.zip |
Adding apache2 reverse-proxy configuration.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/ttyd.README.Debian')
-rw-r--r-- | debian/ttyd.README.Debian | 59 |
1 files changed, 52 insertions, 7 deletions
diff --git a/debian/ttyd.README.Debian b/debian/ttyd.README.Debian index 9af0faa..25281ca 100644 --- a/debian/ttyd.README.Debian +++ b/debian/ttyd.README.Debian @@ -1,17 +1,62 @@ ttyd for Debian =============== - * After installing ttyd it will by default listen on http://localhost:7681 - in multi-user read-write "login"-mode: +1. Default configuration +------------------------ - - multi-user means that more than one user can connect at the same time. +After installing ttyd it will by default listen on http://localhost:7681 +in multi-user read-write "login"-mode: - - read-write means that anyone connecting to the website can input data. + * multi-user means that more than one user can connect at the same time. - - Login mode means that the user gets a login prompt (like getty) where - user and password has to be entered. + * read-write means that anyone connecting to the website can input data. - * Edit /etc/default/ttyd and check the ttyd(1) manpage for the exact options. + * Login mode means that the user gets a login prompt (like getty) where + user and password has to be entered. +Edit /etc/default/ttyd and check the ttyd(1) manpage for more information +about available options. + + +2. Reverse proxy +---------------- + +To make ttyd accessible on the network, it is advised to hide it behind a +reverse proxy that does TLS and performs user authentication. + +To enable the apache2 proxy configuration, the following modules and +configuration need to be enabled: + + * sudo a2enmod proxy proxy_http proxy_http2 proxy_wstunnel + + * sudo a2enconf ttyd + + * sudo service apache2 reload + +ttyd is then accessible as <http://example.org/ttyd>. + + +3. Apache authentication +------------------------ + +The apache reverse-proxy configuration automatically includes +/etc/ttyd/apache2-auth.conf, if existing, to protect access to '/ttyd'. + +There are some examples in /usr/share/doc/ttyd/examples that can be +used as starting point. + +To enable HTTP basic authentication, the following steps can be used: + + * sudo mkdir -p /etc/ttyd + + * sudo ln -s /usr/share/doc/ttyd/examples/apache2-authbasic-file.conf \ + /etc/ttyd/apache2-auth.conf + + * sudo htpasswd -c -b /etc/ttyd/htpasswd daniel password123 + + * sudo service apache2 reload + +This will allow the user 'daniel' to access ttyd with the password +'password123'. Further users can be added, see htpasswd(1). -- Daniel Baumann <daniel.baumann@progress-linux.org> Sun, 21 Feb 2021 17:19:20 +0100 |